Mededeling

Collapse
No announcement yet.

internetbrowsers starten niet op; nu ook laptop niet meer

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • internetbrowsers starten niet op; nu ook laptop niet meer

    Het begon met de internetbrowsers die niet meer wilden opstarten. Wel het draaiende cirkel maar verder niks. Daarna werd de laptop trager met opstarten en inmiddels start de laptop niet meer op in de normale modus. Nog wel in de beveiligde modus.

    Bijgevoegd de logs voordat opstarten helemaal niet meer lukte.

    Bedankt alvast voor jullie moeite en hulp.

    Met vriendelijke groet,

    Xap
    Bijgevoegde Bestanden

  • #2
    Hoi Xap en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub . ( INFO )
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Heb je deze richtlijnen gelezen en begrepen, mag je verder gaan.....



    Stap 1:

    Malware scannen en verwijderen....

    Start MBAM.
    Klik bovenin het scherm van Malwarebytes Anti-Malware op Scan.
    Kies in het scherm voor de BEDREIGINGS scan.
    Klik vervolgens op de knop Scan nu.

    Voor het scannen wordt er altijd eerst automatisch gecontroleerd of er updates van de virusdefinities beschikbaar zijn, indien er een update beschikbaar is, moet je deze eerst laten installeren.

    Wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijg je hier een overzicht van.
    Selecteer om allen in quarantaine te plaatsen.
    Bij de melding dat uw computer opnieuw opgestart moet worden klik je op Ja.

    Na herstart van de PC, indien Malwarebytes heeft gevraagd om de PC opnieuw op te starten, open Malwarebytes opnieuw.
    Klik de Historie knop bovenaan in het menu.
    Klik vervolgens op de optie programmalogboeken en selecteer het Scanlogboek wat u wilt exporteren. Dit is de laatste scan die je hebt gedaan (kan je zien aan de datum en tijd).
    Selecteer deze om te bekijken.
    In een nieuw venster dat zal openen zal je de resultaten van je scan zien.

    Onderaan, selecteer ofwel om te exporteren als tekstbestand en geef het tekstbestand een naam, bijvoorbeeld mbamlog.
    Ofwel kan je selecteren om te kopieren naar het klembord, zodat de inhoud van de log naar je klembord wordt gekopieerd en je die zo in je volgende post kan plakken.

    .___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scannen
    • Klik op Verwijderen
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent een logfile (C:\ AdwCleaner\AdwCleaner[xx].txt
    Post deze inhoud hier op het Forum.

    Enkel de log na de "Verwijderen" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in.
    Deze word standaard door AdwCleaner terug gezet naar Google.com
    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.


    ___________________________________________________________

    Stap 4:

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.


    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Scan Date: 5-8-2014
      Scan Time: 14:36:17
      Logfile: mbamlog.txt
      Administrator: Yes

      Version: 2.00.2.1012
      Malware Database: v2014.08.05.03
      Rootkit Database: v2014.08.04.01
      License: Free
      Malware Protection: Disabled
      Malicious Website Protection: Disabled
      Self-protection: Disabled

      OS: Windows 7 Service Pack 1
      CPU: x64
      File System: NTFS
      User: Indra

      Scan Type: Threat Scan
      Result: Completed
      Objects Scanned: 334029
      Time Elapsed: 32 min, 37 sec

      Memory: Enabled
      Startup: Enabled
      Filesystem: Enabled
      Archives: Enabled
      Rootkits: Disabled
      Heuristics: Enabled
      PUP: Enabled
      PUM: Enabled

      Processes: 3
      PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, 1252, Delete-on-Reboot, [4bacad15e19a67cf20e6f3e6000227d9]
      PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, 1468, Delete-on-Reboot, [4bacad15e19a67cf20e6f3e6000227d9]
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, 3536, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9]

      Modules: 12
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\TB\APISupport\APISupport.dll, Delete-on-Reboot, [37c08f335823c6701f855b6c7f83b44c],

      Registry Keys: 104
      PUP.Optional.SearchProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, Quarantined, [c136be0413688ea8d8717e18f60b857b],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard.1, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard.1, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, Quarantined, [f4038e342556eb4bae33bbe1837f09f7],
      PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [7e79932f1c5f16209824e67c4eb4ff01],
      PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Quarantined, [23d41ca696e545f1dd2be2f0917138c8],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Quarantined, [29cea31f463573c3833a2e07d72d4ab6],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Quarantined, [3dbae9d91c5f91a5aa5dede557ab6c94],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Quarantined, [896e07bbd0ab1d193b836acb25dfd12f],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Quarantined, [64933092a8d3a88e37cf815199693dc3],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Quarantined, [06f1645ebcbfbc7a605f9b9a2bd916ea],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Quarantined, [7e794b77d5a69d999169349db44e09f7],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Quarantined, [679005bd24576bcba51b64d162a24ab6],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Quarantined, [43b4a51d47348da9c833f0e1b74b649c],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Quarantined, [688fb40e671446f08d3433028e76bb45],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Quarantined, [f403dfe3057669cd31cb8051ba48dc24],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Quarantined, [0dea20a2077480b6d7eb51e4976dcf31],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Quarantined, [49ae19a9dba0b0868d7171600ff3b14f],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Quarantined, [b146348e7407979f05becd68966efd03],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, Quarantined, [49ae6c5605765fd7d9eb3bfafb098080],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Quarantined, [e017a919a8d3fe38e9167859c73b0af6],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Quarantined, [d1260bb7b2c98da9a71e48edc63ee917],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, Quarantined, [47b0655d9be0063052745fd633d1c739],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Quarantined, [23d4fac82e4ddb5bd42c4191c43e9a66],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Quarantined, [7e79972bea91c472aa1df34233d18e72],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Quarantined, [3fb89d256f0c70c6936ea72bb54df30d],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Quarantined, [e80fcaf85922e353d2f6161fa3612ed2],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, Quarantined, [c5323290235848ee9d2c7cb9c24260a0],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, Quarantined, [6394d6ecc0bb201619b15fd619eb4ab6],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Quarantined, [d621e0e20b7091a5eb17b022cc36f50b],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Quarantined, [2acd6e5491ea2a0c3d8e15202fd557a9],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Quarantined, [e314952d2f4ca294a162a13116ecaf51],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Quarantined, [e90e0bb7e19a86b0dbf188ad94701be5],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Quarantined, [47b0863c87f484b243c122b0b151e020],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Quarantined, [09eef3cfea9157df8c40c66ff1139d63],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exe, Quarantined, [9a5dbf03b7c472c47b527fb6c24235cb],
      Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Quarantined, [cf287949de9d40f60500cb07a9597090],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Quarantined, [599e833f9be040f606c82a0b57adf20e],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaro, Quarantined, [ce29ffc306757cba943be64f36ce0df3],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteera, Quarantined, [2dca962ca9d22f07b31d7bbad232fd03],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exe, Quarantined, [35c2a71b106ba0968f42e84d14f019e7],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exe, Quarantined, [e0173092abd00e280dc53ff6f4100000],
      PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Delete-on-Reboot, [07f0269c5328b284191226bb986a20e0],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Quarantined, [669160621665f73fb454686a3fc3c23e],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Quarantined, [9463a220daa11a1c2697ca6bda2aaf51],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Quarantined, [bf38a022433866d0af58d0029d65f40c],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Quarantined, [40b75a68bfbc6ec84678dc5972929c64],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Quarantined, [0deaa1211962a393a75fc909d929ae52],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Quarantined, [bb3c3191e99243f3e2ddf24352b2b64a],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Quarantined, [8d6acaf8c6b5ac8a35c5f9d851b1c63a],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Quarantined, [ae49a61c48333cfa328efa3b33d118e8],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Quarantined, [9166467ca9d2c76fd724c11019e948b8],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Quarantined, [94632a9891eab383e8d952e3887c55ab],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Quarantined, [9463903219620135f6064d84ff0338c8],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Quarantined, [77804f7398e323136d558ea7d133e719],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Quarantined, [64937d457cff37ffa35bc60b19e9d52b],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Quarantined, [9067428079022412467dd75e35cf2bd5],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, Quarantined, [797e0ab8a8d363d36d57b38229db6997],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Quarantined, [8d6ad6ecb8c3092d27d8ebe658aa6997],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Quarantined, [7b7c5c66126956e08a3bf441b4506e92],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, Quarantined, [04f33d856a11a492299d9f9607fdf907],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Quarantined, [698ead15f784ba7c8080a032d032c040],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Quarantined, [9b5cb210ccafdf577651e055857f6f91],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Quarantined, [31c67b475d1ee74f4db42ea4fc06e818],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Quarantined, [da1db60c9fdc1620933565d0a55f6b95],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, Quarantined, [886fa81ad7a45dd9ccfda095768e6d93],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, Quarantined, [f8ff52700774290dac1eae8722e23ac6],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Quarantined, [42b5279bfe7d9e989e64f6dc29d9b749],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Quarantined, [4aadb210bebd50e6ac1f0f265aaa7b85],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Quarantined, [e512ead86c0ff541b84b438f2ad84eb2],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Quarantined, [fbfc576b403b59ddf8d4a392e420b34d],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Quarantined, [93646a58671424121be9844ef30fad53],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Quarantined, [c2352b974b307fb7a42844f1788cb24e],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exe, Quarantined, [2ec9388a215ad75f38955dd8f50f0df3],
      Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Quarantined, [fcfbc7fbb9c2e452b253894951b1b54b],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, Quarantined, [35c2a81a84f7bb7b7a54b085e71dc838],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaro, Quarantined, [ba3dbc067b00c76f339cc86d12f24cb4],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteera, Quarantined, [43b4c5fd90ebef47755b9f96a55fba46],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exe, Quarantined, [45b28e348bf059dda42d02339272d927],
      PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exe, Quarantined, [8572ead86f0c16208b4723127e866997],
      PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, Quarantined, [cd2afac897e49d992b5e67738a78e21e],
      PUP.Optional.FastAndSafe, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\64af91bf, Quarantined, [bb3c932ff4871c1ab50bc0135ca606fa],
      PUP.Optional.Datamngr.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DatamngrCoordinator, Delete-on-Reboot, [4bacad15e19a67cf20e6f3e6000227d9],
      PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, Quarantined, [a05780424437eb4b56699142cb37f010],
      PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\bullvidmoviestoolbarha, Quarantined, [24d3cdf5a2d9b97d07cf04fa26dced13],
      PUP.Optional.DataMngr.A, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, Quarantined, [ab4c8a387a01aa8c6d9755bfc73d49b7],
      PUP.Optional.DataMngr.A, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Quarantined, [9562279b512aea4c4fb40c084eb66c94],
      PUP.Optional.ValueApps.A, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\ValueApps, Quarantined, [7681b012552681b5eb92a15df60ce21e],
      PUP.Optional.BProtector.A, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Quarantined, [fbfc3d850477bf775afb59be36ce4fb1],
      PUP.Optional.Softonic.A, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [21d603bffa8191a57fa39e4f956df709],
      PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\bullvidmoviestoolbarhaCR, Quarantined, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\bullvidmoviestoolbarhaIE, Quarantined, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A91196222, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],

      Registry Values: 6
      PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, Quarantined, [cd2afac897e49d992b5e67738a78e21e]
      PUP.Optional.DataMangr.A, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x86, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, Quarantined, [7582be04601bb086bcdb64d2b054ee12]
      PUP.Optional.DataMangr.A, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x64, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll, Quarantined, [b93e249e483359dd63340135ab59936d]
      PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, Quarantined, [a05780424437eb4b56699142cb37f010]
      PUP.BProtector, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [4daa09b94b30c076d92da76df01402fe]
      PUP.Optional.Conduit.A, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|APISupport, "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Indra\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport, Quarantined, [22d5952de39863d35f44697f7d85c739]

      Registry Data: 3
      PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll),Replaced,[46b103bfed8e53e3ef5ab6e0ff02fa06]
      PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll),Replaced,[de19734f5d1efd39e465722443be2cd4]
      PUP.Optional.Trovi.A, HKU\S-1-5-21-3921659366-193155852-3045559103-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.trovi.com/?gd=&ctid=CT332...A0&SSPV=&SSPV=, Good: (www.google.com), Bad: (http://www.trovi.com/?gd=&ctid=CT332...SPV=),Replaced,[29ce6b5785f668ce15b6f9bd55aff010]

      Folders: 61
      PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr, Delete-on-Reboot, [9760358dd2a94aec0a398396f80c916f],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, Delete-on-Reboot, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, Delete-on-Reboot, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, Delete-on-Reboot, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, Delete-on-Reboot, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Delete-on-Reboot, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, Delete-on-Reboot, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, Delete-on-Reboot, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, Quarantined, [6c8b942e2c4f0531da6227f78d778a76],
      Rogue.Multiple, C:\ProgramData\374311380, Quarantined, [1cdb962c0d6e51e57b33603f4db59a66],
      PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy, Quarantined, [b83f06bcbdbe44f20e43b2fd54ae4bb5],
      PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy\1A1C44250BC3427A873E0B52AFF289C6, Quarantined, [b83f06bcbdbe44f20e43b2fd54ae4bb5],
      PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy\C012B010B23B47BAB0FC2C2AEEDC13F4, Quarantined, [b83f06bcbdbe44f20e43b2fd54ae4bb5],
      PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy\D4979AD97C5C4ED282DA9F2EC1C3FCF4, Quarantined, [b83f06bcbdbe44f20e43b2fd54ae4bb5],
      PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy\E093C18CDFA14F74BF9E7E531ED8D284, Quarantined, [b83f06bcbdbe44f20e43b2fd54ae4bb5],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\GC, Quarantined, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib, Quarantined, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\modules, Quarantined, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\lib, Quarantined, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar, Quarantined, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\scripts, Quarantined, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js, Quarantined, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\components, Quarantined, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64, Delete-on-Reboot, [ef08d0f28dee7db9c5ce3976818127d9],
      PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Temp\CT3241951, Quarantined, [b443a220fb80f244ebdcd0df9171b749],
      PUP.Optional.Conduit, C:\Users\Indra\AppData\Local\TBHostSupport, Quarantined, [a4537151d9a257dff9cd446cb44e817f],
      PUP.Optional.MoviesToolBar.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\bullvidmoviestoolbarha, Quarantined, [8374fec4e398082e16e7249058aa46ba],
      PUP.Optional.Datamngr.A, C:\Users\Indra\AppData\LocalLow\DataMngr, Quarantined, [fbfc279b3c3fb6804777a80dac56a35d],
      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\LocalLow\BabylonToolbar, Quarantined, [61966f53c6b5b3839a8bf4cd5fa3e818],
      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\LocalLow\BabylonToolbar\BabylonToolbar, Quarantined, [61966f53c6b5b3839a8bf4cd5fa3e818],
      PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\SearchProtect, Delete-on-Reboot, [43b4fac8e8933cfa42df0bba12f06f91],
      PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\SearchProtect\SearchProtect, Delete-on-Reboot, [43b4fac8e8933cfa42df0bba12f06f91],
      PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\SearchProtect\SearchProtect\rep, Quarantined, [43b4fac8e8933cfa42df0bba12f06f91],
      PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\SearchProtect\SearchProtect\STG, Quarantined, [43b4fac8e8933cfa42df0bba12f06f91],
      PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\SearchProtect\UI, Quarantined, [43b4fac8e8933cfa42df0bba12f06f91],
      PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\SearchProtect\UI\rep, Quarantined, [43b4fac8e8933cfa42df0bba12f06f91],
      PUP.Optional.FastAndSafe.A, C:\ProgramData\Fast And Safe, Quarantined, [3cbb8d350774cd6957ba5b6b1ce6da26],
      PUP.Optional.Extutil.A, C:\Users\Indra\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Quarantined, [4ea9ebd71a61f73fb0d417b041c1da26],
      PUP.Optional.Managera.A, C:\Users\Indra\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Quarantined, [fcfbdce6b6c56ec86d18fccb43bf8080],
      PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\TB\APISupport, Delete-on-Reboot, [37c08f335823c6701f855b6c7f83b44c],
      PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\TB\APISupport\MiniSP_1.0.2.152, Quarantined, [37c08f335823c6701f855b6c7f83b44c],
      PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService, Quarantined, [8f68d1f14d2eea4cbcaca824679bf808],

      Comment


      • #4
        # AdwCleaner v3.302 - Rapport aangemaakt 05/08/2014 op 15:30:57
        # Laatste Update 30/07/2014 door Xplode
        # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
        # Gebruikersnaam : Indra - INDRA-HP
        # Gestart vanuit : C:\Users\Indra\Desktop\adwcleaner_3.302.exe
        # Optie : Verwijderen

        ***** [ Services ] *****


        ***** [ Bestanden / Mappen ] *****

        Map Verwijderd : C:\ProgramData\Tarma Installer
        Map Verwijderd : C:\Program Files (x86)\Babylon
        Map Verwijderd : C:\Program Files (x86)\file scout
        Map Verwijderd : C:\Program Files (x86)\Movies Toolbar
        Map Verwijderd : C:\Program Files\Babylon
        Map Verwijderd : C:\Users\Indra\AppData\Local\Conduit
        Map Verwijderd : C:\Users\Indra\AppData\Local\NativeMessaging
        Map Verwijderd : C:\Users\Indra\AppData\Local\WhiteListing
        Map Verwijderd : C:\Users\Indra\AppData\LocalLow\Conduit
        Map Verwijderd : C:\Users\Indra\AppData\Roaming\PerformerSoft
        Map Verwijderd : C:\Users\Indra\Documents\Optimizer Pro
        Map Verwijderd : C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf
        Bestand Verwijderd : C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\Extensions\staged\[email protected] ntoo.com.xpi
        Bestand Verwijderd : C:\Users\Indra\AppData\Local\Temp\Uninstall.exe
        Bestand Verwijderd : C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\searchplugins\bingp.xml
        Bestand Verwijderd : C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\searchplugins\mngr.xml
        Bestand Verwijderd : C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js

        ***** [ Taken ] *****

        Taak Verwijderd : Optimizer Pro Schedule

        ***** [ Snelkoppelingen ] *****


        ***** [ Register ] *****

        Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
        Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf
        Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
        Sleutel Verwijderd : HKCU\Software\5aed9ddbc6abe10
        Sleutel Verwijderd : HKLM\SOFTWARE\5aed9ddbc6abe10
        Sleutel Verwijderd : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
        Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
        Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
        Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
        Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
        Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
        Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
        Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
        Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
        Sleutel Verwijderd : HKCU\Software\APN DTX
        Sleutel Verwijderd : HKCU\Software\Conduit
        Sleutel Verwijderd : HKCU\Software\filescout
        Sleutel Verwijderd : HKCU\Software\Optimizer Pro
        Sleutel Verwijderd : HKCU\Software\Softonic
        Sleutel Verwijderd : HKCU\Software\torch
        Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
        Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit
        Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
        Sleutel Verwijderd : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
        Sleutel Verwijderd : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
        Sleutel Verwijderd : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
        Sleutel Verwijderd : HKLM\Software\torch
        Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Tarma Installer

        ***** [ Browsers ] *****

        -\\ Internet Explorer v11.0.9600.17207


        -\\ Mozilla Firefox v

        [ Bestand : C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js ]

        Regel verwijderd : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/home?affID=17425&tt=4812_4");
        Regel verwijderd : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");

        -\\ Google Chrome v36.0.1985.125

        [ Bestand : C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\preferences ]

        Verwijderd [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=116254&tt=4712_7&babsrc=SP_ss&mntrId=18748fba00000000000008edb95c4b2a
        Verwijderd [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=165&systemid=446&v=a13350-316&apn_uid=8100560824584301&apn_dtid=BND446&o=APN10651 &apn_ptnrs=AG9&q={searchTerms}
        Verwijderd [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=BAE219D6-A65E-49EC-BAE8-FF015048E3C0&n=780b66b5&ind=2014013109&p2=^AYY^xdm102^YYA^nl&si=pconverter
        Verwijderd [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M5A83ED53-7607-478A-ACC3-495675AE23F8&SearchSource=58&CUI=&UM=6&UP=SP3B1B5F43-0C1D-46E8-8221-8AF6379E48A0&q={searchTerms}&SSPV=&SSPV=
        Verwijderd [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
        Verwijderd [Extension] : flpcjncodpafbgdpnkljologafpionhb
        Verwijderd [Extension] : meinjhkhgaalhfbinmclpmjikccbplkf

        *************************

        AdwCleaner[R0].txt - [7985 octets] - [05/08/2014 15:29:11]
        AdwCleaner[S0].txt - [7182 octets] - [05/08/2014 15:30:57]

        ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7242 octets] ##########

        Comment


        • #5
          DDS (Ver_2012-11-20.01) - NTFS_AMD64
          Internet Explorer: 11.0.9600.17207
          Run by Indra at 15:36:47 on 2014-08-05
          Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6042.4109 [GMT 2:00]
          .
          AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
          SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
          .
          ============== Running Processes ===============
          .
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          C:\Windows\system32\svchost.exe -k RPCSS
          c:\Program Files\Microsoft Security Client\MsMpEng.exe
          C:\Windows\system32\atiesrxx.exe
          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
          C:\Windows\system32\svchost.exe -k LocalService
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Program Files\IDT\WDM\STacSV64.exe
          C:\Windows\system32\svchost.exe -k GPSvcGroup
          C:\Windows\system32\Hpservice.exe
          C:\Windows\system32\atieclxx.exe
          C:\Windows\system32\svchost.exe -k NetworkService
          C:\Windows\System32\spoolsv.exe
          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
          C:\Windows\system32\taskeng.exe
          C:\Windows\system32\taskhost.exe
          C:\Windows\system32\Dwm.exe
          C:\Windows\Explorer.EXE
          C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
          C:\Windows\SysWOW64\ezSharedSvcHost.exe
          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
          C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
          C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
          C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
          C:\Program Files\Intel\iCLS Client\HeciServer.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
          C:\Windows\system32\svchost.exe -k imgsvc
          C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
          C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
          c:\Program Files\Microsoft Security Client\NisSrv.exe
          C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
          C:\Windows\servicing\TrustedInstaller.exe
          C:\Windows\System32\rundll32.exe
          C:\Windows\system32\taskeng.exe
          C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
          C:\Windows\System32\hkcmd.exe
          C:\Windows\System32\igfxpers.exe
          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
          C:\Program Files\Microsoft IntelliPoint\ipoint.exe
          C:\Program Files\Microsoft Security Client\msseces.exe
          C:\Program Files\IDT\WDM\sttray64.exe
          C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
          C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
          C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
          C:\Program Files (x86)\Google\Drive\googledrivesync.exe
          C:\Program Files (x86)\Skype\Phone\Skype.exe
          C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
          C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
          C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
          C:\Windows\system32\SearchIndexer.exe
          C:\Program Files\Windows Media Player\wmpnetwk.exe
          C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
          C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
          C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
          C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
          C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
          C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
          C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
          C:\Users\Indra\AppData\Roaming\Dropbox\bin\Dropbox.exe
          C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
          C:\Program Files (x86)\Google\Drive\googledrivesync.exe
          C:\Windows\splwow64.exe
          C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
          C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
          C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
          C:\Windows\System32\svchost.exe -k LocalServicePeerNet
          C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
          C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
          C:\Windows\system32\sppsvc.exe
          C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Windows\System32\cscript.exe
          .
          ============== Pseudo HJT Report ===============
          .
          uStart Page = www.google.com
          mWinlogon: Userinit = userinit.exe,
          BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
          BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          BHO: Movies Toolbar(Dist. by Koyote-Lab, Inc.): {914a2205-0c1a-41cf-83cc-7e49032c7726} -
          BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
          BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
          BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
          BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
          TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
          TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
          TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
          TB: Movies Toolbar(Dist. by Koyote-Lab, Inc.): {914a2205-0c1a-41cf-83cc-7e49032c7726} -
          EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
          uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
          uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
          mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
          mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
          mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
          mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
          mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
          mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
          mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
          mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
          mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
          mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
          mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
          mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
          StartupFolder: C:\Users\Indra\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Indra\AppData\Roaming\Dropbox\bin\Dropbox.exe
          StartupFolder: C:\Users\Indra\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
          mPolicies-Explorer: NoActiveDesktop = dword:1
          mPolicies-Explorer: NoActiveDesktopChanges = dword:1
          mPolicies-Explorer: EnableShellExecuteHooks = dword:1
          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
          mPolicies-System: ConsentPromptBehaviorUser = dword:3
          mPolicies-System: EnableUIADesktopToggle = dword:0
          mPolicies-System: HideFastUserSwitching = dword:0
          IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
          IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
          IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
          IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
          IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
          IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
          IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
          IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
          IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
          IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
          IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
          TCP: NameServer = 192.168.2.254
          TCP: Interfaces\{A0180A88-E954-41E5-A3AB-21BD04097871} : DHCPNameServer = 90.145.32.32 90.145.32.33
          TCP: Interfaces\{B63498AB-3313-477E-B30C-3819F0272C52} : DHCPNameServer = 192.168.2.254
          TCP: Interfaces\{B63498AB-3313-477E-B30C-3819F0272C52}\044525555475946494 : DHCPNameServer = 10.42.254.42 10.42.254.2
          TCP: Interfaces\{B63498AB-3313-477E-B30C-3819F0272C52}\0516C616A7A7F602D4F6E64756D616274796E696 : DHCPNameServer = 192.168.2.1
          Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
          Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
          Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
          SSODL: WebCheck - <orphaned>
          SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
          mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
          mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
          x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
          x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
          x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
          x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
          x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
          x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
          x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
          x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
          x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
          x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
          x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
          x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
          x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
          x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
          x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
          x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
          x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
          x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
          x64-Notify: igfxcui - igfxdev.dll
          x64-SSODL: WebCheck - <orphaned>
          .
          ============= SERVICES / DRIVERS ===============
          .
          R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-1-18 31360]
          R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;C:\Windows\System32\drivers\iusb3hcs.sys [2013-6-2 16152]
          R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
          R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-1-18 235520]
          R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
          R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
          R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
          R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
          R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
          R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-3 13592]
          R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
          R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-3 128280]
          R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-3 161560]
          R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 133928]
          R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-3 363800]
          R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
          R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
          R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-1-6 14652768]
          R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;C:\Windows\System32\drivers\iusb3hub.sys [2013-6-2 355096]
          R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;C:\Windows\System32\drivers\iusb3xhc.sys [2013-6-2 786200]
          R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176]
          R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
          R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-3 565352]
          R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2013-6-2 21264]
          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
          S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
          S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-4 1038088]
          S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
          S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-10 111616]
          S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]
          S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-5-3 258664]
          S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
          S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
          S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-19 56832]
          S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-27 30208]
          S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-20 1255736]
          S3 WSDScan;Ondersteuning voor WSD-scan via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
          S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
          .
          =============== Created Last 30 ================
          .
          2014-08-05 13:30:02 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
          2014-08-05 13:29:05 -------- d-----w- C:\AdwCleaner
          2014-08-05 12:34:56 10924376 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2993ED3-0DB0-4C30-A9E0-F42EA3E0CCE7}\mpengine.dll
          2014-08-03 17:57:22 -------- d-----w- C:\Program Files\trend micro
          2014-08-03 14:50:58 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
          2014-08-03 14:50:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
          2014-08-03 14:50:00 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
          2014-08-03 14:50:00 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
          2014-08-03 14:50:00 -------- d-----w- C:\ProgramData\Malwarebytes
          2014-08-03 14:50:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
          2014-08-03 13:55:12 -------- d-----w- C:\Users\Indra\AppData\Roaming\Nico Mak Computing
          2014-08-03 13:14:17 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{26FFB971-70D7-4ABB-A367-D33871086381}\gapaengine.dll
          2014-08-03 13:13:23 10924376 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
          2014-07-17 08:13:09 -------- d-sh--w- C:\Users\Indra\AppData\Local\EmieUserList
          2014-07-17 08:13:09 -------- d-sh--w- C:\Users\Indra\AppData\Local\EmieSiteList
          2014-07-17 08:04:03 -------- d--h--w- C:\Windows\msdownld.tmp
          2014-07-10 19:58:07 -------- d-----w- C:\Users\Indra\AppData\Roaming\rmi
          2014-07-10 19:57:48 -------- d-----w- C:\Users\Indra\AppData\Roaming\rmc
          2014-07-10 19:56:38 -------- d-----w- C:\Users\Indra\AppData\Local\Programs
          2014-07-10 18:50:14 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
          2014-07-10 18:50:12 1354240 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
          2014-07-10 18:49:31 646144 ----a-w- C:\Windows\SysWow64\osk.exe
          2014-07-10 18:49:29 3157504 ----a-w- C:\Windows\System32\win32k.sys
          2014-07-10 18:49:28 449024 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll
          2014-07-10 18:49:27 692736 ----a-w- C:\Windows\System32\osk.exe
          2014-07-10 18:49:24 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
          2014-07-10 18:49:23 624128 ----a-w- C:\Windows\System32\qedit.dll
          2014-07-10 18:49:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
          2014-07-10 05:26:56 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
          2014-07-10 05:26:55 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
          2014-07-10 05:26:55 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
          .
          ==================== Find3M ====================
          .
          2014-07-09 12:34:23 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
          2014-07-09 12:34:23 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
          2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
          2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
          2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll
          2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll
          2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
          2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
          2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
          2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
          2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
          2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
          2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
          2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
          2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll
          2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
          2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
          2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
          2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
          2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
          2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
          2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
          2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
          2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
          2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll
          2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
          2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
          2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
          2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll
          2014-06-08 09:13:05 506368 ----a-w- C:\Windows\System32\aepdu.dll
          2014-06-08 09:08:04 424448 ----a-w- C:\Windows\System32\aeinv.dll
          2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
          2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
          .
          ============= FINISH: 15:39:33,78 ===============

          Comment


          • #6
            Results of screen317's Security Check version 0.99.86
            Windows 7 Service Pack 1 x64 (UAC is enabled)
            Internet Explorer 11
            ``````````````Antivirus/Firewall Check:``````````````
            Microsoft Security Essentials
            Antivirus up to date!
            `````````Anti-malware/Other Utilities Check:`````````
            Adobe Flash Player 14.0.0.145
            Adobe Reader 10.1.10 Adobe Reader out of Date!
            Google Chrome 35.0.1916.153
            Google Chrome 36.0.1985.125
            ````````Process Check: objlist.exe by Laurent````````
            Microsoft Security Essentials MSMpEng.exe
            Microsoft Security Essentials msseces.exe
            `````````````````System Health check`````````````````
            Total Fragmentation on Drive C: 0%
            ````````````````````End of Log``````````````````````

            Comment


            • #7
              Beste Emphyrio,

              In de post staat alleen het 1e deel van het mbamlogje. Bij het 2e deel krijg ik de foutmelding dat de post meer dan de toegestane afbeeldingen en/of video's bevat?
              Hoe krijg ik nou dit 2e deel bij jou, zodat je het complete mbamlog hebt?

              Xap

              Comment


              • #8
                In stukjes posten
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Okay, ik vroeg het alleen om het overzichtelijker te houden. Hierbij het 2e deel van mbamlog in stukjes.

                  Files: 237
                  PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, , [d793269b1e5d4cea6a9b8016fb062bd5],
                  PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, , [6ffb9c250873c96d7491aceaf110a957],
                  PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, , [ef7bfac70f6c41f55aab3462cb3604fc],
                  PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll, , [d892269b116a6fc7df26f5a1f40dda26],
                  PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, , [0763348d44373ff73ec78a0ca25f1de3],
                  PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, , [aac03889e497e452ec1950463ac77789],
                  PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll, , [98d22d94c7b44fe73a1d712ae1217f81],
                  PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll, , [98d22d94c7b44fe73a1d712ae1217f81],
                  PUP.Optional.Conduit, C:\Users\Indra\AppData\Local\TB\APISupport\MiniSP_1.0.2.152\MiniSP.dll, , [15551da4f18a6dc9982bccc107fa16ea],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Conduit\APISupport\APISupport_2.0.1.3\ApiSupport.dll, , [6cfef3cec3b891a53c9a152fee12c838],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.93\MiniSP.dll, , [5416c7fa2f4cf73f1d51db6a5da350b0],
                  PUP.BundleInstaller.SOL, C:\Users\Indra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V40XMIHH\adobe photoshop.exe, , [a4c60cb58af1bb7b6eb57b3ab44c27d9],
                  PUP.Optional.FileScout.A, C:\Users\Indra\AppData\Local\Temp\8AE5.tmp, , [d991fec3b8c3d4624737040d689909f7],
                  PUP.Optional.Yontoo.A, C:\Users\Indra\AppData\Local\Temp\YontooSetup-S.exe, , [86e448796f0c0a2c0b17c8598c7435cb],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Temp\nsa1816.exe, , [9bcfdbe6304ba690f0f0800b37ca54ac],
                  PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\Temp\nsfA160.tmp, , [8cde6c55245791a5a3624353ad54b050],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Temp\nsg85EA.exe, , [f773bc05a0db1620fae63d4e21e0bb45],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Temp\nsg8EC1.exe, , [9bcfdbe60873c4721dc3fe8d0cf5b34d],
                  PUP.Optional.FileScout.A, C:\Users\Indra\AppData\Local\Temp\DBB2.tmp, , [c1a98b367cffdb5b8bf359b881800df3],
                  PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\Temp\SPSetup.exe, , [680289387efd81b5b84d9204ac55fe02],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Temp\nsq2061.exe, , [98d2fcc53d3e9d9921bfd6b5a75a3ec2],
                  PUP.Optional.MindSpark.A, C:\Users\Indra\AppData\Local\Temp\pfkA5DD.tmp\UPDATER.EXE, , [bcae20a1c4b7a29410221c5fa35e40c0],
                  PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Local\Temp\9A04C70A-BAB0-7891-B724-ADDFFC7CDC88\Setup.exe, , [0b5f10b1bdbeba7cbd1d0c12629efd03],
                  PUP.Optional.BabylonToolBar.A, C:\Users\Indra\AppData\Local\Temp\9A04C70A-BAB0-7891-B724-ADDFFC7CDC88\Latest\MyBabylonTB.exe, , [83e78f3263183df9c06e998828d9c63a],
                  PUP.Optional.OpenCandy.A, C:\Users\Indra\AppData\Roaming\OpenCandy\1A1C44250BC3427A873E0B52AFF289C6\dlm.exe, , [0b5fbd043e3d999d26cb83a57f82748c],
                  PUP.Optional.OpenCandy.A, C:\Users\Indra\AppData\Roaming\OpenCandy\C012B010B23B47BAB0FC2C2AEEDC13F4\dlm.exe, , [aac08e33d2a9b482559ca682b74a2ad6],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Roaming\OpenCandy\E093C18CDFA14F74BF9E7E531ED8D284\sp-downloader.exe, , [b9b140812a5114224ee1180e00018a76],
                  PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\rmc\offer.exe, , [165405bc2e4d24126434746f0bf9e41c],
                  PUP.Optional.Opencandy, C:\Users\Indra\AppData\Roaming\rmi\offer_downloader.exe, , [4d1dcdf40774cd69e934530ce81ae11f],
                  Trojan.Agent.CK, C:\Users\Indra\Desktop\bestanden HD\Software\Adobe CS4\Adobe CS4 Master Collection Keygen.exe, , [551515ac82f91620b3e93ab57a875ca4],
                  PUP.Optional.Conduit.A, C:\Users\Indra\Downloads\FileConverter_1.4.exe, , [de8c5170dd9ee74f839390c4a45de917],
                  PUP.Optional.Softonic.A, C:\Users\Indra\Downloads\SoftonicDownloader_voor_samsung-kies (1).exe, , [2941a31eee8db5812194c26716eb55ab],
                  PUP.Optional.Softonic.A, C:\Users\Indra\Downloads\SoftonicDownloader_voor_samsung-kies.exe, , [c0aaf6cb6d0e3df9595cf930a9587090],
                  PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll, , [bcae3988502bf93d2adb7d19aa578d73],
                  PUP.Optional.Conduit.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, , [d09a8140a6d544f2657b533888795ea2],
                  PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe, , [a7c3a31e3d3e4bebda2bb8de49b88977],
                  PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll, , [f278437eeb9086b0d82df79fce33fe02],
                  PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, , [4822992829526bcb2dd82e68ec1529d7],
                  PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [5a10a61bc5b65cda8c6377a9a65ab848],
                  PUP.Optional.Conduit.A, C:\Windows\Temp\nsdB3FE.exe, , [630750716219ab8b429ecebd827f4ab6],
                  PUP.Optional.Conduit.A, C:\Windows\Temp\nsi702A.exe, , [f179d9e87407cc6a34ac3f4ca35e629e],
                  PUP.Optional.Conduit.A, C:\Windows\Temp\nsn388C.exe, , [6efc853cf883ac8aeef23c4f61a0d12f],
                  PUP.Optional.Conduit.A, C:\Windows\Temp\nsxB63.exe, , [1c4e556c99e21a1c3ba537546a97619f],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.conduitapps.com_0.localstorage, , [1555d3ee0f6c7eb8bc6df4ed3dc5d729],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_facebook.conduitapps.com_0.localstorage-journal, , [0b5f833e4c2f0d2988a12fb209f9aa56],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage, , [175315acf982c47279d2d80bfc067b85],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal, , [4822d3ee29522214ed5e31b248baa957],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage, , [76f4279aeb9089ad75d883602cd6b34d],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage-journal, , [90da9b26bebd1e18f15c2cb7e121f50b],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.vaccint.com_0.localstorage, , [5c0e4879dc9f6ec8f4fb6e75f210cf31],
                  PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.vaccint.com_0.localstorage-journal, , [d595dee38af10f27925d9c47aa58bf41],
                  PUP.Optional.MindSpark.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage, , [9ccee7daa2d9c3731603727539c9f010],
                  PUP.Optional.MindSpark.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage-journal, , [244621a02f4c43f34acfd314af53b54b],
                  PUP.Optional.Babylon.A, C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml, , [bab0f3ced7a4f343aa3f35c0b64ccb35],
                  PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\coordinator.cfg, , [1654427f81fa3bfb9d49888e7d8711ef],
                  PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\general.cfg, , [1654427f81fa3bfb9d49888e7d8711ef],
                  PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\S-1-5-21-3921659366-193155852-3045559103-1000.cfg, , [1654427f81fa3bfb9d49888e7d8711ef],
                  PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\S-1-5-32.cfg, , [1654427f81fa3bfb9d49888e7d8711ef],

                  Comment


                  • #10
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, , [eb7f526fc3b8b08614cb26f5c143e917],
                    PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [c6a4d5ecea91171f2f7909cd778b02fe],
                    PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy\1A1C44250BC3427A873E0B52AFF289C6\47A647BD-4905-48C7-9539-A95F199019A4, , [d09ad1f0bbc037ff08be8627cc3644bc],
                    PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy\1A1C44250BC3427A873E0B52AFF289C6\B8DCC36F-4F05-445F-B1EE-FD8FC38CBBDA, , [d09ad1f0bbc037ff08be8627cc3644bc],
                    PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy\C012B010B23B47BAB0FC2C2AEEDC13F4\7638.ico, , [d09ad1f0bbc037ff08be8627cc3644bc],
                    PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy\C012B010B23B47BAB0FC2C2AEEDC13F4\chrometest3.html, , [d09ad1f0bbc037ff08be8627cc3644bc],
                    PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy\C012B010B23B47BAB0FC2C2AEEDC13F4\PasswordBoxCHSTORE_p1v3.ex e, , [d09ad1f0bbc037ff08be8627cc3644bc],
                    PUP.Optional.OpenCandy, C:\Users\Indra\AppData\Roaming\OpenCandy\D4979AD97C5C4ED282DA9F2EC1C3FCF4\OptimizerPro.exe, , [d09ad1f0bbc037ff08be8627cc3644bc],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_LL_nsa7546.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\favicon.ico, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Helper.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Internet Explorer Settings.exe, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr_u.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\setmgrc2.cfg, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\GC\install.ico, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\GC\uninstall.exe, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\install.ico, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\uninstall.exe, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\__searchresultsDx.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\__searchresultstb.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\custom.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\vmncode.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\custom.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\external.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\modules\nsDragAndDrop.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\locale.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\lib\en.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\de.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\en.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\es.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\fr.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\it.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\gameData.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\scripts\defscript.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\default.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.tinyscrollbar.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.tinyscrollbar.min.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.uniform.min.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.url.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\components\windowmediator.js, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_LL_nsa7546.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr_u.dll, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc2.cfg, , [016900c1f88371c517f1733b0ff38779],
                    PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Temp\CT3241951\CT3241951.txt, , [2248d8e92f4c4de9003c9e102dd5fb05],
                    PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Temp\CT3241951\ddt.csf, , [2248d8e92f4c4de9003c9e102dd5fb05],
                    PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Temp\CT3241951\dtime.csf, , [2248d8e92f4c4de9003c9e102dd5fb05],
                    PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Temp\CT3241951\initData.json, , [2248d8e92f4c4de9003c9e102dd5fb05],
                    PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\Temp\CT3241951\manifest.json, , [2248d8e92f4c4de9003c9e102dd5fb05],
                    PUP.Optional.Conduit, C:\Users\Indra\AppData\Local\TBHostSupport\TBHostSupport.dll, , [7cee2c95512af93dc378d8d7af539e62],
                    PUP.Optional.Conduit, C:\Users\Indra\AppData\Local\TBHostSupport\TBHostSupport_0.dll, , [7cee2c95512af93dc378d8d7af539e62],
                    PUP.Optional.MoviesToolBar.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\bullvidmoviestoolbarha\apnu serid.dat, , [3a307f42780344f25b19a31040c25da3],
                    PUP.Optional.MoviesToolBar.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\bullvidmoviestoolbarha\appi d.dat, , [3a307f42780344f25b19a31040c25da3],
                    PUP.Optional.MoviesToolBar.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\bullvidmoviestoolbarha\geod ata.xml, , [3a307f42780344f25b19a31040c25da3],
                    PUP.Optional.MoviesToolBar.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\bullvidmoviestoolbarha\setu pCfg.xml, , [3a307f42780344f25b19a31040c25da3],
                    PUP.Optional.MoviesToolBar.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\bullvidmoviestoolbarha\sysi d.dat, , [3a307f42780344f25b19a31040c25da3],
                    PUP.Optional.MoviesToolBar.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\bullvidmoviestoolbarha\trac kid.dat, , [3a307f42780344f25b19a31040c25da3],
                    PUP.Optional.Datamngr.A, C:\Users\Indra\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}64, , [105a7f42fe7d52e4979f456f2ed420e0],
                    PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, , [78f21da40d6e54e2108c12b116ec02fe],
                    PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, , [78f21da40d6e54e2108c12b116ec02fe],
                    PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, , [78f21da40d6e54e2108c12b116ec02fe],
                    PUP.Optional.SearchProtect.A, C:\Users\Indra\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, , [78f21da40d6e54e2108c12b116ec02fe],

                    Comment


                    • #11
                      PUP.Optional.FastAndSafe.A, C:\ProgramData\Fast And Safe\FastAndSafe.dll, , [2d3d932ef289d85e424af4d006fc06fa],
                      PUP.Optional.FastAndSafe.A, C:\ProgramData\Fast And Safe\FastAndSafeSvc.dll, , [2d3d932ef289d85e424af4d006fc06fa],
                      PUP.Optional.FastAndSafe.A, C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll, , [2d3d932ef289d85e424af4d006fc06fa],
                      PUP.Optional.Extutil.A, C:\Users\Indra\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, , [beac536e7dfe280e4db204c156ac51af],
                      PUP.Optional.Extutil.A, C:\Users\Indra\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, , [beac536e7dfe280e4db204c156ac51af],
                      PUP.Optional.Extutil.A, C:\Users\Indra\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, , [beac536e7dfe280e4db204c156ac51af],
                      PUP.Optional.Managera.A, C:\Users\Indra\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, , [79f178492952cc6aa35d8343867cff01],
                      PUP.Optional.Managera.A, C:\Users\Indra\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, , [79f178492952cc6aa35d8343867cff01],
                      PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\TB\APISupport\APISupport.dll, , [2248e2dfabd01c1a65ba4d7916ec7e82],
                      PUP.Optional.Conduit.A, C:\Users\Indra\AppData\Local\TB\APISupport\APISupport.old, , [2248e2dfabd01c1a65ba4d7916ec7e82],
                      PUP.Optional.IBUpdater.A, C:\ProgramData\IBUpdaterService\repository.xml, , [214939887efddb5b0dd6aa20b94907f9],
                      PUP.Optional.Trovi.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.search.ask.com/?o=APN10651A&gct=hp&d=446-165&v=n12284-316&t=4", "http://www.search.ask.com/?o=APN10651A&gct=hp&d=446-165&v=a13350-316&t=4", "http://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M5A83ED53-7607-478A-ACC3-495675AE23F8&SearchSource=55&CUI=&UM=6&UP=SP3B1B5F43-0C1D-46E8-8221-8AF6379E48A0&SSPV=&SSPV=" ],), ,[72f8546dea912a0cc98dc6284bb99868]
                      PUP.Optional.ASK.A, C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://www.search.ask.com/?o=APN10651A&gct=hp&d=446-165&v=n12284-316&t=4",), ,[f377a1207cff9e98b58cf7f849bbbf41]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.admin", false), ,[1f4b972ae4972a0c299b747a2cd8d12f]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.aflt", "babsst"), ,[d7930cb5d0ab46f0cbf9a94529dbd729]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"), ,[1a503e83483311259a2a4ba39e664eb2]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.dfltLng", "en"), ,[4228f7ca7ffc86b01ca8a648b64e37c9]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.excTlbr", false), ,[2149467b027954e2b41003eb3cc807f9]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.id", "18748fba00000000000008edb95c4b2a"), ,[3436774abebdbc7a4c78a64811f319e7]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.instlDay", "15671"), ,[591116ab6d0e44f2556fcb2364a037c9]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.instlRef", "na"), ,[4822bf02b6c5f1453d87b33b699b926e]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"), ,[84e6447d4f2c2610883c00ee31d3639d]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.prtnrId", "babylon"), ,[e3876859057653e383414ea0aa5a6f91]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.tlbrId", "irhnew"), ,[b4b6edd428532115efd57579c53f659b]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=18748fba00000000000008edb95c4b2a&q="), ,[2c3e467b5823aa8cf9cbc92554b0cb35]
                      PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"), ,[f4764e73c6b557dff6cec7271ee634cc]
                      Last edited by Xap; 06-08-14, 11:37.

                      Comment


                      • #12
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"), ,[75f5645d7cfff34309bb9f4ff41044bc]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.newTab", true), ,[f9717b46710aec4af5cfbf2f0df7619f]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://search.babylon.com/?affID=17425&tt=4812_4&babsrc=NT_def"), ,[a1c9ffc279028caa952f0ce283817888]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.smplGrp", "none"), ,[da90d6eb1962082ef7cd7a748b79b34d]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.815:50:03"), ,[4b1fd6eb42397fb7f2d240aeb74db44c]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=18748fba00000000000008edb95c4b2a&q="), ,[7bef5b66ed8e02349da986680df7d62a]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.id", "18748fba00000000000008edb95c4b2a"), ,[4327c3fee3985fd7073f5b93b94b20e0]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"), ,[81e97948cdae69cd380e04ea53b1ba46]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.instlDay", "15671"), ,[1654358c9edd90a6271fcc22fa0a916f]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"), ,[56143988b6c5c175a0a6c22ca55faa56]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"), ,[0e5c1aa7e398c96de75f8b6361a3ce32]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.815:50:03"), ,[eb7f259ce09b80b6083e925c9f656799]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.prtnrId", "babylon"), ,[bfab6d54790243f39da949a52dd7f20e]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"), ,[026849780e6d2c0a4105648afb09629e]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.aflt", "babsst"), ,[5e0cb0117803171fac9a77778381a759]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.smplGrp", "none"), ,[7af02d940f6cf83e8db945a97391bd43]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.tlbrId", "irhnew"), ,[21493c853348d561bb8ba648cd37639d]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.instlRef", "na"), ,[7ded754cfe7d0135a1a5b5398282a65a]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.dfltLng", "en"), ,[a7c307ba037888ae6ed84ea0b153ca36]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.excTlbr", false), ,[94d6833e6c0f5bdb2f17ba34838115eb]
                        PUP.Optional.Babylon.A, C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\jgvzp0bq.default\user.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.admin", false), ,[b6b4348d780301353a0c7c7225df34cc]

                        Physical Sectors: 0
                        (No malicious items detected)


                        (end)
                        Last edited by Xap; 06-08-14, 11:37.

                        Comment


                        • #13
                          Download of Update Ccleaner

                          Start CCleaner op.
                          • Run Ccleaner en klik in de linkse kolom op Opties
                          • Selecteer het tabblad Geavanceerd
                          • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                          • Selecteer het tabblad Instellingen
                          • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                          • Klik in de linkse kolom op Cleaner.
                          • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                          • Klik vervolgens in de linkse kolom op Register
                          • Klik op Scan naar problemen.
                          • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                          • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                          .
                          Download Combofix naar je bureaublad.
                          (Dus niet naar een download map of temp map)

                          Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                          Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

                          Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

                          Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                          Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                          Als Combofix vraagt om een update, dan staat je dit toe.

                          Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                          Deze kan je vinden als C:\combofix.txt.

                          Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                          * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                          • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                          • Illegal operation attempted on a registry key that has been marked for deletion.
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            ComboFix 14-08-06.02 - Indra 06-08-2014 23:36:54.1.8 - x64
                            Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6042.3874 [GMT 2:00]
                            Gestart vanuit: c:\users\Indra\Desktop\ComboFix.exe
                            AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
                            SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
                            SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                            .
                            .
                            (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            .
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\_ctypes.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\_elementtree.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\_hashlib.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\_multiprocessing.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\_socket.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\_ssl.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\hashobjs_ext.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\pyexpat.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\pysqlite2._sqlite.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\python27.dll
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\pythoncom27.dll
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\PyWinTypes27.dll
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\select.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\unicodedata.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32api.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32com.shell.shell.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32crypt.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32event.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32file.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32gui.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32inet.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32pdh.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32pipe.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32process.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32profile.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32security.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\win32ts.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\windows._lib_cacheinvalidation.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wx._animate.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wx._controls_.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wx._core_.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wx._gdi_.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wx._html2.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wx._misc_.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wx._windows_.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wx._wizard.pyd
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wxbase294u_net_vc90.dll
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wxbase294u_vc90.dll
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wxmsw294u_adv_vc90.dll
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wxmsw294u_core_vc90.dll
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wxmsw294u_html_vc90.dll
                            c:\users\Indra\AppData\Local\Temp\_MEI39082\wxmsw294u_webview_vc90.dll
                            c:\users\Indra\videos\install_flashplayer13x32_chra_aaa_aih.exe
                            .
                            .
                            (((((((((((((((((((( Bestanden Gemaakt van 2014-07-06 to 2014-08-06 ))))))))))))))))))))))))))))))
                            .
                            .
                            2014-08-06 21:32 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B21A4A7-F7A3-46D0-B6DE-EFCC1C6E2827}\mpengine.dll
                            2014-08-06 21:16 . 2014-08-06 21:16 -------- d-----w- c:\program files\CCleaner
                            2014-08-05 13:30 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
                            2014-08-05 13:29 . 2014-08-05 13:31 -------- d-----w- C:\AdwCleaner
                            2014-08-05 12:34 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
                            2014-08-03 17:57 . 2014-08-03 17:57 -------- d-----w- C:\rsit
                            2014-08-03 17:57 . 2014-08-03 17:57 -------- d-----w- c:\program files\trend micro
                            2014-08-03 14:50 . 2014-08-05 13:25 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                            2014-08-03 14:50 . 2014-08-03 14:52 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
                            2014-08-03 14:50 . 2014-08-03 14:50 -------- d-----w- c:\programdata\Malwarebytes
                            2014-08-03 14:50 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
                            2014-08-03 14:50 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
                            2014-08-03 14:50 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
                            2014-08-03 13:55 . 2014-08-03 14:46 -------- d-----w- c:\users\Indra\AppData\Roaming\Nico Mak Computing
                            2014-08-03 13:14 . 2014-05-03 05:14 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26FFB971-70D7-4ABB-A367-D33871086381}\gapaengine.dll
                            2014-07-17 08:13 . 2014-07-17 08:13 -------- d-sh--w- c:\users\Indra\AppData\Local\EmieUserList
                            2014-07-17 08:13 . 2014-07-17 08:13 -------- d-sh--w- c:\users\Indra\AppData\Local\EmieSiteList
                            2014-07-17 08:04 . 2014-07-17 08:04 -------- d--h--w- c:\windows\msdownld.tmp
                            2014-07-10 19:58 . 2014-08-05 13:14 -------- d-----w- c:\users\Indra\AppData\Roaming\rmi
                            2014-07-10 19:57 . 2014-08-05 13:14 -------- d-----w- c:\users\Indra\AppData\Roaming\rmc
                            2014-07-10 19:56 . 2014-07-10 19:56 -------- d-----w- c:\users\Indra\AppData\Local\Programs
                            2014-07-10 18:50 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
                            2014-07-10 18:50 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
                            2014-07-10 18:49 . 2014-06-18 01:51 646144 ----a-w- c:\windows\SysWow64\osk.exe
                            2014-07-10 18:49 . 2014-06-18 01:10 3157504 ----a-w- c:\windows\system32\win32k.sys
                            2014-07-10 18:49 . 2014-06-18 02:19 449024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
                            2014-07-10 18:49 . 2014-06-18 02:18 692736 ----a-w- c:\windows\system32\osk.exe
                            2014-07-10 18:49 . 2014-06-06 09:44 509440 ----a-w- c:\windows\SysWow64\qedit.dll
                            2014-07-10 18:49 . 2014-06-06 10:10 624128 ----a-w- c:\windows\system32\qedit.dll
                            2014-07-10 18:49 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
                            2014-07-10 05:26 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
                            2014-07-10 05:26 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
                            2014-07-10 05:26 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
                            .
                            .
                            .
                            ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            2014-08-05 13:19 . 2011-03-28 17:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
                            2014-07-10 18:32 . 2012-10-20 11:56 96441528 ----a-w- c:\windows\system32\MRT.exe
                            2014-07-09 12:34 . 2012-02-10 13:44 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                            2014-07-09 12:34 . 2012-02-10 13:44 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                            2014-06-08 09:13 . 2014-06-11 05:19 506368 ----a-w- c:\windows\system32\aepdu.dll
                            2014-06-08 09:08 . 2014-06-11 05:19 424448 ----a-w- c:\windows\system32\aeinv.dll
                            .
                            .
                            ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            .
                            *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                            REGEDIT4
                            .
                            [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                            "GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-06-27 24477056]
                            "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                            "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-01-17 343168]
                            "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-06-02 291608]
                            "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-09-15 61112]
                            "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
                            "HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
                            "HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
                            "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
                            "Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2013-05-08 44128]
                            "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2013-05-08 642664]
                            "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
                            "CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
                            "IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
                            .
                            c:\users\Indra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                            Dropbox.lnk - c:\users\Indra\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-21 35464216]
                            OneNote 2010 Schermopname en Snel starten.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                            "ConsentPromptBehaviorAdmin"= 5 (0x5)
                            "ConsentPromptBehaviorUser"= 3 (0x3)
                            "EnableUIADesktopToggle"= 0 (0x0)
                            "HideFastUserSwitching"= 0 (0x0)
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
                            "EnableShellExecuteHooks"= 1 (0x1)
                            .
                            [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
                            "LoadAppInit_DLLs"=1 (0x1)
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
                            @="Service"
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
                            @="Service"
                            .
                            R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                            R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
                            R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                            R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
                            R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
                            R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
                            R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
                            R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
                            R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
                            R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
                            R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
                            R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
                            R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNX T6.SYS [x]
                            R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                            R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
                            R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                            R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
                            R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
                            S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
                            S0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
                            S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
                            S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
                            S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
                            S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
                            S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
                            S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
                            S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
                            S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
                            S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
                            S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                            S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
                            S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
                            S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
                            S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
                            S3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
                            S3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
                            S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
                            S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
                            S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
                            S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver.sys [x]
                            .
                            .
                            --- Andere Services/Drivers In Geheugen ---
                            .
                            *NewlyCreated* - WS2IFSL
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                            2014-07-18 18:25 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
                            .
                            Inhoud van de 'Gedeelde Taken' map
                            .
                            2014-08-06 c:\windows\Tasks\Adobe Flash Player Updater.job
                            - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-10 12:34]
                            .
                            2014-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                            - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20 11:06]
                            .
                            2014-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                            - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-20 11:06]
                            .
                            2014-08-03 c:\windows\Tasks\HPCeeScheduleForIndra.job
                            - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
                            .
                            .
                            --------- X64 Entries -----------
                            .
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveBlacklistedOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
                            [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
                            2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSharedEditOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSharedOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                            [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
                            2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSharedEditOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSharedOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
                            [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
                            2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSharedViewOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
                            [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
                            2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSyncedOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
                            [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
                            2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSyncingOverlay]
                            @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
                            [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
                            2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                            "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-06 170264]
                            "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-06 398104]
                            "Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-06 440600]
                            "SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-19 44880]
                            "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-06 2327952]
                            "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
                            "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-02 1425408]
                            "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
                            .
                            ------- Bijkomende Scan -------
                            .
                            uStart Page = www.google.com
                            uLocal Page = c:\windows\system32\blank.htm
                            mLocal Page = c:\windows\SysWOW64\blank.htm
                            IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
                            IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
                            IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
                            IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
                            IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
                            IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
                            TCP: DhcpNameServer = 192.168.2.254
                            .
                            - - - - ORPHANS VERWIJDERD - - - -
                            .
                            BHO-{914a2205-0c1a-41cf-83cc-7e49032c7726} - (no file)
                            Toolbar-{914a2205-0c1a-41cf-83cc-7e49032c7726} - (no file)
                            Toolbar-10 - (no file)
                            Wow6432Node-HKLM-Run-<NO NAME> - (no file)
                            HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
                            Toolbar-10 - (no file)
                            HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
                            AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
                            AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
                            .
                            .
                            .
                            --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="FlashBroker"
                            "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                            "Enabled"=dword:00000001
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                            @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="IFlashBroker5"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                            @="{00020424-0000-0000-C000-000000000046}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            "Version"="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="FlashBroker"
                            "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                            "Enabled"=dword:00000001
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                            @Denied: (A 2) (Everyone)
                            @="Shockwave Flash Object"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
                            "ThreadingModel"="Apartment"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                            @="0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                            @="ShockwaveFlash.ShockwaveFlash.14"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                            @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                            @="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                            @="ShockwaveFlash.ShockwaveFlash"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                            @Denied: (A 2) (Everyone)
                            @="Macromedia Flash Factory Object"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
                            "ThreadingModel"="Apartment"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                            @="FlashFactory.FlashFactory.1"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                            @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                            @="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                            @="FlashFactory.FlashFactory"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="IFlashBroker5"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                            @="{00020424-0000-0000-C000-000000000046}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            "Version"="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
                            @Denied: (A) (Everyone)
                            "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
                            @Denied: (A) (Everyone)
                            .
                            [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
                            "Key"="ActionsPane3"
                            "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
                            @Denied: (Full) (Everyone)
                            .
                            ------------------------ Andere Aktieve Processen ------------------------
                            .
                            c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                            c:\windows\SysWOW64\ezSharedSvcHost.exe
                            c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
                            c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
                            c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
                            c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                            .
                            **************************************************************************
                            .
                            Voltooingstijd: 2014-08-07 00:16:42 - machine werd herstart
                            ComboFix-quarantined-files.txt 2014-08-06 22:16
                            .
                            Pre-Run: 376.333.897.728 bytes beschikbaar
                            Post-Run: 375.822.315.520 bytes beschikbaar
                            .
                            - - End Of File - - 7BD6C67D45D81733A6611688C82498D5

                            -----------------------------------------------------------------------------------------

                            DDS (Ver_2012-11-20.01) - NTFS_AMD64
                            Internet Explorer: 11.0.9600.17207
                            Run by Indra at 0:18:06 on 2014-08-07
                            Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6042.4474 [GMT 2:00]
                            .
                            AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
                            SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                            SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
                            .
                            ============== Running Processes ===============
                            .
                            C:\Windows\system32\lsm.exe
                            C:\Windows\system32\svchost.exe -k DcomLaunch
                            C:\Windows\system32\svchost.exe -k RPCSS
                            c:\Program Files\Microsoft Security Client\MsMpEng.exe
                            C:\Windows\system32\atiesrxx.exe
                            C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                            C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                            C:\Windows\system32\svchost.exe -k LocalService
                            C:\Windows\system32\svchost.exe -k netsvcs
                            C:\Program Files\IDT\WDM\STacSV64.exe
                            C:\Windows\system32\svchost.exe -k GPSvcGroup
                            C:\Windows\system32\Hpservice.exe
                            C:\Windows\system32\svchost.exe -k NetworkService
                            C:\Windows\system32\atieclxx.exe
                            C:\Windows\System32\spoolsv.exe
                            C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                            C:\Windows\system32\taskhost.exe
                            C:\Windows\system32\Dwm.exe
                            C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                            C:\Windows\SysWOW64\ezSharedSvcHost.exe
                            C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                            C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
                            C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
                            C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
                            C:\Program Files\Intel\iCLS Client\HeciServer.exe
                            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
                            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
                            C:\Windows\system32\svchost.exe -k imgsvc
                            C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
                            C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                            C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
                            C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                            C:\Windows\servicing\TrustedInstaller.exe
                            C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                            C:\Windows\System32\rundll32.exe
                            C:\Windows\system32\taskeng.exe
                            C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
                            C:\Windows\system32\SearchIndexer.exe
                            C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                            C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
                            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                            C:\Program Files\Windows Media Player\wmpnetwk.exe
                            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                            C:\Windows\system32\svchost.exe -k SDRSVC
                            C:\Windows\system32\SearchProtocolHost.exe
                            C:\Windows\system32\SearchFilterHost.exe
                            C:\Windows\system32\wbem\wmiprvse.exe
                            C:\Windows\explorer.exe
                            C:\Windows\System32\cscript.exe
                            .
                            ============== Pseudo HJT Report ===============
                            .
                            uStart Page = www.google.com
                            BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
                            BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                            BHO: {914a2205-0c1a-41cf-83cc-7e49032c7726} - <orphaned>
                            BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
                            BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
                            BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
                            BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
                            TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
                            TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
                            TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                            EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                            uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
                            uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
                            mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
                            mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
                            mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
                            mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                            mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
                            mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
                            mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
                            mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
                            mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
                            mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
                            mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
                            mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
                            StartupFolder: C:\Users\Indra\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Indra\AppData\Roaming\Dropbox\bin\Dropbox.exe
                            StartupFolder: C:\Users\Indra\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
                            uPolicies-Explorer: NoDrives = dword:0
                            mPolicies-Explorer: EnableShellExecuteHooks = dword:1
                            mPolicies-Explorer: NoDrives = dword:0
                            mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                            mPolicies-System: ConsentPromptBehaviorUser = dword:3
                            mPolicies-System: EnableUIADesktopToggle = dword:0
                            mPolicies-System: HideFastUserSwitching = dword:0
                            IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
                            IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
                            IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
                            IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
                            IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
                            IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
                            IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
                            IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
                            IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
                            IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
                            IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
                            TCP: NameServer = 192.168.2.254
                            TCP: Interfaces\{A0180A88-E954-41E5-A3AB-21BD04097871} : DHCPNameServer = 90.145.32.32 90.145.32.33
                            TCP: Interfaces\{B63498AB-3313-477E-B30C-3819F0272C52} : DHCPNameServer = 192.168.2.254
                            TCP: Interfaces\{B63498AB-3313-477E-B30C-3819F0272C52}\044525555475946494 : DHCPNameServer = 10.42.254.42 10.42.254.2
                            TCP: Interfaces\{B63498AB-3313-477E-B30C-3819F0272C52}\0516C616A7A7F602D4F6E64756D616274796E696 : DHCPNameServer = 192.168.2.1
                            Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
                            Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
                            Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
                            SSODL: WebCheck - <orphaned>
                            SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
                            mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
                            x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                            x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
                            x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
                            x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
                            x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
                            x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
                            x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
                            x64-Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
                            x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
                            x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
                            x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
                            x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
                            x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
                            x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
                            x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
                            x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
                            x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
                            x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
                            x64-Notify: igfxcui - igfxdev.dll
                            x64-SSODL: WebCheck - <orphaned>
                            .
                            ============= SERVICES / DRIVERS ===============
                            .
                            R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-1-18 31360]
                            R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;C:\Windows\System32\drivers\iusb3hcs.sys [2013-6-2 16152]
                            R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
                            R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-1-18 235520]
                            R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
                            R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
                            R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
                            R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
                            R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-3 13592]
                            R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
                            R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-5-3 128280]
                            R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-3 161560]
                            R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-3 363800]
                            R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
                            R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-6 331264]
                            R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-1-6 14652768]
                            R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;C:\Windows\System32\drivers\iusb3hub.sys [2013-6-2 355096]
                            R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;C:\Windows\System32\drivers\iusb3xhc.sys [2013-6-2 786200]
                            R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-6 2350176]
                            R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-3 565352]
                            R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2013-6-2 21264]
                            S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
                            S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
                            S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
                            S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
                            S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-4 1038088]
                            S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
                            S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-10 111616]
                            S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 133928]
                            S3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
                            S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]
                            S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-5-3 258664]
                            S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
                            S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
                            S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
                            S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-19 56832]
                            S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-27 30208]
                            S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-20 1255736]
                            S3 WSDScan;Ondersteuning voor WSD-scan via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
                            S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
                            .
                            =============== Created Last 30 ================
                            .
                            2014-08-06 22:05:22 -------- d-----w- C:\$RECYCLE.BIN
                            2014-08-06 21:35:01 98816 ----a-w- C:\Windows\sed.exe
                            2014-08-06 21:35:01 256000 ----a-w- C:\Windows\PEV.exe
                            2014-08-06 21:35:01 208896 ----a-w- C:\Windows\MBR.exe
                            2014-08-06 21:32:30 10924376 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B21A4A7-F7A3-46D0-B6DE-EFCC1C6E2827}\mpengine.dll
                            2014-08-06 21:16:24 -------- d-----w- C:\Program Files\CCleaner
                            2014-08-05 13:30:02 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
                            2014-08-05 13:29:05 -------- d-----w- C:\AdwCleaner
                            2014-08-05 12:34:56 10924376 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
                            2014-08-03 17:57:22 -------- d-----w- C:\Program Files\trend micro
                            2014-08-03 14:50:58 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
                            2014-08-03 14:50:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
                            2014-08-03 14:50:00 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
                            2014-08-03 14:50:00 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
                            2014-08-03 14:50:00 -------- d-----w- C:\ProgramData\Malwarebytes
                            2014-08-03 14:50:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
                            2014-08-03 13:55:12 -------- d-----w- C:\Users\Indra\AppData\Roaming\Nico Mak Computing
                            2014-08-03 13:14:17 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{26FFB971-70D7-4ABB-A367-D33871086381}\gapaengine.dll
                            2014-07-17 08:13:09 -------- d-sh--w- C:\Users\Indra\AppData\Local\EmieUserList
                            2014-07-17 08:13:09 -------- d-sh--w- C:\Users\Indra\AppData\Local\EmieSiteList
                            2014-07-17 08:04:03 -------- d--h--w- C:\Windows\msdownld.tmp
                            2014-07-10 19:58:07 -------- d-----w- C:\Users\Indra\AppData\Roaming\rmi
                            2014-07-10 19:57:48 -------- d-----w- C:\Users\Indra\AppData\Roaming\rmc
                            2014-07-10 19:56:38 -------- d-----w- C:\Users\Indra\AppData\Local\Programs
                            2014-07-10 18:50:14 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
                            2014-07-10 18:50:12 1354240 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
                            2014-07-10 18:49:31 646144 ----a-w- C:\Windows\SysWow64\osk.exe
                            2014-07-10 18:49:29 3157504 ----a-w- C:\Windows\System32\win32k.sys
                            2014-07-10 18:49:28 449024 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll
                            2014-07-10 18:49:27 692736 ----a-w- C:\Windows\System32\osk.exe
                            2014-07-10 18:49:24 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
                            2014-07-10 18:49:23 624128 ----a-w- C:\Windows\System32\qedit.dll
                            2014-07-10 18:49:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
                            2014-07-10 05:26:56 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
                            2014-07-10 05:26:55 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
                            2014-07-10 05:26:55 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
                            .
                            ==================== Find3M ====================
                            .
                            2014-07-09 12:34:23 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                            2014-07-09 12:34:23 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                            2014-06-19 01:06:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
                            2014-06-19 01:06:24 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
                            2014-06-19 00:42:57 548352 ----a-w- C:\Windows\System32\vbscript.dll
                            2014-06-19 00:42:49 66048 ----a-w- C:\Windows\System32\iesetup.dll
                            2014-06-19 00:41:52 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
                            2014-06-19 00:41:16 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
                            2014-06-19 00:24:30 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
                            2014-06-19 00:24:12 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
                            2014-06-19 00:23:53 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
                            2014-06-19 00:14:28 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
                            2014-06-18 23:59:04 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
                            2014-06-18 23:56:37 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                            2014-06-18 23:51:38 5721088 ----a-w- C:\Windows\System32\jscript9.dll
                            2014-06-18 23:38:40 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
                            2014-06-18 23:37:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
                            2014-06-18 23:36:35 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
                            2014-06-18 23:35:55 62464 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
                            2014-06-18 23:27:45 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
                            2014-06-18 23:27:07 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
                            2014-06-18 23:23:27 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
                            2014-06-18 23:22:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
                            2014-06-18 23:06:10 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
                            2014-06-18 22:58:27 2266112 ----a-w- C:\Windows\System32\wininet.dll
                            2014-06-18 22:52:18 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
                            2014-06-18 22:46:23 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
                            2014-06-18 22:45:59 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                            2014-06-18 22:13:59 1791488 ----a-w- C:\Windows\SysWow64\wininet.dll
                            2014-06-08 09:13:05 506368 ----a-w- C:\Windows\System32\aepdu.dll
                            2014-06-08 09:08:04 424448 ----a-w- C:\Windows\System32\aeinv.dll
                            .
                            ============= FINISH: 0:18:21,09 ===============

                            Comment


                            • #15
                              Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

                              ComboFix /Uninstall

                              Zorg ervoor dat er dus een spatie is tussen Combofix en /
                              Daarna klik je op Enter.


                              Klik op de afbeelding om te vergroten....


                              Dit zal Combofix verwijderen+gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw,
                              verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen
                              en reset je Systeemherstel opnieuw.



                              Start CCleaner op.
                              • Run Ccleaner en klik in de linkse kolom op Opties
                              • Selecteer het tabblad Geavanceerd
                              • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                              • Selecteer het tabblad Instellingen
                              • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                              • Klik in de linkse kolom op Cleaner.
                              • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                              • Klik vervolgens in de linkse kolom op Register
                              • Klik op Scan naar problemen.
                              • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                              • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                              .


                              Vertel nu eens even of er nog problemen zijn?

                              Emphyrio
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X