Mededeling

Collapse
No announcement yet.

Spyware? Graag uw hulp a.u.b.

Collapse
X
Collapse
  •  
  • Page of 1
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Spyware? Graag uw hulp a.u.b.

    Geachte heer, mevrouw,

    Volgens mij heeft mijn zoon tijdens het downloaden van een spel een virus gedownload.
    In mijn browser kreeg ik steeds een onbekende startpagina, mystartsearch.

    Ik heb defogger gedaan. Daarna heb ik de nodige scans gedaan. Hieronder vindt u de weblog van Malwarebytes.
    Het probleem van de startpagina lijkt nu opgelost.

    Malwarebytes Anti-Malware
    Cyber Security Software & Anti-Malware | Malwarebytes
    https://www.malwarebytes.org
    Protect your home and business PCs, Macs, iOS and Android devices from the latest cyber threats and malware, including ransomware.


    Scandatum: 20-10-2014
    Scantijd: 19:38:11
    Logbestand: mbam2010.txt
    Beheerder: Ja

    Versie: 2.00.2.1012
    Malwaredatabase: v2014.10.20.05
    Rootkitdatabase: v2014.10.17.01
    Licentie: Gratis
    Malwarebescherming: Uitgeschakeld
    Kwaadaardige Website Bescherming: Uitgeschakeld
    Self-protection: Uitgeschakeld

    Besturingssysteem: Windows 7 Service Pack 1
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Malik

    Scantype: Bedreigingsscan
    Resultaat: Voltooid
    Objecten Gescand: 323943
    Verstreken Tijd: 25 m, 33 s

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Uitgeschakeld
    Heuristics: Ingeschakeld
    POP: Waarschuwen
    POA: Ingeschakeld

    Processen: 4
    PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1460, Verwijder-bij-Herstart, [e60f15013844191df593bdae51b0d42c]
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, 2516, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14]
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, 2604, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14]
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader64.exe, 2568, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14]

    Modules: 24
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],

    Registersleutels: 26
    PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, In Quarantaine, [e60f15013844191df593bdae51b0d42c],
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantaine, [42b326f0e19bb4826106dfc60df57090],
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantaine, [42b326f0e19bb4826106dfc60df57090],
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantaine, [42b326f0e19bb4826106dfc60df57090],
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantaine, [42b326f0e19bb4826106dfc60df57090],
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantaine, [42b326f0e19bb4826106dfc60df57090],
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantaine, [42b326f0e19bb4826106dfc60df57090],
    PUP.Optional.SupTab.A, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantaine, [42b326f0e19bb4826106dfc60df57090],
    PUP.Optional.SupTab.A, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantaine, [42b326f0e19bb4826106dfc60df57090],
    PUP.Optional.ShopSave.A, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{033BE5FC-ED4C-48A0-8F07-E0128384D828}, In Quarantaine, [15e0de387b011f17306c089748baec14],
    PUP.Optional.ShopSave.A, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6CC4BF79-7708-4ECB-8F2B-A11264A67989}, In Quarantaine, [10e5d73f512b96a01a81099616ec3fc1],
    PUP.Optional.ShopSave.A, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6CC4BF79-7708-4ECB-8F2B-A11264A67989}, In Quarantaine, [10e5d73f512b96a01a81099616ec3fc1],
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantaine, [569f3adca4d884b22d2bc5b0c14316ea],
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, In Quarantaine, [b342a5712b5144f2bd22fd26729117e9],
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, In Quarantaine, [60950e081e5e58de260881ab15eeda26],
    PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantaine, [ca2b62b487f589ad0b4dec897292738d],
    PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantaine, [8d68bc5ac5b704327c4ba2eab94b58a8],
    PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantaine, [52a3cc4a017b65d1d4f48705966e8977],
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, In Quarantaine, [c72e30e60c70a492e3ca67bcba49c43c],
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantaine, [589d52c4007cc670e1fd9291d62d5ea2],
    PUP.Optional.WebSearches.A, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, In Quarantaine, [09ec9680146858ded0c3899cf0139c64],
    PUP.Optional.CrossRider.A, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantaine, [8570779f83f9e05629d4f28b71938c74],
    PUP.Optional.Qone8, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantaine, [8570f71f34480e28d582383d9a6a4db3],
    PUP.Optional.FastStart.A, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, In Quarantaine, [3cb9fb1be498be785d8c6bb57f849070],
    PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
    PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],

    Registerwaardes: 5
    PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, In Quarantaine, [60950e081e5e58de260881ab15eeda26]
    PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|[email protected], C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com, In Quarantaine, [f9fcb0660f6da98d0ecbd6b2cc38c040]
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, In Quarantaine, [c72e30e60c70a492e3ca67bcba49c43c]
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, amt, In Quarantaine, [589d52c4007cc670e1fd9291d62d5ea2]
    PUP.Optional.FastStart.A, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, [email protected], In Quarantaine, [3cb9fb1be498be785d8c6bb57f849070]

    Registerdata: 5
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=h...BP30016E98H7LX, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/?type=h...7LX),Vervangen,[39bc8c8a3f3db482ebe237f05baa56aa]
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Goed: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Slecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Vervangen,[e60fef27e09c61d58c8886a012f36898]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=h...BP30016E98H7LX, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/?type=h...7LX),Vervangen,[4da8061029532313ad20ec3bdf26f30d]
    PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Goed: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Slecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Vervangen,[95608e88f785bb7b62b2ff279174c937]
    PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-2577111550-1677654270-2503688737-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=h...BP30016E98H7LX, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/?type=h...7LX),Vervangen,[32c3d6401765ca6c6a61002717ee926e]

    Mappen: 83
    PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Verwijder-bij-Herstart, [6194f521e29a9d998bdded16649faa56],
    PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantaine, [6194f521e29a9d998bdded16649faa56],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\include, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\include\tools, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\lib, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\module, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\pack, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\en, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\en-US, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\es, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\es-419, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\fr, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\fr-BE, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\fr-CA, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\fr-CH, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\fr-LU, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\it, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\it-CH, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\pl, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\pt-BR, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\ru, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\ru-MO, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\tr, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\vi, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\zh-CN, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\zh-TW, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\skin, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\defaults, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\defaults\preferences, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, In Quarantaine, [0aeb8195ee8e3ef8bfdf1ceb04ffd12f],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, In Quarantaine, [0aeb8195ee8e3ef8bfdf1ceb04ffd12f],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, In Quarantaine, [0aeb8195ee8e3ef8bfdf1ceb04ffd12f],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, In Quarantaine, [0aeb8195ee8e3ef8bfdf1ceb04ffd12f],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, In Quarantaine, [0aeb8195ee8e3ef8bfdf1ceb04ffd12f],
    PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{2028E791-3BCF-48D1-9084-1662290010EA}, In Quarantaine, [0aeb8195ee8e3ef8bfdf1ceb04ffd12f],
    PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
    PUP.Optional.SupTab.A, C:\Users\Malik\AppData\Roaming\SupTab, In Quarantaine, [4ea7d73f265664d235a87f8ccc370bf5],
    PUP.Optional.ShopSave.A, C:\Program Files (x86)\ShopSave Toolbar, In Quarantaine, [748121f54933b38338f524efe81b718f],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected], In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\defaults, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\defaults\preferences, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\userCode, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\locale, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\locale\en-US, In Quarantaine, [e90cb660384422147e4442d32fd47987],
    PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin, In Quarantaine, [e90cb660384422147e4442d32fd47987],

    I.v.m. overschrijding toegestane maximum aantal tekens, moet ik de scanlog in meerdere delen posten. Het tweede deel en de overige scanlogs post ik mijn volgende bericht(en).
    Uw hulp wordt zeer op prijs gesteld.

    Met vriendelijke groet,
    T. Karabag
    Bijgevoegde Bestanden
    Last edited by Lucindra; 20-10-14, 22:15.
    Labels: Geen
      • Citaat
    • #2
      Bestanden: 251
      PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Verwijder-bij-Herstart, [e60f15013844191df593bdae51b0d42c],
      PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantaine, [42b326f0e19bb4826106dfc60df57090],
      PUP.Optional.InfoHD.A, C:\Users\Malik\AppData\Roaming\NIOMWD.exe, In Quarantaine, [01f4f81e7c00999d8b9d208da55cdc24],
      PUP.Optional.InfoHD.A, C:\Users\Malik\AppData\Roaming\YSCE.exe, In Quarantaine, [649129edd7a5df571b0dc5e833ce0000],
      PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, In Quarantaine, [569f67aff18ba09614000b9046bb2cd4],
      PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, In Quarantaine, [a5503adcc3b91e184fc57c1f4bb6e917],
      PUP.Optional.IEPluginService.A, C:\Program Files (x86)\SupTab\RSHP.exe, In Quarantaine, [17debb5b750770c633061f5f14edc63a],
      PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, In Quarantaine, [c23328eeea921026f4205f3cdd24c838],
      PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, In Quarantaine, [4aab987eeb9168ce3cd809927b86768a],
      PUP.Optional.Amonetize, C:\Users\Malik\Downloads\MinecraftInstaller__2490_il341.exe, In Quarantaine, [f9fc7a9c5824c175cc3138838879ea16],
      PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, In Quarantaine, [6194f521e29a9d998bdded16649faa56],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome.manifest, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\install.rdf, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\index.html, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\quick_start.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\quick_start.xul, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\include\speed_dial.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\include\tools\about_blank_hook.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\include\tools\misc.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\include\tools\popup_image_helper.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\include\tools\urlrequestor.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\js.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\lib\doT.min.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\module\hotSearch.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\module\mostgrid.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\module\search.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\module\stat.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\pack\common.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\pack\ga.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\content\js\pack\xagainit.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\en\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\en-US\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\es\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\es-419\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\fr\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\fr-BE\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\fr-CA\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\fr-CH\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\fr-LU\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\it\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\it-CH\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\pl\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\pt-BR\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\ru\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\ru-MO\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\tr\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\vi\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\zh-CN\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\locale\zh-TW\locale.properties, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\skin\default_logo.png, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\skin\googlelogo.png, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\skin\google_trends.png, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\skin\icon.png, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\skin\loading.gif, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\skin\logo.png, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\skin\newtab.ico, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\skin\simple.css, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\chrome\skin\style.css, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\defaults\preferences\fvd.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\defaults\preferences\preferences.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules\addonmanager.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules\aes.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules\config.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules\dialogs.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules\last_tab.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules\misc.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules\properties.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules\remoterequest.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules\restoreprefs.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
      PUP.Optional.FastStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\faststartff@gmai l.com\modules\settings.js, In Quarantaine, [fff6a5716b113ff77c151ce8c14212ee],
        • Citaat

        Comment

        • #3
          PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\GoogleCrashHandler.exe, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
          PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\GoogleUpdate.exe, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
          PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\GoogleUpdateBroker.exe, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
          PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\GoogleUpdateHelper.msi, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
          PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\GoogleUpdateOnDemand.exe, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
          PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\goopdate.dll, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
          PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\goopdateres_en.dll, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
          PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\npGoogleUpdate4.dll, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
          PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\psmachine.dll, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
          PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\psuser.dll, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader64.exe, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit-ie8.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit2.0.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome.manifest, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\install.rdf, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\5c6e0c67f1f1c62e271752769f91dcb3.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\6fa0497b6db972dedc57c938cfad18e2.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\7557b1603a596bad7fe182e597f2a013.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\7aa2c70a6b3c75878ea266638fab27c9.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\b9fca8239e5397e46377420b5fabafcb.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\background.html, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\browser.xul, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\dialog.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\f9b8b92b3cb55c66bcb01a568331337a.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\ffCoreFilesIndex.txt, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\options.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\options.xul, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\search_dialog.xul, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\00ca78bccdac1b9985fa95f0b942837b.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\0cdfcc88530225e3f0da4de634736a24.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\15ae3ac4dbaef5d6c6d2df0ec233a6cd.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\2eb72e32dff125e51a8288424a77940f.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\3f1f30481efd5a023a1da6c05ffa88cd.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\5fedacb66ea681ec121296ccdc408947.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\63327aa45fb05bbffb255a8a9b163a4b.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\898486a39da42c1db0694e1e07c5efbb.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\ab72c96cfefd8b3bd1a44324ced4190a.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\b31e08230f630f31323a965920876bc6.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\b9900c28e17335a82b5f5e768aa6aed6.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\bae8b4f6febd26cd008472484c784056.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\c184a290bb7408d4b5e3a453d405a734.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\d853507f2ad398d48796e3cf4afffcdd.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\e67f71b086828e12720f3715b8edf12a.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\f5385686fb857bedecb5c4e1d55e366d.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\81ccfdad7e05e73e1800ab8993bfc2f7.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\14e1cede070fa712a7dd05043f4649e3.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\2465e0b92c18c8e32f1eecb709a7e864.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\29a5fe52ebc893d6cc85249fe89fb066.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\3116a42942348b6e194f05636ab33d1b.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\369611e4bfc930f8d9902289a24e21e9.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\3feef1b397af2d4a997304cda53e6177.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\441598c92b0452679865a983872075b0.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\62bd07358958f267cb337b4c2108aff0.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\6320ef55c5e4127ecfdd382cbfd152b7.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\67be97cf921500f9763bfcb8bbaa9021.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\6d23f859337201c9630858810862251a.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\711ae7224f02126a77fd4e29c978304f.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\87fb77f9a111d237b1dfc036718a7d69.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\92e4274054847daecfd54c5a28ece7cb.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\95a282a2318b46aa867d7677ae515686.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\996ac8bdb8b2b9f8375a4439c631254c.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\add6797e7e6189096534e1408e54b2ff.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\c4b12d147062acb55055ea9275f19e12.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\d4cb5c4cf6e271e8b9e07e3530b3794c.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\installer.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\defaults\preferences\prefs.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\manifest.xml, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins.json, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\260.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\102.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\104.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\119.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\123.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\13.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\14.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\16.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\17.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\178.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\179.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\180.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\184.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\195.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\220.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\221.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\223.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\231.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\232.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\242.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\246.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\262.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\263.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\268.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\273.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\275.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\281.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\286.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\288.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\289.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\291.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\300.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\302.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\4.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\47.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\64.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\7.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\78.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\9.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\91.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\93.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\userCode\background.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\userCode\extension.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf 9be03@d3ee3bc4210848f7b5a58324f064f.com\locale\en-US\translations.dtd, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\button1.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\button2.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\button3.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\button4.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\button5.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\crossrider_statusbar.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\icon128.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\icon16.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\icon24.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\icon48.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\panelarrow-up.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\popup.html, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\skin.css, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\update.css, In Quarantaine, [e90cb660384422147e4442d32fd47987],
          PUP.Optional.QuickStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\prefs.js, Goed: (), Slecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"), Vervangen,[876e4ec899e342f4642474e513f27987]
          PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.crossrider.bic", "1491e9904ff65661f8fe5449dbab3dfd"), Vervangen,[609558be205c0b2ba61f57037e873bc5]

          Fysieke Sectoren: 0
          (No malicious items detected)


          (end)
            • Citaat

            Comment

            • #4
              PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\GoogleCrashHandler.exe, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
              PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\GoogleUpdate.exe, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
              PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\GoogleUpdateBroker.exe, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
              PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\GoogleUpdateHelper.msi, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
              PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\GoogleUpdateOnDemand.exe, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
              PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\goopdate.dll, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
              PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\goopdateres_en.dll, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
              PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\npGoogleUpdate4.dll, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
              PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\psmachine.dll, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
              PUP.Optional.GlobalUpdate.A, C:\Users\Malik\AppData\Local\Temp\comh.241238\psuser.dll, In Quarantaine, [aa4b3bdbb8c40333b10918ef23e0956b],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader64.exe, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Verwijder-bij-Herstart, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit-ie8.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit2.0.js, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantaine, [4ca91ef86a1290a66577b55636cdec14],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome.manifest, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\install.rdf, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\5c6e0c67f1f1c62e271752769f91dcb3.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\6fa0497b6db972dedc57c938cfad18e2.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\7557b1603a596bad7fe182e597f2a013.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\7aa2c70a6b3c75878ea266638fab27c9.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\b9fca8239e5397e46377420b5fabafcb.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\background.html, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\browser.xul, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\dialog.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\f9b8b92b3cb55c66bcb01a568331337a.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\ffCoreFilesIndex.txt, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\options.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\options.xul, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\search_dialog.xul, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\00ca78bccdac1b9985fa95f0b942837b.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\0cdfcc88530225e3f0da4de634736a24.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\15ae3ac4dbaef5d6c6d2df0ec233a6cd.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\2eb72e32dff125e51a8288424a77940f.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\3f1f30481efd5a023a1da6c05ffa88cd.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\5fedacb66ea681ec121296ccdc408947.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\63327aa45fb05bbffb255a8a9b163a4b.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\898486a39da42c1db0694e1e07c5efbb.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\ab72c96cfefd8b3bd1a44324ced4190a.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\b31e08230f630f31323a965920876bc6.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\b9900c28e17335a82b5f5e768aa6aed6.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\bae8b4f6febd26cd008472484c784056.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\c184a290bb7408d4b5e3a453d405a734.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\d853507f2ad398d48796e3cf4afffcdd.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\e67f71b086828e12720f3715b8edf12a.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\api\f5385686fb857bedecb5c4e1d55e366d.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\81ccfdad7e05e73e1800ab8993bfc2f7.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\14e1cede070fa712a7dd05043f4649e3.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\2465e0b92c18c8e32f1eecb709a7e864.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\29a5fe52ebc893d6cc85249fe89fb066.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\3116a42942348b6e194f05636ab33d1b.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\369611e4bfc930f8d9902289a24e21e9.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\3feef1b397af2d4a997304cda53e6177.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\441598c92b0452679865a983872075b0.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\62bd07358958f267cb337b4c2108aff0.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\6320ef55c5e4127ecfdd382cbfd152b7.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\67be97cf921500f9763bfcb8bbaa9021.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\6d23f859337201c9630858810862251a.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\711ae7224f02126a77fd4e29c978304f.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\87fb77f9a111d237b1dfc036718a7d69.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\92e4274054847daecfd54c5a28ece7cb.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\95a282a2318b46aa867d7677ae515686.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\996ac8bdb8b2b9f8375a4439c631254c.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\add6797e7e6189096534e1408e54b2ff.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\c4b12d147062acb55055ea9275f19e12.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\d4cb5c4cf6e271e8b9e07e3530b3794c.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\chrome\content\core\installer.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\defaults\preferences\prefs.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\manifest.xml, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins.json, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\260.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\102.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\104.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\119.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\123.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\13.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\14.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\16.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\17.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\178.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\179.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\180.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\184.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\195.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\220.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\221.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\223.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\231.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\232.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\242.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\246.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\262.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\263.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\268.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\273.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\275.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\281.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\286.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\288.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\289.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\291.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\300.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\302.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\4.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\47.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\64.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\7.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\78.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\9.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\91.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\plugins\93.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\userCode\background.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\extensionData\userCode\extension.js, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\locale\en-US\translations.dtd, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\button1.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\button2.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\button3.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\button4.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\button5.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\crossrider_statusbar.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\icon128.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\icon16.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\icon24.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\icon48.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\panelarrow-up.png, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\popup.html, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\skin.css, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\extensions\0cd1569197354ecf [email protected]\skin\update.css, In Quarantaine, [e90cb660384422147e4442d32fd47987],
              PUP.Optional.QuickStart.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\prefs.js, Goed: (), Slecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"), Vervangen,[876e4ec899e342f4642474e513f27987]
              PUP.Optional.CrossRider.A, C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.crossrider.bic", "1491e9904ff65661f8fe5449dbab3dfd"), Vervangen,[609558be205c0b2ba61f57037e873bc5]

              Fysieke Sectoren: 0
              (No malicious items detected)


              (end)
                • Citaat

                Comment

                • #5
                  # AdwCleaner v4.000 - Rapport aangemaakt 20/10/2014 op 21:33:31
                  # DB v2014-10-19.11
                  # Laatste Update 12/10/2014 door Xplode
                  # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
                  # Gebruikersnaam : Malik - MALIK-TOSH
                  # Gestart vanuit : C:\Users\Malik\Downloads\adwcleaner_4.000.exe
                  # Optie : Verwijderen

                  ***** [ Services ] *****


                  ***** [ Bestanden / Mappen ] *****

                  Map Verwijderd : C:\ProgramData\Ask
                  Map Verwijderd : C:\Users\Malik\AppData\LocalLow\AVG Security Toolbar
                  Map Verwijderd : C:\Program Files (x86)\Conduit
                  Map Verwijderd : C:\Users\Malik\AppData\Local\Conduit
                  Map Verwijderd : C:\Users\Malik\AppData\LocalLow\Conduit
                  Map Verwijderd : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
                  Map Verwijderd : C:\Users\Malik\AppData\Roaming\dvdvideosoftiehelpers
                  Map Verwijderd : C:\Program Files (x86)\globalUpdate
                  Map Verwijderd : C:\Users\Malik\AppData\Local\globalUpdate
                  Map Verwijderd : C:\ProgramData\NCH Software
                  Map Verwijderd : C:\Users\Malik\AppData\Roaming\NCH Software
                  Map Verwijderd : C:\Program Files (x86)\orbitdownloader
                  Map Verwijderd : C:\Users\Malik\AppData\Roaming\Systweak
                  Map Verwijderd : C:\ProgramData\Tarma Installer
                  Map Verwijderd : C:\Program Files\Enigma Software Group
                  Bestand Verwijderd : C:\Windows\System32\roboot64.exe
                  Bestand Verwijderd : C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\bProtector_extensions.rdf
                  Bestand Verwijderd : C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\searchplugins\Askcom.xml

                  ***** [ Taken ] *****


                  ***** [ Snelkoppelingen ] *****


                  ***** [ Register ] *****

                  Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\secman.DLL
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Conduit.Engine
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
                  Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
                  Sleutel Verwijderd : HKCU\Software\5b6d98bb43cef17
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
                  Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
                  Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
                  Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
                  Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
                  Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
                  Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
                  Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
                  Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
                  Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
                  Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
                  Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
                  Gegevens Hersteld : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
                  Waarde Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe]
                  Waarde Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe]
                  Waarde Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe]
                  Waarde Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe]
                  Sleutel Verwijderd : HKCU\Software\anchorfree
                  Sleutel Verwijderd : HKCU\Software\GlobalUpdate
                  Sleutel Verwijderd : HKCU\Software\Softonic
                  Sleutel Verwijderd : HKCU\Software\systweak
                  Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar
                  Sleutel Verwijderd : HKLM\SOFTWARE\Babylon
                  Sleutel Verwijderd : HKLM\SOFTWARE\GlobalUpdate
                  Sleutel Verwijderd : HKLM\SOFTWARE\systweak
                  Sleutel Verwijderd : HKLM\SOFTWARE\Uniblue
                  Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
                  Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Tarma Installer
                  Sleutel Verwijderd : [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup

                  ***** [ Browsers ] *****

                  -\\ Internet Explorer v11.0.9600.17344

                  Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
                  Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
                  Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
                  Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
                  Instelling Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
                  Instelling Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
                  Instelling Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

                  -\\ Mozilla Firefox v33.0 (x86 nl)

                  [5xc13rpi.default] - Regel verwijderd : user_pref("browser.search.defaultenginename", "mystartsearch");
                  [5xc13rpi.default] - Regel verwijderd : user_pref("browser.search.selectedEngine", "mystartsearch");
                  [5xc13rpi.default] - Regel verwijderd : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hp&ts=1413557356&from=amt&uid=HitachiXHTS545032B9A300_100430PBP30016E98H7LX");
                  [5xc13rpi.default] - Regel verwijderd : user_pref("extensions.a0cd1569197354ecf9be03d3ee3bc4210848f7b5a58324f064fcom63831.63831.internaldb.m onetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D
                  [5xc13rpi.default] - Regel verwijderd : user_pref("extensions.quick_start.enable_search1", false);
                  [5xc13rpi.default] - Regel verwijderd : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
                  [5xc13rpi.default] - Regel verwijderd : user_pref("smartbar.machineId", "NGPAWYFBKREQDX8HTCWNWRXA0IBK7WD0YVT92/C5FZDU4WVZXRGEATGRUUPHKZLAFW2TK3AAX3/0AR7DEZV2EA");

                  *************************

                  AdwCleaner[R0].txt - [16089 octets] - [20/10/2014 21:31:03]
                  AdwCleaner[S0].txt - [14668 octets] - [20/10/2014 21:33:31]

                  ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14729 octets] ##########
                    • Citaat

                    Comment

                    • #6
                      DDS (Ver_2012-11-20.01) - NTFS_AMD64
                      Internet Explorer: 11.0.9600.17344
                      Run by Malik at 21:39:51 on 2014-10-20
                      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3958.1545 [GMT 2:00]
                      .
                      AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
                      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                      SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
                      SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
                      FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
                      .
                      ============== Running Processes ===============
                      .
                      C:\Windows\system32\lsm.exe
                      C:\Windows\system32\svchost.exe -k DcomLaunch
                      C:\Windows\system32\svchost.exe -k RPCSS
                      C:\Windows\system32\atiesrxx.exe
                      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                      C:\Windows\system32\svchost.exe -k LocalService
                      C:\Windows\system32\svchost.exe -k netsvcs
                      C:\Windows\system32\svchost.exe -k NetworkService
                      C:\Windows\system32\atieclxx.exe
                      C:\Program Files\AVAST Software\Avast\AvastSvc.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Windows\System32\spoolsv.exe
                      C:\Windows\system32\taskhost.exe
                      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                      C:\Windows\system32\Dwm.exe
                      C:\Windows\Explorer.EXE
                      C:\Windows\system32\taskeng.exe
                      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                      C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
                      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                      c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
                      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
                      C:\Windows\system32\svchost.exe -k imgsvc
                      C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
                      C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
                      C:\Windows\system32\TODDSrv.exe
                      C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
                      C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
                      C:\Windows\system32\wbem\wmiprvse.exe
                      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
                      C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
                      C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
                      C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
                      C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
                      C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
                      C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
                      C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
                      C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
                      C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
                      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
                      C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
                      C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
                      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
                      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
                      C:\Program Files\AVAST Software\Avast\avastui.exe
                      C:\Windows\system32\wbem\unsecapp.exe
                      C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
                      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
                      C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
                      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
                      C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
                      C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
                      C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
                      C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
                      C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
                      C:\Windows\system32\sppsvc.exe
                      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                      C:\Windows\System32\svchost.exe -k secsvcs
                      C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
                      C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
                      C:\Program Files\Windows Media Player\wmpnetwk.exe
                      C:\Windows\system32\wbem\wmiprvse.exe
                      C:\Windows\servicing\TrustedInstaller.exe
                      C:\Windows\System32\cscript.exe
                      .
                      ============== Pseudo HJT Report ===============
                      .
                      uStart Page = www.google.com
                      uSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
                      uDefault_Page_URL = hxxp://www.google.com
                      mStart Page = www.google.com
                      mSearch Page = hxxp://www.google.com
                      mDefault_Page_URL = hxxp://www.google.com
                      mDefault_Search_URL = hxxp://www.google.com
                      uURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>
                      uURLSearchHooks: {2d8d9acc-f6d7-4362-8876-a275ca929591} - <orphaned>
                      dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
                      BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
                      BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
                      BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
                      BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
                      BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                      BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
                      BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
                      BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
                      uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
                      uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
                      uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
                      uRun: [OpenDNS Updater] "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
                      mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
                      mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
                      mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
                      mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                      mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
                      mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAC0AQQA3ADAAOQBXAC0AWAA3ADMAWgBGAC0AMgA2AFEAQwBSAC0AVwBYAFUAUABHAC0AQgBUADYASwA3AA"&"ins t=NwA2AC0AMwAwADIAOQA3ADMAMgA3ADYAMgAtAFAATAArADkALQBYAE8AMwA2ACsAMQAtAE4AMQBEACsAMQAtAEMASQBQACsAMg AtAEQARABUACsANgA0ADAANgAxAC0ARABEADkAMAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAEYAVQBJACsAMgAtAFAAOQAwAF QAQgArADIALQBDAEkARAA3ADcAQQBCACsANQAtAEMASQBEADcANwBUACsAMQAtAEMASQBEADcANwBUAFQAKwAxAA"&"prod=92"& "ver=9.0.894
                      dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
                      StartupFolder: C:\Users\Malik\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MEDIAC~1.LNK - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
                      StartupFolder: C:\Users\Malik\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
                      uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
                      mPolicies-Explorer: NoActiveDesktop = dword:1
                      mPolicies-Explorer: NoActiveDesktopChanges = dword:1
                      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                      mPolicies-System: ConsentPromptBehaviorUser = dword:3
                      mPolicies-System: EnableUIADesktopToggle = dword:0
                      IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
                      IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
                      IE: Free YouTube to MP3 Converter - C:\Users\Malik\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
                      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
                      IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
                      IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
                      .
                      INFO: HKCU has more than 50 listed domains.
                      If you wish to scan all of them, select the 'Force scan all domains' option.
                      .
                      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
                      DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
                      DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
                      DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
                      TCP: NameServer = 192.168.1.254 195.241.77.55 195.241.77.58
                      TCP: Interfaces\{5B8169E0-7377-4A07-A153-C428CA967154} : NameServer = 208.67.222.222,208.67.220.220
                      TCP: Interfaces\{5B8169E0-7377-4A07-A153-C428CA967154} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
                      TCP: Interfaces\{5B8169E0-7377-4A07-A153-C428CA967154}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1
                      TCP: Interfaces\{5B8169E0-7377-4A07-A153-C428CA967154}\451627B616E6 : DHCPNameServer = 172.19.3.1
                      TCP: Interfaces\{5B8169E0-7377-4A07-A153-C428CA967154}\A5967676F68323737393 : DHCPNameServer = 192.168.1.1
                      TCP: Interfaces\{5B8169E0-7377-4A07-A153-C428CA967154}\A597F507279667164756F5143343336534 : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
                      TCP: Interfaces\{5B8169E0-7377-4A07-A153-C428CA967154}\C42545 : DHCPNameServer = 10.7.8.1
                      Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
                      Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
                      Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
                      Notify: SDWinLogon - SDWinLogon.dll
                      SSODL: WebCheck - <orphaned>
                      SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
                      x64-mStart Page = www.google.com
                      x64-mSearch Page = hxxp://www.google.com
                      x64-mDefault_Page_URL = hxxp://www.google.com
                      x64-mDefault_Search_URL = hxxp://www.google.com
                      x64-BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
                      x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
                      x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
                      x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                      x64-BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
                      x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
                      x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
                      x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
                      x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
                      x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
                      x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
                      x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
                      x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
                      x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
                      x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
                      x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
                      x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
                      x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
                      x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
                      x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
                      x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
                      x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
                      x64-SSODL: WebCheck - <orphaned>
                      x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
                      .
                      ================= FIREFOX ===================
                      .
                      FF - ProfilePath - C:\Users\Malik\AppData\Roaming\Mozilla\Firefox\Profiles\5xc13rpi.default\
                      FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search
                      FF - prefs.js: keyword.URL - hxxps://www.google.com/search
                      FF - prefs.js: network.proxy.type - 4
                      FF - component: C:\Program Files (x86)\AVG\AVG9\Firefox\components\avgssff.dll
                      FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
                      FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
                      FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
                      FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
                      FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
                      FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
                      FF - plugin: C:\Users\Malik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
                      FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
                      FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
                      .
                      ============= SERVICES / DRIVERS ===============
                      .
                      R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-12-8 65776]
                      R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-12-8 224896]
                      R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-12-8 1041168]
                      R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-12-8 427360]
                      R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-5-18 202752]
                      R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-9 29208]
                      R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-12-8 79184]
                      R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-1 92008]
                      R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-7-23 50344]
                      R2 CDMA Device Service;CDMA Device Service;C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe [2011-9-14 159232]
                      R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
                      R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
                      R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-3-10 1103392]
                      R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-3-10 1369624]
                      R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-3-10 168384]
                      R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-11-16 5087584]
                      R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-5-11 124368]
                      R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-6-5 93040]
                      R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
                      R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-5-18 2320920]
                      R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;C:\Windows\System32\drivers\CHDMI64.sys [2010-3-5 720952]
                      R3 FwLnk;FwLnk Driver;C:\Windows\System32\drivers\FwLnk.sys [2010-4-6 9216]
                      R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-5-18 56344]
                      R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-10 158720]
                      R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-4-20 169584]
                      R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2010-4-6 35008]
                      R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\Windows\System32\drivers\rtl8192se.sys [2010-5-18 1111144]
                      R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
                      S2 avast! Firewall;avast! Firewall;"C:\Program Files\AVAST Software\Avast\afwServ.exe" --> C:\Program Files\AVAST Software\Avast\afwServ.exe [?]
                      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
                      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
                      S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2012-10-27 36328]
                      S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-10-27 102368]
                      S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-10-15 111616]
                      S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-15 122584]
                      S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
                      S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-4-6 232992]
                      S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2012-10-27 157672]
                      S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2012-10-27 16872]
                      S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2012-10-27 177640]
                      S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-10-27 203104]
                      S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-2-22 42184]
                      S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2012-7-15 30720]
                      S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-5-18 51512]
                      S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
                      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-5 59392]
                      S3 TunnelBearMaintenance;TunnelBear Maintenance;C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [2014-8-12 26048]
                      S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-7 1255736]
                      .
                      =============== Created Last 30 ================
                      .
                      2014-10-20 19:30:58 -------- d-----w- C:\AdwCleaner
                      2014-10-20 11:00:41 -------- d-----w- C:\Users\Malik\AppData\Local\{620A546C-5B0D-4578-8ADA-EC0B04B63A70}
                      2014-10-17 14:52:52 -------- d-----w- C:\Users\Malik\AppData\Roaming\MinecraftSavesBackup
                      2014-10-17 14:52:51 -------- d-----w- C:\Program Files (x86)\Minecraft
                      2014-10-17 14:49:32 220784 ----a-w- C:\Program Files (x86)\Mozilla Firefox\sandboxbroker.dll
                      2014-10-17 14:49:23 -------- d-----w- C:\Users\Malik\AppData\Roaming\mystartsearch
                      2014-10-17 14:46:13 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{616E58AF-CE91-4603-8D2F-CD087706E73E}\mpengine.dll
                      2014-10-17 14:41:34 -------- d-----w- C:\Users\Malik\AppData\Local\{BE02933E-6C57-4333-A2C5-55A8C45060D1}
                      2014-10-16 12:42:27 -------- d-----w- C:\Users\Malik\AppData\Local\{6768050F-FD54-4717-975A-6E8B98B200FD}
                      2014-10-15 15:51:59 143872 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
                      2014-10-15 15:50:24 3241472 ----a-w- C:\Windows\System32\msi.dll
                      2014-10-15 15:49:50 77312 ----a-w- C:\Windows\System32\packager.dll
                      2014-10-15 15:49:49 67072 ----a-w- C:\Windows\SysWow64\packager.dll
                      2014-10-15 15:37:43 -------- d-----w- C:\Users\Malik\AppData\Local\{E4D6A593-6B80-47A4-AA3E-CB84618660BE}
                      2014-10-13 05:34:54 -------- d-----w- C:\Users\Malik\AppData\Local\{E93F5D7F-2241-4F91-ACE3-7D601149C1EA}
                      2014-10-06 09:37:02 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
                      2014-10-06 09:37:02 371712 ----a-w- C:\Windows\System32\qdvd.dll
                      2014-10-06 09:29:36 -------- d-----w- C:\Users\Malik\AppData\Local\{48C165F1-8A5D-455E-ACCD-5A2693461723}
                      2014-09-26 09:44:36 -------- d-----w- C:\Users\Malik\AppData\Local\{1839D580-035A-4D60-A381-F7D52A400163}
                      2014-09-25 19:38:19 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
                      2014-09-25 19:38:19 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
                      2014-09-25 19:30:25 -------- d-----w- C:\Users\Malik\AppData\Local\IsolatedStorage
                      2014-09-25 19:30:25 -------- d-----w- C:\Users\Malik\AppData\Local\HockeyCrashes
                      2014-09-25 19:29:57 -------- d-----w- C:\ProgramData\Package Cache
                      2014-09-25 19:25:36 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
                      2014-09-25 19:25:35 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
                      2014-09-25 19:24:56 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
                      2014-09-25 19:24:55 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
                      2014-09-25 19:24:52 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
                      2014-09-25 19:24:52 2048 ----a-w- C:\Windows\System32\tzres.dll
                      2014-09-25 19:24:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
                      2014-09-25 19:24:17 728064 ----a-w- C:\Windows\System32\kerberos.dll
                      2014-09-25 19:24:17 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
                      2014-09-25 19:24:17 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
                      2014-09-25 19:24:17 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
                      2014-09-25 19:13:03 -------- d-----w- C:\Users\Malik\AppData\Local\{39D94E9C-FE53-4F2B-BCA8-5870F25A1C1C}
                      .
                      ==================== Find3M ====================
                      .
                      2014-10-20 18:29:02 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
                      2014-10-10 02:05:59 276480 ----a-w- C:\Windows\System32\generaltel.dll
                      2014-10-10 02:05:42 507392 ----a-w- C:\Windows\System32\aepdu.dll
                      2014-10-10 02:00:38 424448 ----a-w- C:\Windows\System32\aeinv.dll
                      2014-09-29 00:58:48 3198976 ----a-w- C:\Windows\System32\win32k.sys
                      2014-09-26 10:10:22 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                      2014-09-26 10:10:22 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                      2014-09-25 22:32:04 2017280 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                      2014-09-25 22:31:02 2108416 ----a-w- C:\Windows\System32\inetcpl.cpl
                      2014-09-19 01:56:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
                      2014-09-19 01:55:49 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
                      2014-09-19 01:40:43 66048 ----a-w- C:\Windows\System32\iesetup.dll
                      2014-09-19 01:40:03 547328 ----a-w- C:\Windows\System32\vbscript.dll
                      2014-09-19 01:39:58 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
                      2014-09-19 01:38:27 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
                      2014-09-19 01:36:57 5829632 ----a-w- C:\Windows\System32\jscript9.dll
                      2014-09-19 01:26:00 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
                      2014-09-19 01:25:49 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
                      2014-09-19 01:25:12 4201472 ----a-w- C:\Windows\SysWow64\jscript9.dll
                      2014-09-19 01:25:09 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
                      2014-09-19 01:18:02 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
                      2014-09-19 01:14:57 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                      2014-09-19 01:06:47 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
                      2014-09-19 01:02:07 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
                      2014-09-19 01:01:47 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
                      2014-09-19 01:01:03 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
                      2014-09-19 00:59:40 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
                      2014-09-19 00:50:16 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
                      2014-09-19 00:49:31 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
                      2014-09-19 00:40:12 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
                      2014-09-19 00:36:23 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
                      2014-09-19 00:33:18 2309632 ----a-w- C:\Windows\System32\wininet.dll
                      2014-09-19 00:18:55 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
                      2014-09-18 23:59:11 1810944 ----a-w- C:\Windows\SysWow64\wininet.dll
                      2014-09-18 01:32:52 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
                      2014-09-15 07:06:02 278152 ------w- C:\Windows\System32\MpSigStub.exe
                      2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
                      2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
                      2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
                      2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
                      2014-08-19 03:11:28 693176 ----a-w- C:\Windows\System32\winload.efi
                      2014-08-19 03:10:10 616352 ----a-w- C:\Windows\System32\winresume.efi
                      2014-08-19 03:08:04 503808 ----a-w- C:\Windows\System32\srcore.dll
                      2014-08-19 03:08:04 50176 ----a-w- C:\Windows\System32\srclient.dll
                      2014-08-19 03:08:03 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
                      2014-08-19 03:07:51 58880 ----a-w- C:\Windows\System32\appidapi.dll
                      2014-08-19 03:07:51 32256 ----a-w- C:\Windows\System32\appidsvc.dll
                      2014-08-19 03:07:33 296960 ----a-w- C:\Windows\System32\rstrui.exe
                      2014-08-19 03:07:11 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
                      2014-08-19 03:07:11 146944 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
                      2014-08-19 02:41:39 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
                      2014-08-19 02:41:22 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
                      2014-08-19 02:06:56 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
                      2014-07-25 00:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
                      2014-07-24 21:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
                      2014-07-22 23:14:34 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
                      2014-07-22 23:14:34 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys
                      2014-07-22 23:14:34 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
                      2014-07-22 23:14:34 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
                      2014-07-22 23:14:34 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
                      2014-07-22 23:14:34 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
                      2014-07-22 23:14:34 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
                      2014-07-22 23:14:30 43152 ----a-w- C:\Windows\avastSS.scr
                      .
                      ============= FINISH: 21:42:14,44 ===============
                        • Citaat

                        Comment

                        • #7
                          GMER 2.1.19357 - http://www.gmer.net
                          Rootkit scan 2014-10-20 22:26:12
                          Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB3O 298,09GB
                          Running: wq1hbq34.exe; Driver: C:\Users\Malik\AppData\Local\Temp\ugddykod.sys


                          ---- Kernel code sections - GMER 2.1 ----

                          INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002df7000 45 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
                          INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80002df702f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]
                          .text C:\Windows\System32\win32k.sys!EngSetLastError + 612 fffff96000135168 8 bytes [40, 22, 4E, 04, 80, F8, FF, ...]
                          .text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000164400 7 bytes [00, 99, F3, FF, 41, AC, F0]
                          .text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000164408 3 bytes [00, 07, 02]
                          .text ... * 106
                          .text C:\Windows\System32\win32k.sys!EngGetProcessHandle + 304 fffff9600022b230 6 bytes {JMP QWORD [RIP-0xbb852]}

                          ---- User code sections - GMER 2.1 ----

                          .text C:\Windows\system32\wininit.exe[588] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Windows\system32\winlogon.exe[660] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Windows\system32\services.exe[680] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Windows\system32\atiesrxx.exe[984] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Windows\System32\svchost.exe[364] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Windows\system32\svchost.exe[496] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1616] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe[1664] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[1736] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe[1772] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076e11401 2 bytes JMP 76acb21b C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076e11419 2 bytes JMP 76acb346 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076e11431 2 bytes JMP 76b48ea9 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076e1144a 2 bytes CALL 76aa48ad C:\Windows\syswow64\kernel32.dll
                          .text ... * 9
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076e114dd 2 bytes JMP 76b487a2 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076e114f5 2 bytes JMP 76b48978 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076e1150d 2 bytes JMP 76b48698 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076e11525 2 bytes JMP 76b48a62 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076e1153d 2 bytes JMP 76abfca8 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076e11555 2 bytes JMP 76ac68ef C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076e1156d 2 bytes JMP 76b48f61 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076e11585 2 bytes JMP 76b48ac2 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076e1159d 2 bytes JMP 76b4865c C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076e115b5 2 bytes JMP 76abfd41 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076e115cd 2 bytes JMP 76acb2dc C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076e116b2 2 bytes JMP 76b48e24 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1892] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076e116bd 2 bytes JMP 76b485f1 C:\Windows\syswow64\kernel32.dll
                          .text C:\Windows\Explorer.EXE[2384] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe[2520] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe[2560] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Windows\system32\TODDSrv.exe[2616] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe[2648] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe[2676] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[2836] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[2092] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3416] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe[3608] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe[3668] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e11401 2 bytes JMP 76acb21b C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e11419 2 bytes JMP 76acb346 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e11431 2 bytes JMP 76b48ea9 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e1144a 2 bytes CALL 76aa48ad C:\Windows\syswow64\kernel32.dll
                          .text ... * 9
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e114dd 2 bytes JMP 76b487a2 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e114f5 2 bytes JMP 76b48978 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e1150d 2 bytes JMP 76b48698 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e11525 2 bytes JMP 76b48a62 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e1153d 2 bytes JMP 76abfca8 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e11555 2 bytes JMP 76ac68ef C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e1156d 2 bytes JMP 76b48f61 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e11585 2 bytes JMP 76b48ac2 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e1159d 2 bytes JMP 76b4865c C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e115b5 2 bytes JMP 76abfd41 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e115cd 2 bytes JMP 76acb2dc C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e116b2 2 bytes JMP 76b48e24 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e116bd 2 bytes JMP 76b485f1 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dContextCreate + 4 00000000707c1825 2 bytes JMP 76546125 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dContextDestroy + 4 00000000707c1830 2 bytes JMP 76546145 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dContextDestroyAll + 4 00000000707c183b 2 bytes JMP 76546165 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dDrawPrimitives2 + 4 00000000707c1846 2 bytes JMP 76545a05 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkD3dValidateTextureStageState + 4 00000000707c1851 2 bytes JMP 76546185 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdAddAttachedSurface + 4 00000000707c185c 2 bytes JMP 76546265 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdAlphaBlt + 4 00000000707c1867 2 bytes JMP 76546285 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdAttachSurface + 4 00000000707c1872 2 bytes JMP 765462a5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdBeginMoCompFrame + 4 00000000707c187d 2 bytes JMP 765462c5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdBlt + 4 00000000707c1888 2 bytes JMP 76545a25 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCanCreateD3DBuffer + 4 00000000707c1893 2 bytes JMP 765462e5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCanCreateSurface + 4 00000000707c189e 2 bytes JMP 76545aa5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdColorControl + 4 00000000707c18a9 2 bytes JMP 76546305 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateD3DBuffer + 4 00000000707c18b4 2 bytes JMP 76546325 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateDirectDrawObject + 4 00000000707c18bf 2 bytes JMP 76511fcb C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateMoComp + 4 00000000707c18ca 2 bytes JMP 76546365 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateSurface + 4 00000000707c18d5 2 bytes JMP 76545ac5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateSurfaceEx + 4 00000000707c18e0 2 bytes JMP 76545b45 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdCreateSurfaceObject + 4 00000000707c18eb 2 bytes JMP 76545b65 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDeleteDirectDrawObject + 4 00000000707c18f6 2 bytes JMP 765468c5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDeleteSurfaceObject + 4 00000000707c1901 2 bytes JMP 76545a85 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDestroyD3DBuffer + 4 00000000707c190c 2 bytes JMP 765468e5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDestroyMoComp + 4 00000000707c1917 2 bytes JMP 76546925 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdDestroySurface + 4 00000000707c1922 2 bytes JMP 76545ae5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdEndMoCompFrame + 4 00000000707c192d 2 bytes JMP 76546945 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdFlip + 4 00000000707c1938 2 bytes JMP 76546965 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdFlipToGDISurface + 4 00000000707c1943 2 bytes JMP 76546985 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetAvailDriverMemory + 4 00000000707c194e 2 bytes JMP 765469a5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetBltStatus + 4 00000000707c1959 2 bytes JMP 765469c5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDC + 4 00000000707c1964 2 bytes JMP 765469e5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDriverInfo + 4 00000000707c196f 2 bytes JMP 76546a05 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDriverState + 4 00000000707c197a 2 bytes JMP 76546a25 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetDxHandle + 4 00000000707c1985 2 bytes JMP 76546a45 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetFlipStatus + 4 00000000707c1990 2 bytes JMP 76546a65 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetInternalMoCompInfo + 4 00000000707c199b 2 bytes JMP 76546a85 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetMoCompBuffInfo + 4 00000000707c19a6 2 bytes JMP 76546aa5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetMoCompFormats + 4 00000000707c19b1 2 bytes JMP 76546ac5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetMoCompGuids + 4 00000000707c19bc 2 bytes JMP 76546ae5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdGetScanLine + 4 00000000707c19c7 2 bytes JMP 76546b05 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdLock + 4 00000000707c19d2 2 bytes JMP 76546b25 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdLockD3D + 4 00000000707c19dd 2 bytes JMP 76545b85 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdQueryDirectDrawObject + 4 00000000707c19e8 2 bytes JMP 76546b65 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdQueryMoCompStatus + 4 00000000707c19f3 2 bytes JMP 76546b85 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdReenableDirectDrawObject + 4 00000000707c19fe 2 bytes JMP 76546bc3 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdReleaseDC + 4 00000000707c1a09 2 bytes JMP 76546be3 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdRenderMoComp + 4 00000000707c1a14 2 bytes JMP 76546c03 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdResetVisrgn + 4 00000000707c1a1f 2 bytes JMP 76545b05 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetColorKey + 4 00000000707c1a2a 2 bytes JMP 76546c23 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetExclusiveMode + 4 00000000707c1a35 2 bytes JMP 76546c43 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetGammaRamp + 4 00000000707c1a40 2 bytes JMP 76546c63 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdSetOverlayPosition + 4 00000000707c1a4b 2 bytes JMP 76546c83 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUnattachSurface + 4 00000000707c1a56 2 bytes JMP 76546ca3 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUnlock + 4 00000000707c1a61 2 bytes JMP 76546cc3 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUnlockD3D + 4 00000000707c1a6c 2 bytes JMP 76545ba5 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdUpdateOverlay + 4 00000000707c1a77 2 bytes JMP 76546ce3 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 4 00000000707c1a82 2 bytes JMP 76546d03 C:\Windows\syswow64\GDI32.dll
                          .text C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe[3764] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 52 00000000707c1ab2 2 bytes JMP 7603dc75 C:\Windows\syswow64\msvcrt.dll
                          .text C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe[3804] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe[3880] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe[3912] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[4024] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                          .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e11401 2 bytes JMP 76acb21b C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e11419 2 bytes JMP 76acb346 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e11431 2 bytes JMP 76b48ea9 C:\Windows\syswow64\kernel32.dll
                          .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e1144a 2 bytes CALL 76aa48ad C:\Windows\syswow64\kernel32.dll
                          .text ... * 9
                            • Citaat

                            Comment

                            • #8
                              C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e114dd 2 bytes JMP 76b487a2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e114f5 2 bytes JMP 76b48978 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e1150d 2 bytes JMP 76b48698 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e11525 2 bytes JMP 76b48a62 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e1153d 2 bytes JMP 76abfca8 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e11555 2 bytes JMP 76ac68ef C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e1156d 2 bytes JMP 76b48f61 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e11585 2 bytes JMP 76b48ac2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e1159d 2 bytes JMP 76b4865c C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e115b5 2 bytes JMP 76abfd41 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e115cd 2 bytes JMP 76acb2dc C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e116b2 2 bytes JMP 76b48e24 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3308] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e116bd 2 bytes JMP 76b485f1 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[3604] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076e11401 2 bytes JMP 76acb21b C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076e11419 2 bytes JMP 76acb346 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076e11431 2 bytes JMP 76b48ea9 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000076e1144a 2 bytes CALL 76aa48ad C:\Windows\syswow64\kernel32.dll
                              .text ... * 9
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000076e114dd 2 bytes JMP 76b487a2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000076e114f5 2 bytes JMP 76b48978 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000076e1150d 2 bytes JMP 76b48698 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076e11525 2 bytes JMP 76b48a62 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000076e1153d 2 bytes JMP 76abfca8 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076e11555 2 bytes JMP 76ac68ef C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000076e1156d 2 bytes JMP 76b48f61 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076e11585 2 bytes JMP 76b48ac2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000076e1159d 2 bytes JMP 76b4865c C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000076e115b5 2 bytes JMP 76abfd41 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000076e115cd 2 bytes JMP 76acb2dc C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000076e116b2 2 bytes JMP 76b48e24 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3752] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000076e116bd 2 bytes JMP 76b485f1 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e11401 2 bytes JMP 76acb21b C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e11419 2 bytes JMP 76acb346 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e11431 2 bytes JMP 76b48ea9 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e1144a 2 bytes CALL 76aa48ad C:\Windows\syswow64\kernel32.dll
                              .text ... * 9
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e114dd 2 bytes JMP 76b487a2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e114f5 2 bytes JMP 76b48978 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e1150d 2 bytes JMP 76b48698 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e11525 2 bytes JMP 76b48a62 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e1153d 2 bytes JMP 76abfca8 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e11555 2 bytes JMP 76ac68ef C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e1156d 2 bytes JMP 76b48f61 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e11585 2 bytes JMP 76b48ac2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e1159d 2 bytes JMP 76b4865c C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e115b5 2 bytes JMP 76abfd41 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e115cd 2 bytes JMP 76acb2dc C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e116b2 2 bytes JMP 76b48e24 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3296] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e116bd 2 bytes JMP 76b485f1 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000076aa8791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e11401 2 bytes JMP 76acb21b C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e11419 2 bytes JMP 76acb346 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e11431 2 bytes JMP 76b48ea9 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e1144a 2 bytes CALL 76aa48ad C:\Windows\syswow64\kernel32.dll
                              .text ... * 9
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e114dd 2 bytes JMP 76b487a2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e114f5 2 bytes JMP 76b48978 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e1150d 2 bytes JMP 76b48698 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e11525 2 bytes JMP 76b48a62 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e1153d 2 bytes JMP 76abfca8 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e11555 2 bytes JMP 76ac68ef C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e1156d 2 bytes JMP 76b48f61 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e11585 2 bytes JMP 76b48ac2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e1159d 2 bytes JMP 76b4865c C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e115b5 2 bytes JMP 76abfd41 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e115cd 2 bytes JMP 76acb2dc C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e116b2 2 bytes JMP 76b48e24 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\AVAST Software\Avast\avastui.exe[3628] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e116bd 2 bytes JMP 76b485f1 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e11401 2 bytes JMP 76acb21b C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e11419 2 bytes JMP 76acb346 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e11431 2 bytes JMP 76b48ea9 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e1144a 2 bytes CALL 76aa48ad C:\Windows\syswow64\kernel32.dll
                              .text ... * 9
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e114dd 2 bytes JMP 76b487a2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e114f5 2 bytes JMP 76b48978 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e1150d 2 bytes JMP 76b48698 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e11525 2 bytes JMP 76b48a62 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e1153d 2 bytes JMP 76abfca8 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e11555 2 bytes JMP 76ac68ef C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e1156d 2 bytes JMP 76b48f61 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e11585 2 bytes JMP 76b48ac2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e1159d 2 bytes JMP 76b4865c C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e115b5 2 bytes JMP 76abfd41 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e115cd 2 bytes JMP 76acb2dc C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e116b2 2 bytes JMP 76b48e24 C:\Windows\syswow64\kernel32.dll
                              .text C:\Users\Malik\Desktop\Defogger.exe[1012] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e116bd 2 bytes JMP 76b485f1 C:\Windows\syswow64\kernel32.dll
                              .text C:\Windows\system32\conhost.exe[4252] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                              .text C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe[4440] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                              .text C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe[4192] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076e11401 2 bytes JMP 76acb21b C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076e11419 2 bytes JMP 76acb346 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076e11431 2 bytes JMP 76b48ea9 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000076e1144a 2 bytes CALL 76aa48ad C:\Windows\syswow64\kernel32.dll
                              .text ... * 9
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000076e114dd 2 bytes JMP 76b487a2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000076e114f5 2 bytes JMP 76b48978 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000076e1150d 2 bytes JMP 76b48698 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076e11525 2 bytes JMP 76b48a62 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000076e1153d 2 bytes JMP 76abfca8 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076e11555 2 bytes JMP 76ac68ef C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000076e1156d 2 bytes JMP 76b48f61 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076e11585 2 bytes JMP 76b48ac2 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000076e1159d 2 bytes JMP 76b4865c C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000076e115b5 2 bytes JMP 76abfd41 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000076e115cd 2 bytes JMP 76acb2dc C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000076e116b2 2 bytes JMP 76b48e24 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4036] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000076e116bd 2 bytes JMP 76b485f1 C:\Windows\syswow64\kernel32.dll
                              .text C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe[4144] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                              .text C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe[3144] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 0000000076f7ef8d 1 byte [62]
                              .text C:\Users\Malik\Downloads\wq1hbq34.exe[3200] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076aca2fd 1 byte [62]

                              ---- EOF - GMER 2.1 ----
                                • Citaat

                                Comment

                                • #9
                                  Hoi Lucindra,


                                  Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
                                  .
                                  • Log enkel in als beheerder met alle rechten.
                                  • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
                                  • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
                                  • Volg aandachtig de instructies die door mij worden gegeven.
                                  • Volg enkel het door mij gegeven advies op
                                  • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
                                  • Als je iets niet weet of verstaat, vraag het dan even aub.
                                  • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
                                  • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
                                  • Zet je emoticons (Smileys) uit als je logs plaatst aub . ( INFO )
                                  • De logs niet als bijlage, noch tussen codetags zetten aub.

                                  .
                                  Opmerking: Alle tools steeds uitvoeren als admin.
                                  De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

                                  Heb je deze richtlijnen gelezen en begrepen, mag je verder gaan.....


                                  Download of Update Ccleaner

                                  Start CCleaner op.
                                  • Run Ccleaner en klik in de linkse kolom op Opties
                                  • Selecteer het tabblad Geavanceerd
                                  • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                                  • Selecteer het tabblad Instellingen
                                  • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                                  • Klik in de linkse kolom op Cleaner.
                                  • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                                  • Klik vervolgens in de linkse kolom op Register
                                  • Klik op Scan naar problemen.
                                  • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                                  • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                                  .

                                  Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het installeren en gebruik van E-Peek.
                                  Dit omdat deze scanners bepaalde componenten die E-Peek gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.
                                  Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

                                  Download E-PeekSetup.exe naar je bureaublad.
                                  Dubbelklik erop en volg de instructies.
                                  Op het einde van de installatie, zal E-Peek opstarten.
                                  Klik OK op het eerste scherm en vervolgens "Scan".
                                  Post de log.
                                  Malware Research Engineer@Malwarebytes (MBAM) ..... ASAP & Unite Member
                                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek
                                    • Citaat

                                    Comment

                                    • #10
                                      E-Peek v 1.0.5.4 © Emphyrio/Onsia Patrick 2013-2014
                                      Downloaded @ E Dev
                                      Run at di 21 okt 2014 21:00
                                      .
                                      Windows 7 Home Premium SP 1 (64 bits)
                                      C:\Windows [NTFS - Fixed]
                                      Default Browser: Firefox 33.0 (x86 nl)
                                      Boot mode: Normal boot
                                      User logged in: Malik
                                      .
                                      Java x86: n/a
                                      Java x64: n/a
                                      .
                                      AV : avast! Antivirus [Updated - Not Running]
                                      AS : Windows Defender [Updated - Running]
                                      AS : Spybot - Search and Destroy [Updated - Running]
                                      AS : avast! Antivirus [Updated - Not Running]
                                      FW : FW : avast! Antivirus [Updated - Not Running]

                                      .
                                      ==================== Files and Folders history =================================

                                      Folders Created Last 7 days :

                                      21-10-2014 ##### r-h-s-d+a- C:\Users\Malik\AppData\Local\{37FCF9C8-507A-41E2-88BB-CB2BA6C6CD7E}
                                      21-10-2014 ##### r-h-s-d+a- C:\Program Files\CCleaner
                                      21-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev
                                      20-10-2014 ##### r-h-s-d+a- C:\Users\Malik\AppData\Local\{620A546C-5B0D-4578-8ADA-EC0B04B63A70}
                                      20-10-2014 ##### r-h-s-d+a- C:\AdwCleaner
                                      17-10-2014 ##### r-h-s-d+a- C:\Users\Malik\AppData\Roaming\mystartsearch
                                      17-10-2014 ##### r-h-s-d+a- C:\Users\Malik\AppData\Roaming\MinecraftSavesBackup
                                      17-10-2014 ##### r-h-s-d+a- C:\Users\Malik\AppData\Local\{BE02933E-6C57-4333-A2C5-55A8C45060D1}
                                      17-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Minecraft
                                      16-10-2014 ##### r-h-s-d+a- C:\Users\Malik\AppData\Local\{6768050F-FD54-4717-975A-6E8B98B200FD}
                                      15-10-2014 ##### r-h-s-d+a- C:\Users\Malik\AppData\Local\{E4D6A593-6B80-47A4-AA3E-CB84618660BE}

                                      Files Modified Last 7 days :

                                      21-10-2014 00019248 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
                                      21-10-2014 00019248 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
                                      21-10-2014 00000018 r-h-s-d-a+ C:\Windows\SysWOW64\log.txt
                                      16-10-2014 01670960 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI
                                      16-10-2014 00746014 r-h-s-d-a+ C:\Windows\system32\perfh013.dat
                                      16-10-2014 00654480 r-h-s-d-a+ C:\Windows\system32\perfh009.dat
                                      16-10-2014 00448848 r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT
                                      16-10-2014 00153934 r-h-s-d-a+ C:\Windows\system32\perfc013.dat
                                      16-10-2014 00122352 r-h-s-d-a+ C:\Windows\system32\perfc009.dat
                                      15-10-2014 103265616 r-h-s-d-a+ C:\Windows\system32\MRT.exe

                                      Files Created Last 7 days :

                                      20-10-2014 01158786 r-h+s-d-a+ C:\Users\Malik\AppData\Local\IconCache.db
                                      20-10-2014 00000000 r-h-s-d-a+ C:\Users\Malik\defogger_reenable
                                      15-10-2014 23631360 r-h-s-d-a+ C:\Windows\system32\mshtml.dll
                                      15-10-2014 17484800 r-h-s-d-a+ C:\Windows\SysWOW64\mshtml.dll
                                      15-10-2014 14632960 r-h-s-d-a+ C:\Windows\system32\wmp.dll
                                      15-10-2014 13619200 r-h-s-d-a+ C:\Windows\system32\ieframe.dll
                                      15-10-2014 12625920 r-h-s-d-a+ C:\Windows\system32\wmploc.DLL
                                      15-10-2014 12625408 r-h-s-d-a+ C:\Windows\SysWOW64\wmploc.DLL
                                      15-10-2014 11807232 r-h-s-d-a+ C:\Windows\SysWOW64\ieframe.dll
                                      15-10-2014 11411456 r-h-s-d-a+ C:\Windows\SysWOW64\wmp.dll
                                      15-10-2014 05829632 r-h-s-d-a+ C:\Windows\system32\jscript9.dll
                                      15-10-2014 05551032 r-h-s-d-a+ C:\Windows\system32\ntoskrnl.exe
                                      15-10-2014 04201472 r-h-s-d-a+ C:\Windows\SysWOW64\jscript9.dll
                                      15-10-2014 04120576 r-h-s-d-a+ C:\Windows\system32\mf.dll
                                      15-10-2014 03970488 r-h-s-d-a+ C:\Windows\SysWOW64\ntkrnlpa.exe
                                      15-10-2014 03914680 r-h-s-d-a+ C:\Windows\SysWOW64\ntoskrnl.exe
                                      15-10-2014 03722240 r-h-s-d-a+ C:\Windows\system32\mstscax.dll
                                      15-10-2014 03241472 r-h-s-d-a+ C:\Windows\system32\msi.dll
                                      15-10-2014 03221504 r-h-s-d-a+ C:\Windows\SysWOW64\mstscax.dll
                                      15-10-2014 03208704 r-h-s-d-a+ C:\Windows\SysWOW64\mf.dll
                                      15-10-2014 03198976 r-h-s-d-a+ C:\Windows\system32\win32k.sys
                                      15-10-2014 02796032 r-h-s-d-a+ C:\Windows\system32\iertutil.dll
                                      15-10-2014 02724864 r-h-s-d-a+ C:\Windows\SysWOW64\mshtml.tlb
                                      15-10-2014 02724864 r-h-s-d-a+ C:\Windows\system32\mshtml.tlb
                                      15-10-2014 02363904 r-h-s-d-a+ C:\Windows\SysWOW64\msi.dll
                                      15-10-2014 02309632 r-h-s-d-a+ C:\Windows\system32\wininet.dll
                                      15-10-2014 02187264 r-h-s-d-a+ C:\Windows\SysWOW64\iertutil.dll
                                      15-10-2014 02108416 r-h-s-d-a+ C:\Windows\system32\inetcpl.cpl
                                      15-10-2014 02017280 r-h-s-d-a+ C:\Windows\SysWOW64\inetcpl.cpl
                                      15-10-2014 01943696 r-h-s-d-a+ C:\Windows\system32\dfshim.dll
                                      15-10-2014 01810944 r-h-s-d-a+ C:\Windows\SysWOW64\wininet.dll
                                      15-10-2014 01574400 r-h-s-d-a+ C:\Windows\system32\quartz.dll
                                      15-10-2014 01480192 r-h-s-d-a+ C:\Windows\system32\crypt32.dll
                                      15-10-2014 01447936 r-h-s-d-a+ C:\Windows\system32\urlmon.dll
                                      15-10-2014 01329664 r-h-s-d-a+ C:\Windows\SysWOW64\quartz.dll
                                      15-10-2014 01249280 r-h-s-d-a+ C:\Windows\system32\mshtmlmedia.dll
                                      15-10-2014 01202176 r-h-s-d-a+ C:\Windows\system32\drmv2clt.dll
                                      15-10-2014 01190400 r-h-s-d-a+ C:\Windows\SysWOW64\urlmon.dll
                                      15-10-2014 01174528 r-h-s-d-a+ C:\Windows\SysWOW64\crypt32.dll
                                      15-10-2014 01131664 r-h-s-d-a+ C:\Windows\SysWOW64\dfshim.dll
                                      15-10-2014 01118720 r-h-s-d-a+ C:\Windows\system32\mstsc.exe
                                      15-10-2014 01069056 r-h-s-d-a+ C:\Windows\system32\cryptui.dll
                                      15-10-2014 01068032 r-h-s-d-a+ C:\Windows\SysWOW64\mshtmlmedia.dll
                                      15-10-2014 01051136 r-h-s-d-a+ C:\Windows\SysWOW64\mstsc.exe
                                      15-10-2014 01005056 r-h-s-d-a+ C:\Windows\SysWOW64\cryptui.dll
                                      15-10-2014 00988160 r-h-s-d-a+ C:\Windows\SysWOW64\drmv2clt.dll
                                      15-10-2014 00940032 r-h-s-d-a+ C:\Windows\system32\MsSpellCheckingFacility.exe
                                      15-10-2014 00842240 r-h-s-d-a+ C:\Windows\system32\blackbox.dll
                                      15-10-2014 00782848 r-h-s-d-a+ C:\Windows\system32\wmdrmsdk.dll
                                      15-10-2014 00775168 r-h-s-d-a+ C:\Windows\system32\ieapfltr.dll
                                      15-10-2014 00758272 r-h-s-d-a+ C:\Windows\system32\jscript9diag.dll
                                      15-10-2014 00744960 r-h-s-d-a+ C:\Windows\SysWOW64\blackbox.dll
                                      15-10-2014 00731136 r-h-s-d-a+ C:\Windows\system32\msfeeds.dll
                                      15-10-2014 00710656 r-h-s-d-a+ C:\Windows\system32\ie4uinit.exe
                                      15-10-2014 00693176 r-h-s-d-a+ C:\Windows\system32\winload.efi
                                      15-10-2014 00681984 r-h-s-d-a+ C:\Windows\system32\termsrv.dll
                                      15-10-2014 00679424 r-h-s-d-a+ C:\Windows\system32\audiosrv.dll
                                      15-10-2014 00678400 r-h-s-d-a+ C:\Windows\SysWOW64\ieapfltr.dll
                                      15-10-2014 00641024 r-h-s-d-a+ C:\Windows\system32\msscp.dll
                                      15-10-2014 00631808 r-h-s-d-a+ C:\Windows\system32\evr.dll
                                      15-10-2014 00619056 r-h-s-d-a+ C:\Windows\system32\winload.exe
                                      15-10-2014 00617984 r-h-s-d-a+ C:\Windows\SysWOW64\wmdrmsdk.dll
                                      15-10-2014 00616352 r-h-s-d-a+ C:\Windows\system32\winresume.efi
                                      15-10-2014 00607744 r-h-s-d-a+ C:\Windows\SysWOW64\msfeeds.dll
                                      15-10-2014 00597504 r-h-s-d-a+ C:\Windows\SysWOW64\jscript9diag.dll
                                      15-10-2014 00595968 r-h-s-d-a+ C:\Windows\system32\ieui.dll
                                      15-10-2014 00547328 r-h-s-d-a+ C:\Windows\system32\vbscript.dll
                                      15-10-2014 00532176 r-h-s-d-a+ C:\Windows\system32\winresume.exe
                                      15-10-2014 00507392 r-h-s-d-a+ C:\Windows\system32\aepdu.dll
                                      15-10-2014 00504320 r-h-s-d-a+ C:\Windows\SysWOW64\msscp.dll
                                      15-10-2014 00503808 r-h-s-d-a+ C:\Windows\system32\srcore.dll
                                      15-10-2014 00500224 r-h-s-d-a+ C:\Windows\system32\AUDIOKSE.dll
                                      15-10-2014 00497664 r-h-s-d-a+ C:\Windows\system32\drmmgrtn.dll
                                      15-10-2014 00489984 r-h-s-d-a+ C:\Windows\SysWOW64\evr.dll
                                      15-10-2014 00457400 r-h-s-d-a+ C:\Windows\system32\ci.dll
                                      15-10-2014 00455168 r-h-s-d-a+ C:\Windows\system32\winlogon.exe
                                      15-10-2014 00454656 r-h-s-d-a+ C:\Windows\SysWOW64\vbscript.dll
                                      15-10-2014 00446464 r-h-s-d-a+ C:\Windows\system32\dxtmsft.dll
                                      15-10-2014 00442880 r-h-s-d-a+ C:\Windows\SysWOW64\AUDIOKSE.dll
                                      15-10-2014 00440832 r-h-s-d-a+ C:\Windows\system32\AudioEng.dll
                                      15-10-2014 00440320 r-h-s-d-a+ C:\Windows\SysWOW64\ieui.dll
                                      15-10-2014 00432128 r-h-s-d-a+ C:\Windows\system32\mfplat.dll
                                      15-10-2014 00424448 r-h-s-d-a+ C:\Windows\system32\rastls.dll
                                      15-10-2014 00424448 r-h-s-d-a+ C:\Windows\system32\aeinv.dll
                                      15-10-2014 00419992 r-h-s-d-a+ C:\Windows\SysWOW64\locale.nls
                                      15-10-2014 00419992 r-h-s-d-a+ C:\Windows\system32\locale.nls
                                      15-10-2014 00406016 r-h-s-d-a+ C:\Windows\SysWOW64\drmmgrtn.dll
                                      15-10-2014 00378552 r-h-s-d-a+ C:\Windows\system32\iedkcs32.dll
                                      15-10-2014 00374784 r-h-s-d-a+ C:\Windows\SysWOW64\AudioEng.dll
                                      15-10-2014 00372736 r-h-s-d-a+ C:\Windows\SysWOW64\rastls.dll
                                      15-10-2014 00365056 r-h-s-d-a+ C:\Windows\SysWOW64\dxtmsft.dll
                                      15-10-2014 00354816 r-h-s-d-a+ C:\Windows\SysWOW64\mfplat.dll
                                      15-10-2014 00331448 r-h-s-d-a+ C:\Windows\SysWOW64\iedkcs32.dll
                                      15-10-2014 00325632 r-h-s-d-a+ C:\Windows\system32\msnetobj.dll
                                      15-10-2014 00296960 r-h-s-d-a+ C:\Windows\system32\rstrui.exe
                                      15-10-2014 00296448 r-h-s-d-a+ C:\Windows\system32\AudioSes.dll
                                      15-10-2014 00289280 r-h-s-d-a+ C:\Windows\system32\dxtrans.dll
                                      15-10-2014 00284672 r-h-s-d-a+ C:\Windows\system32\EncDump.dll
                                      15-10-2014 00276480 r-h-s-d-a+ C:\Windows\system32\generaltel.dll
                                      15-10-2014 00265216 r-h-s-d-a+ C:\Windows\SysWOW64\msnetobj.dll
                                      15-10-2014 00243200 r-h-s-d-a+ C:\Windows\SysWOW64\dxtrans.dll
                                      15-10-2014 00235520 r-h-s-d-a+ C:\Windows\system32\winsta.dll
                                      15-10-2014 00229376 r-h-s-d-a+ C:\Windows\system32\wintrust.dll
                                      15-10-2014 00206848 r-h-s-d-a+ C:\Windows\system32\mfps.dll
                                      15-10-2014 00195584 r-h-s-d-a+ C:\Windows\SysWOW64\AudioSes.dll
                                      15-10-2014 00195584 r-h-s-d-a+ C:\Windows\system32\msrating.dll
                                      15-10-2014 00188416 r-h-s-d-a+ C:\Windows\system32\pcasvc.dll
                                      15-10-2014 00187904 r-h-s-d-a+ C:\Windows\system32\cryptsvc.dll
                                      15-10-2014 00179200 r-h-s-d-a+ C:\Windows\SysWOW64\wintrust.dll
                                      15-10-2014 00164864 r-h-s-d-a+ C:\Windows\SysWOW64\msrating.dll
                                      15-10-2014 00157696 r-h-s-d-a+ C:\Windows\SysWOW64\winsta.dll
                                      15-10-2014 00156824 r-h-s-d-a+ C:\Windows\SysWOW64\mscorier.dll
                                      15-10-2014 00156312 r-h-s-d-a+ C:\Windows\system32\mscorier.dll
                                      15-10-2014 00150528 r-h-s-d-a+ C:\Windows\system32\rdpcorekmts.dll
                                      15-10-2014 00146944 r-h-s-d-a+ C:\Windows\system32\appidpolicyconverter.exe
                                      15-10-2014 00143872 r-h-s-d-a+ C:\Windows\SysWOW64\cryptsvc.dll
                                      15-10-2014 00139264 r-h-s-d-a+ C:\Windows\system32\ieUnatt.exe
                                      15-10-2014 00131584 r-h-s-d-a+ C:\Windows\SysWOW64\aaclient.dll
                                      15-10-2014 00126464 r-h-s-d-a+ C:\Windows\system32\audiodg.exe
                                      15-10-2014 00112128 r-h-s-d-a+ C:\Windows\SysWOW64\ieUnatt.exe
                                      15-10-2014 00111616 r-h-s-d-a+ C:\Windows\system32\ieetwcollector.exe
                                      15-10-2014 00103424 r-h-s-d-a+ C:\Windows\SysWOW64\mfps.dll
                                      15-10-2014 00086528 r-h-s-d-a+ C:\Windows\system32\TSpkg.dll
                                      15-10-2014 00085504 r-h-s-d-a+ C:\Windows\system32\mshtmled.dll
                                      15-10-2014 00083968 r-h-s-d-a+ C:\Windows\system32\MshtmlDac.dll
                                      15-10-2014 00082432 r-h-s-d-a+ C:\Windows\system32\cryptsp.dll
                                      15-10-2014 00081560 r-h-s-d-a+ C:\Windows\SysWOW64\mscories.dll
                                      15-10-2014 00081408 r-h-s-d-a+ C:\Windows\SysWOW64\cryptsp.dll
                                      15-10-2014 00077312 r-h-s-d-a+ C:\Windows\system32\packager.dll
                                      15-10-2014 00073880 r-h-s-d-a+ C:\Windows\system32\mscories.dll
                                      15-10-2014 00072704 r-h-s-d-a+ C:\Windows\system32\JavaScriptCollectionAgent.dll
                                      15-10-2014 00069632 r-h-s-d-a+ C:\Windows\SysWOW64\mshtmled.dll
                                      15-10-2014 00067072 r-h-s-d-a+ C:\Windows\SysWOW64\packager.dll
                                      15-10-2014 00066048 r-h-s-d-a+ C:\Windows\system32\iesetup.dll
                                      15-10-2014 00065536 r-h-s-d-a+ C:\Windows\SysWOW64\TSpkg.dll
                                      15-10-2014 00063488 r-h-s-d-a+ C:\Windows\system32\setbcdlocale.dll
                                      15-10-2014 00061952 r-h-s-d-a+ C:\Windows\SysWOW64\MshtmlDac.dll
                                      15-10-2014 00061952 r-h-s-d-a+ C:\Windows\SysWOW64\iesetup.dll
                                      15-10-2014 00060416 r-h-s-d-a+ C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
                                      15-10-2014 00058880 r-h-s-d-a+ C:\Windows\system32\appidapi.dll
                                      15-10-2014 00055808 r-h-s-d-a+ C:\Windows\system32\rrinstaller.exe
                                      15-10-2014 00051200 r-h-s-d-a+ C:\Windows\SysWOW64\ieetwproxystub.dll
                                      15-10-2014 00051200 r-h-s-d-a+ C:\Windows\system32\jsproxy.dll
                                      15-10-2014 00050688 r-h-s-d-a+ C:\Windows\SysWOW64\appidapi.dll
                                      15-10-2014 00050176 r-h-s-d-a+ C:\Windows\SysWOW64\rrinstaller.exe
                                      15-10-2014 00050176 r-h-s-d-a+ C:\Windows\system32\srclient.dll
                                      15-10-2014 00048640 r-h-s-d-a+ C:\Windows\system32\ieetwproxystub.dll
                                      15-10-2014 00043008 r-h-s-d-a+ C:\Windows\SysWOW64\srclient.dll
                                      15-10-2014 00043008 r-h-s-d-a+ C:\Windows\SysWOW64\jsproxy.dll
                                      15-10-2014 00033792 r-h-s-d-a+ C:\Windows\system32\iernonce.dll
                                      15-10-2014 00032768 r-h-s-d-a+ C:\Windows\SysWOW64\iernonce.dll
                                      15-10-2014 00032256 r-h-s-d-a+ C:\Windows\system32\appidsvc.dll
                                      15-10-2014 00024576 r-h-s-d-a+ C:\Windows\system32\mfpmp.exe
                                      15-10-2014 00023040 r-h-s-d-a+ C:\Windows\SysWOW64\mfpmp.exe
                                      15-10-2014 00022016 r-h-s-d-a+ C:\Windows\system32\credssp.dll
                                      15-10-2014 00017920 r-h-s-d-a+ C:\Windows\system32\appidcertstorecheck.exe
                                      15-10-2014 00017408 r-h-s-d-a+ C:\Windows\SysWOW64\credssp.dll
                                      15-10-2014 00009728 r-h-s-d-a+ C:\Windows\system32\spwmp.dll
                                      15-10-2014 00008192 r-h-s-d-a+ C:\Windows\SysWOW64\spwmp.dll
                                      15-10-2014 00007168 r-h-s-d-a+ C:\Windows\SysWOW64\KBDYAK.DLL
                                      15-10-2014 00007168 r-h-s-d-a+ C:\Windows\SysWOW64\KBDTAT.DLL
                                      15-10-2014 00007168 r-h-s-d-a+ C:\Windows\system32\KBDYAK.DLL
                                      15-10-2014 00007168 r-h-s-d-a+ C:\Windows\system32\KBDTAT.DLL
                                      15-10-2014 00007168 r-h-s-d-a+ C:\Windows\system32\KBDRU1.DLL
                                      15-10-2014 00007168 r-h-s-d-a+ C:\Windows\system32\KBDBASH.DLL
                                      15-10-2014 00006656 r-h-s-d-a+ C:\Windows\SysWOW64\KBDRU1.DLL
                                      15-10-2014 00006656 r-h-s-d-a+ C:\Windows\SysWOW64\KBDRU.DLL
                                      15-10-2014 00006656 r-h-s-d-a+ C:\Windows\SysWOW64\KBDBASH.DLL
                                      15-10-2014 00006656 r-h-s-d-a+ C:\Windows\system32\KBDRU.DLL
                                      15-10-2014 00005120 r-h-s-d-a+ C:\Windows\system32\msdxm.ocx
                                      15-10-2014 00005120 r-h-s-d-a+ C:\Windows\system32\dxmasf.dll
                                      15-10-2014 00004096 r-h-s-d-a+ C:\Windows\SysWOW64\msdxm.ocx
                                      15-10-2014 00004096 r-h-s-d-a+ C:\Windows\SysWOW64\dxmasf.dll
                                      15-10-2014 00004096 r-h-s-d-a+ C:\Windows\system32\ieetwcollectorres.dll
                                      15-10-2014 00002048 r-h-s-d-a+ C:\Windows\SysWOW64\mferror.dll
                                      15-10-2014 00002048 r-h-s-d-a+ C:\Windows\system32\mferror.dll

                                      ==================== RUNNING PROCESSES =========================================

                                      [AdobeARM] -Malik- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - (Adobe Systems Incorporated)
                                      [armsvc] -SYSTEM- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated)
                                      [atieclxx] -SYSTEM- C:\Windows\system32\atieclxx.exe - (AMD)
                                      [atiesrxx] -SYSTEM- C:\Windows\system32\atiesrxx.exe - (AMD)
                                      [AvastSvc] -SYSTEM- C:\Program Files\AVAST Software\Avast\AvastSvc.exe - (AVAST Software)
                                      [avastui] -Malik- C:\Program Files\AVAST Software\Avast\avastui.exe - (AVAST Software)
                                      [cAudioFilterAgent64] -Malik- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe - (Conexant Systems, Inc.)
                                      [CCC] -Malik- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - (ATI Technologies Inc.)
                                      [CCleaner64] -Malik- C:\Program Files\CCleaner\CCleaner64.exe - (Piriform Ltd)
                                      [CFIWmxSvcs64] -SYSTEM- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe - (TOSHIBA CORPORATION)
                                      [CFSvcs] -SYSTEM- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe - (TOSHIBA CORPORATION)
                                      [CFSwMgr] -Malik- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe - (TOSHIBA CORPORATION)
                                      [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation)
                                      [csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation)
                                      [dwm] -Malik- C:\Windows\system32\Dwm.exe - (Microsoft Corporation)
                                      [E-Peek 1.0.5] -Malik- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev)
                                      [explorer] -Malik- C:\Windows\Explorer.EXE - (Microsoft Corporation)
                                      [KiesTrayAgent] -Malik- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe - (Samsung Electronics Co., Ltd.)
                                      [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation)
                                      [lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation)
                                      [lsm] -SYSTEM- C:\Windows\system32\lsm.exe - (Microsoft Corporation)
                                      [MOM] -Malik- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - (Advanced Micro Devices Inc.)
                                      [msnmsgr] -Malik- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe - (Microsoft Corporation)
                                      [NBService] -SYSTEM- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe - (Nero AG)
                                      [NDSTray] -Malik- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe - (TOSHIBA CORPORATION)
                                      [OpenDNSUpdater] -Malik- C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe - (OpenDNS Inc.)
                                      [SDFSSvc] -SYSTEM- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe - (Safer-Networking Ltd.)
                                      [SDTray] -Malik- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe - (Safer-Networking Ltd.)
                                      [SDUpdSvc] -SYSTEM- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe - (Safer-Networking Ltd.)
                                      [SDWSCSvc] -SYSTEM- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe - (Safer-Networking Ltd.)
                                      [services] -SYSTEM- C:\Windows\system32\services.exe - (Microsoft Corporation)
                                      [SmoothView] -Malik- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe - (TOSHIBA Corporation)
                                      [smss] -SYSTEM- C:\Windows\system32\smss.exe - (Microsoft Corporation)
                                      [soffice.bin] -Malik- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin - (OpenOffice.org)
                                      [soffice] -Malik- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe - (OpenOffice.org)
                                      [spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation)
                                      [SPUVolumeWatcher] -Malik- C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe - (Sony Corporation)
                                      [SynTPEnh] -Malik- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - (Synaptics Incorporated)
                                      [SynTPHelper] -Malik- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - (Synaptics Incorporated)
                                      [taskeng] -Malik- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)
                                      [taskhost] -Malik- C:\Windows\system32\taskhost.exe - (Microsoft Corporation)
                                      [TCrdMain] -Malik- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - (TOSHIBA Corporation)
                                      [TeamViewer_Service] -SYSTEM- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe - (TeamViewer GmbH)
                                      [TemproSvc] -SYSTEM- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe - (Toshiba Europe GmbH)
                                      [TODDSrv] -SYSTEM- C:\Windows\system32\TODDSrv.exe - (TOSHIBA Corporation)
                                      [TomTomHOMERunner] -Malik- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe - (TomTom)
                                      [TomTomHOMEService] -SYSTEM- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe - (TomTom)
                                      [TosCoSrv] -SYSTEM- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - (TOSHIBA Corporation)
                                      [TosSENotify] -Malik- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe - (TOSHIBA Corporation)
                                      [TosSmartSrv] -SYSTEM- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe - (TOSHIBA Corporation)
                                      [TPwrMain] -Malik- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - (TOSHIBA Corporation)
                                      [UNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe - (Intel Corporation)
                                      [unsecapp] -Malik- C:\Windows\system32\wbem\unsecapp.exe - (Microsoft Corporation)
                                      [unsecapp] -Malik- C:\Windows\system32\wbem\unsecapp.exe - (Microsoft Corporation)
                                      [VIAService] -SYSTEM- C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe - ()
                                      [wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation)
                                      [winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation)
                                      [WLIDSVC] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - (Microsoft Corp.)
                                      [WLIDSVCM] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - (Microsoft Corp.)
                                      [WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
                                      [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation)

                                      ==================== IE PAGES ==================================================

                                      IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com
                                      IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm
                                      IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
                                      IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://www.google.com
                                      IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
                                      IE04 - HKCU\..\SearchScopes {1D9FEA6B-F46D-45E8-AA8F-5E9E309D00D0} @ DisplayName: [eBay] @ URL = hxxp://rover.ebay.com/rover/1/1346-71494-26233-7/4?satitle={searchTerms}
                                      IE04 - HKCU\..\SearchScopes {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} @ DisplayName: [Microsoft (Bing)] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
                                      IE04 - HKCU\..\SearchScopes {B6EAAED2-C3FD-4521-9452-A90C1C2D2E83} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
                                      IE04 - HKCU\..\SearchScopes {DD65D844-9B1A-41BC-AA81-46A9E3986D5E} @ DisplayName: [Amazon] @ URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
                                      IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll
                                      IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com
                                      IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm
                                      IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://www.google.com
                                      IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://www.google.com
                                      IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.google.com
                                      IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
                                      IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
                                      IE10 - HKLM\..\SearchScopes {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} @ DisplayName: [Microsoft (Bing)] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
                                      IE10 - HKLM\..\SearchScopes {68E38A65-13F4-4C84-9A6D-3364686753D6} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
                                      IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com
                                      IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm
                                      IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
                                      IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://www.google.com
                                      IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
                                      IE04 x64 - HKCU\..\SearchScopes {1D9FEA6B-F46D-45E8-AA8F-5E9E309D00D0} @ DisplayName: [eBay] @ URL = hxxp://rover.ebay.com/rover/1/1346-71494-26233-7/4?satitle={searchTerms}
                                      IE04 x64 - HKCU\..\SearchScopes {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} @ DisplayName: [Microsoft (Bing)] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
                                      IE04 x64 - HKCU\..\SearchScopes {B6EAAED2-C3FD-4521-9452-A90C1C2D2E83} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
                                      IE04 x64 - HKCU\..\SearchScopes {DD65D844-9B1A-41BC-AA81-46A9E3986D5E} @ DisplayName: [Amazon] @ URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
                                      IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll
                                      IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com
                                      IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm
                                      IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://www.google.com
                                      IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://www.google.com
                                      IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.google.com
                                      IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
                                      IE10 x64 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
                                      IE10 x64 - HKLM\..\SearchScopes {B6EAAED2-C3FD-4521-9452-A90C1C2D2E83} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox

                                      ==================== Auto Load =================================================

                                      AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe,
                                      AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe
                                      AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe,
                                      AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe

                                      ==================== Firefox ===================================================

                                      FF - ProfilePath - C:\Users\Malik\AppData\Roaming\Mozilla\firefox\Profiles\5xc13rpi.default
                                      FF - Ext: [avast! Online Security 9.0.2021.112 ] - extension - [email protected] visible: True active: True
                                      FF - Ext: [Adblock Plus 2.6.5 ] - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} visible: True active: True
                                      FF - Ext: [Default 33.0 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} visible: True active: True

                                      FF - PlugIn: [Adobe® Flash® Player 15.0.0.152 Plugin] - C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll

                                      FF - prefs.js: user_pref("browser.search.defaultengine", "Google");
                                      FF - prefs.js: user_pref("browser.search.defaulturl", "hxxps://www.google.com/search");
                                      FF - prefs.js: user_pref("keyword.URL", "hxxps://www.google.com/search");
                                      FF - prefs.js: user_pref("network.proxy.type", 4);

                                      ==================== Windows Host File =========================================


                                      ==================== BHO =======================================================

                                      BHO - [Spybot-S&D IE Protection] - {53707962-6F74-2D53-2644-206D7942484F} @ Default = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
                                      BHO - [Groove GFS Browser Helper] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} @ Default = C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
                                      BHO - [avast! Online Security] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} @ Default = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
                                      BHO - [Aanmeldhulp voor Windows Live ID] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                                      BHO - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
                                      BHO - [TOSHIBA Media Controller Plug-in] - {F3C88694-EFFA-4d78-B409-54B7B2535B14} @ Default = C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
                                      BHO x64 - [Groove GFS Browser Helper] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} @ Default = C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
                                      BHO x64 - [avast! Online Security] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} @ Default = C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
                                      BHO x64 - [Windows Live ID Sign-in Helper] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                                      BHO x64 - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL

                                      ==================== Auto Start Programs =======================================

                                      ASP01 - HKLM\..\Run @ Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                                      ASP01 - HKLM\..\Run @ AvastUI.exe = "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
                                      ASP01 - HKLM\..\Run @ KiesTrayAgent = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
                                      ASP01 - HKLM\..\Run @ SDTray = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
                                      ASP01 - HKLM\..\Run @ StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
                                      ASP04 - HKCU\..\Run @ CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
                                      ASP04 - HKCU\..\Run @ msnmsgr = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
                                      ASP04 - HKCU\..\Run @ OpenDNS Updater = "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
                                      ASP04 - HKCU\..\Run @ Spybot-S&D Cleaning = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
                                      ASP04 - HKCU\..\Run @ TomTomHOME.exe = "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
                                      ASP01 x64 - HKLM\..\Run @ Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                                      ASP01 x64 - HKLM\..\Run @ AvastUI.exe = "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
                                      ASP01 x64 - HKLM\..\Run @ KiesTrayAgent = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
                                      ASP01 x64 - HKLM\..\Run @ SDTray = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
                                      ASP01 x64 - HKLM\..\Run @ StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
                                      ASP04 x64 - HKCU\..\Run @ CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
                                      ASP04 x64 - HKCU\..\Run @ msnmsgr = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
                                      ASP04 x64 - HKCU\..\Run @ OpenDNS Updater = "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
                                      ASP04 x64 - HKCU\..\Run @ Spybot-S&D Cleaning = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
                                      ASP04 x64 - HKCU\..\Run @ TomTomHOME.exe = "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
                                      ASP - Startup - C:\Users\Malik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
                                      ASP - Startup - C:\Users\Malik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediacontrole Picture Motion Browser.lnk
                                      ASP - Startup - C:\Users\Malik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
                                      ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini



                                      ==================== Extra Items IE ============================================

                                      EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
                                      EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
                                      EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing
                                      EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security
                                      EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings
                                      EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International
                                      EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
                                      EI04 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
                                      EI04 - App Ext - HKCU\..\Approved Extensions @ {53707962-6F74-2D53-2644-206D7942484F} = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
                                      EI04 - App Ext - HKCU\..\Approved Extensions @ {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
                                      EI04 - App Ext - HKCU\..\Approved Extensions @ {9030D464-4C02-4ABF-8ECC-5164760863C6} = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                                      EI04 - App Ext - HKCU\..\Approved Extensions @ {B4F3A835-0E21-4959-BA22-42B3008E02FF} = C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
                                      EI04 - App Ext - HKCU\..\Approved Extensions @ {F3C88694-EFFA-4D78-B409-54B7B2535B14} = C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
                                      EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
                                      EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
                                      EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing
                                      EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security
                                      EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings
                                      EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International
                                      EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
                                      EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {033BE5FC-ED4C-48A0-8F07-E0128384D828} =
                                      EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {11111111-1111-1111-1111-110611381131} =
                                      EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} =
                                      EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {4D2D3B0F-69BE-477A-90F5-FDDB05357975} =
                                      EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {53707962-6F74-2D53-2644-206D7942484F} =
                                      EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {6CC4BF79-7708-4ECB-8F2B-A11264A67989} =
                                      EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
                                      EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {9030D464-4C02-4ABF-8ECC-5164760863C6} = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                                      EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {B4F3A835-0E21-4959-BA22-42B3008E02FF} = C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
                                      EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {F3C88694-EFFA-4D78-B409-54B7B2535B14} =

                                      ==================== Internet Default Prefix ===================================

                                      IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://
                                      IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://
                                      IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://
                                      IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://

                                      ==================== Default Settings IE - DSIE ================================

                                      DSIE - ieuinit.inf: START_PAGE= "http://go.microsoft.com/fwlink/p/?LinkId
                                      DSIE - ieuinit.inf: SEARCH_PAGE_URL= "http://go.microsoft.com/fwlink/?LinkId

                                      ==================== Trusted Zones - TZ ========================================


                                      ==================== Protocol Hijackers - PH ===================================

                                      PH01 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown
                                      PH01 x64 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown

                                      ==================== ShellServiceObjectDelayLoad - SSODL =======================

                                      SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =
                                      SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =

                                      ==================== Extra items - EXT (Torpig/ConduitSearch) ==================

                                      EXT00 - HKLM\SOFTWARE\AppDataLow\Software\Adobe
                                      EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Adobe
                                      EXT01 - HKCU\SOFTWARE\AppDataLow\Software\BittorrentBar_NL
                                      EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
                                      EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Macromedia
                                      EXT01 - HKCU\SOFTWARE\AppDataLow\Software\MarkAny
                                      EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft
                                      EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Unity
                                      EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll
                                      EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll
                                      EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Adobe
                                      EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\BittorrentBar_NL
                                      EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
                                      EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Macromedia
                                      EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\MarkAny
                                      EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft
                                      EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Unity
                                      EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll
                                      EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll

                                      ==================== DRIVERS and SERVICES ======================================

                                      *** Win32OwnProcess ***

                                      SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
                                      SERV - R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe
                                      SERV - R2 - [cfWiMAXService] - ConfigFree WiMAX Service - c:\program files (x86)\toshiba\configfree\cfiwmxsvcs64.exe
                                      SERV - R2 - [ConfigFree Service] - ConfigFree Service - c:\program files (x86)\toshiba\configfree\cfsvcs.exe
                                      SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
                                      SERV - R2 - [Nero BackItUp Scheduler 4.0] - Nero BackItUp Scheduler 4.0 - c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe
                                      SERV - R2 - [SDScannerService] - Spybot-S&D 2 Scanner Service - c:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe
                                      SERV - R2 - [SDUpdateService] - Spybot-S&D 2 Updating Service - c:\program files (x86)\spybot - search & destroy 2\sdupdsvc.exe
                                      SERV - R2 - [SDWSCService] - Spybot-S&D 2 Security Center Service - c:\program files (x86)\spybot - search & destroy 2\sdwscsvc.exe
                                      SERV - R2 - [TeamViewer8] - TeamViewer 8 - c:\program files (x86)\teamviewer\version8\teamviewer_service.exe
                                      SERV - R2 - [TemproMonitoringService] - Notebook Performance Tuning Service (TEMPRO) - c:\program files (x86)\toshiba tempro\temprosvc.exe
                                      SERV - R2 - [TODDSrv] - TOSHIBA Optical Disc Drive Service - c:\windows\system32\toddsrv.exe
                                      SERV - R2 - [TosCoSrv] - TOSHIBA Power Saver - c:\program files\toshiba\power saver\toscosrv.exe
                                      SERV - R2 - [UNS] - Intel(R) Management & Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
                                      SERV - R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
                                      SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
                                      SERV - R3 - [TOSHIBA HDD SSD Alert Service] - TOSHIBA HDD SSD Alert Service - c:\program files\toshiba\toshiba hdd ssd alert\tossmartsrv.exe
                                      SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
                                      SERV - S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
                                      SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
                                      SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
                                      SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
                                      SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
                                      SERV - S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
                                      SERV - S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
                                      SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
                                      SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
                                      SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
                                      SERV - S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files\microsoft office\office14\groove.exe
                                      SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
                                      SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
                                      SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
                                      SERV - S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
                                      SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
                                      SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
                                      SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
                                      SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
                                      SERV - S3 - [TMachInfo] - TMachInfo - c:\program files (x86)\toshiba\toshiba service station\tmachinfo.exe
                                      SERV - S3 - [TPCHSrv] - TPCH Service - c:\program files\toshiba\tphm\tpchsrv.exe
                                      SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
                                      SERV - S3 - [TunnelBearMaintenance] - TunnelBear Maintenance - c:\program files (x86)\tunnelbear\tbear.maintenance.exe
                                      SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
                                      SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
                                      SERV - S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe
                                      SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
                                      SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
                                      SERV - S4 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
                                      SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
                                      SERV - S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
                                      SERV - S4 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe

                                      *** Win32ShareProcess ***

                                      SERV - R2 - [avast! Antivirus] - avast! Antivirus - c:\program files\avast software\avast\avastsvc.exe
                                      SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
                                      SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
                                      SERV - S2 - [avast! Firewall] - avast! Firewall - c:\program files\avast software\avast\afwserv.exe [x]
                                      SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
                                      SERV - S3 - [idsvc] - Windows CardSpace - c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe
                                      SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
                                      SERV - S3 - [ProtectedStorage] - Protected Storage - c:\windows\system32\lsass.exe
                                      SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
                                      SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
                                      SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
                                      SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
                                      SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

                                      *** Others ***

                                      SERV - R2 - [CDMA Device Service] - CDMA Device Service - c:\program files (x86)\samsung\usb drivers\26_via_driver2\amd64\viaservice.exe
                                      SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
                                      SERV - R2 - [TomTomHOMEService] - TomTomHOMEService - c:\program files (x86)\tomtom home 2\tomtomhomeservice.exe
                                      SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

                                      *** File System Driver ***

                                      DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
                                      DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
                                      DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
                                      DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
                                      DRV - R3 - [srv] - Stuurprogramma Server SMB 1.xxx - C:\Windows\system32\Drivers\srv.sys
                                      DRV - R3 - [srv2] - Stuurprogramma Server SMB 2.xxx - C:\Windows\system32\Drivers\srv2.sys

                                      *** Kernel Driver ***

                                      DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\Windows\system32\Drivers\ACPI.sys
                                      DRV - R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
                                      DRV - R0 - [aswRvrt] - avast! Revert - C:\Windows\system32\Drivers\aswRvrt.sys
                                      DRV - R0 - [aswVmm] - avast! VM Monitor - C:\Windows\system32\Drivers\aswVmm.sys
                                      DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys
                                      DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
                                      DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
                                      DRV - R0 - [Compbatt] - Microsoft Composite Battery-stuurprogramma - C:\Windows\system32\Drivers\Compbatt.sys
                                      DRV - R0 - [Disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\Disk.sys
                                      DRV - R0 - [fvevol] - Filterstuurprogramma Bitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys
                                      DRV - R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
                                      DRV - R0 - [iaStor] - Intel AHCI Controller - C:\Windows\system32\Drivers\iaStor.sys
                                      DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
                                      DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
                                      DRV - R0 - [mountmgr] - Koppelpuntbeheer - C:\Windows\system32\Drivers\mountmgr.sys
                                      DRV - R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys
                                      DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
                                      DRV - R0 - [NDIS] - NDIS-systeemstuurprogramma - C:\Windows\system32\Drivers\NDIS.sys
                                      DRV - R0 - [partmgr] - Partitiebeheer - C:\Windows\system32\Drivers\partmgr.sys
                                      DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\Windows\system32\Drivers\pci.sys
                                      DRV - R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys
                                      DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
                                      DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
                                      DRV - R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
                                      DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys
                                      DRV - R0 - [TVALZ] - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver - C:\Windows\system32\Drivers\TVALZ.sys [x]
                                      DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator-stuurprogramma - C:\Windows\system32\Drivers\vdrvroot.sys
                                      DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\Windows\system32\Drivers\volmgr.sys
                                      DRV - R0 - [volmgrx] - Dynamisch Volumebeheer - C:\Windows\system32\Drivers\volmgrx.sys
                                      DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys
                                      DRV - R0 - [Wd] - Microsoft Watchdog Timer-stuurprogramma - C:\Windows\system32\Drivers\Wd.sys
                                      DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
                                      DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
                                      DRV - R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
                                      DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys
                                      DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

                                      ==================== SvcHost - White Listed ====================================

                                      All Ok

                                      WOW - All Ok

                                      ==================== SigCheck x86 Fast =========================================

                                      Fast Scan All ok

                                      ==================== SigCheck x64 Fast =========================================

                                      Fast Scan All ok

                                      ==================== Job tasks =================================================

                                      There are no .job files found.

                                      ==================== End scanning at di 21 okt 2014 21:01 (0 Min 30 Sec ) ======
                                        • Citaat

                                        Comment

                                        • #11
                                          Zijn er nog problemen?
                                          Malware Research Engineer@Malwarebytes (MBAM) ..... ASAP & Unite Member
                                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek
                                            • Citaat

                                            Comment

                                            • #12
                                              Nee, de problemen lijken opgelost te zijn.
                                                • Citaat

                                                Comment

                                                • #13
                                                  1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                                                  2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                                                  Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                                                  3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                                                  4) Allerlei tips en hints kan je hier raadplegen.


                                                  Ik zet het topic op opgelost.

                                                  Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                                                  naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                                                  Dit is gedaan om het forum netjes en overzichtelijk te houden.

                                                  Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.


                                                  Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                                                  Emphyrio
                                                  Malware Research Engineer@Malwarebytes (MBAM) ..... ASAP & Unite Member
                                                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek
                                                    • Citaat

                                                    Comment

                                                    • #14
                                                      Hartelijk dank voor uw hulp.
                                                        • Citaat

                                                        Comment

                                                        • #15
                                                          Met plezier gedaan
                                                          Malware Research Engineer@Malwarebytes (MBAM) ..... ASAP & Unite Member
                                                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek
                                                            • Citaat

                                                            Comment

                                                            Vorige template Volgende
                                                            Sorry, you are not authorized to view this page
                                                            Working...
                                                            X
                                                            😀
                                                            🥰
                                                            🤢
                                                            😎
                                                            😡
                                                            👍
                                                            👎