Mededeling

Collapse
No announcement yet.

Internet Explorer niet te gebruiken door Reclames en Laptop ontzettend traag.

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Internet Explorer niet te gebruiken door Reclames en Laptop ontzettend traag.

    Beste Lezers,

    Ik heb nu al enige tijd last van een enorme lading reclames in mijn internet explorer waardoor deze compleet onbruikbaar is geworden. ik werk nu via Firefox. dit gaat nog wel maar de PC blijft ontzettend traag. ik kan ook zien dat meer dan de helft van het werkgeheugen in gebruik is terwijl er geen programma's geopend zijn.
    Bij Programma's verwijderen stonden een aantal onbekende programma's die ik heb verwijderd. maar bleven terug komen.

    Ik werk nu al een tijdje op Firefox maar de laptop blijft traag. ik opende net Internet explorer en de reclames zijn wel weg. en bij Programma's de onbekende programma's ook terwijl ik niks veranderd heb.

    Ik zou dan ook graag mijn laptop opgeschoond willen hebben en hoop dat jullie mij erbij kunnen helpen!

    mvg, Koop

  • #2
    De eerste stap is het uitvoeren van deze richtlijn: !!! BELANGRIJK !!!: Lees dit eerst voor je een bericht plaatst!

    Post de gevraagde logjes.

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      MBAM:

      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Scan Date: 23-1-2015
      Scan Time: 9:01:50
      Logfile: mbamlog.txt
      Administrator: Yes

      Version: 2.00.4.1028
      Malware Database: v2015.01.23.03
      Rootkit Database: v2015.01.14.01
      License: Trial
      Malware Protection: Enabled
      Malicious Website Protection: Enabled
      Self-protection: Disabled

      OS: Windows 7 Service Pack 1
      CPU: x64
      File System: NTFS
      User: koop

      Scan Type: Custom Scan
      Result: Completed
      Objects Scanned: 514937
      Time Elapsed: 2 hr, 30 min, 14 sec

      Memory: Enabled
      Startup: Enabled
      Filesystem: Enabled
      Archives: Enabled
      Rootkits: Disabled
      Heuristics: Enabled
      PUP: Enabled
      PUM: Enabled

      Processes: 0
      (No malicious items detected)

      Modules: 0
      (No malicious items detected)

      Registry Keys: 0
      (No malicious items detected)

      Registry Values: 0
      (No malicious items detected)

      Registry Data: 0
      (No malicious items detected)

      Folders: 0
      (No malicious items detected)

      Files: 0
      (No malicious items detected)

      Physical Sectors: 0
      (No malicious items detected)

      (end)

      Adwcleaner:

      # AdwCleaner v4.108 - Rapport aangemaakt 23/01/2015 op 11:57:56
      # Laatste Update 17/01/2015 door Xplode
      # Database : 2015-01-13.2 [Local]
      # Besturingssysteem : Windows 7 Professional Service Pack 1 (64 bits)
      # Gebruikersnaam : koop - KOOP-HP
      # Gestart vanuit : C:\Users\koop\Desktop\adwcleaner_4.108.exe
      # Optie : Verwijderen

      ***** [ Services ] *****

      [#] Service Verwijderd : 51cdb72

      ***** [ Bestanden / Mappen ] *****

      Map Verwijderd : C:\ProgramData\FinoeDealSoFFt
      Map Verwijderd : C:\ProgramData\PPriceDowwnloadEr
      Map Verwijderd : C:\ProgramData\ProShopper
      Map Verwijderd : C:\ProgramData\tpperfectucoupoani
      Map Verwijderd : C:\Program Files (x86)\Optimizer Pro 3.11
      Map Verwijderd : C:\Program Files (x86)\PPriceDowwnloadEr
      Map Verwijderd : C:\Program Files (x86)\tpperfectucoupoani
      Map Verwijderd : C:\Users\koop\AppData\Roaming\0S1P1R2Y1C1P1Q0D1F2W1G1I1F1T1Q
      Map Verwijderd : C:\Users\koop\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
      Map Verwijderd : C:\Users\koop\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnecgiinnfijdlbjooeehnjbmdlgihod
      Bestand Verwijderd : C:\Users\koop\AppData\Local\Temp\Uninstall.exe

      ***** [ Taken ] *****


      ***** [ Snelkoppelingen ] *****


      ***** [ Register ] *****

      Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab
      Sleutel Verwijderd : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
      Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
      Sleutel Verwijderd : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
      Sleutel Verwijderd : HKCU\Software\Optimizer Pro
      Sleutel Verwijderd : HKCU\Software\SecuredDownload
      Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
      Sleutel Verwijderd : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
      Sleutel Verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
      Sleutel Verwijderd : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
      Sleutel Verwijderd : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
      Sleutel Verwijderd : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
      Sleutel Verwijderd : HKLM\SOFTWARE\InstallCore

      ***** [ Browsers ] *****

      -\\ Internet Explorer v11.0.9600.17496


      -\\ Mozilla Firefox v35.0 (x86 nl)


      -\\ Google Chrome v39.0.2171.95

      [C:\Users\koop\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [Search Provider] : hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_secureddownload_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0AtDtC0DyEzz0BtC0F yEzz0DyEzytCyBtN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2S tCzzzy0F0DyD0EyEtGyBzytBtBtG0Dzz0CzytGtByC0B0CtGtDyD0DyCyBtDyCtBzyyEyByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D 0CtC0AtAtB0CyEtGyBtAtAtDtGyEtCtDyEtGzyzyyBtBtGyEtCtA0AyDtA0AtAyByCyE0D2Q&cr=1113969576&ir=
      [C:\Users\koop\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [Search Provider] : hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_secureddownload_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0AtDtC0DyEzz0BtC0F yEzz0DyEzytCyBtN0D0Tzu0StCtDyCyDtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2S tCzzzy0F0DyD0EyEtGyBzytBtBtG0Dzz0CzytGtByC0B0CtGtDyD0DyCyBtDyCtBzyyEyByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D 0CtC0AtAtB0CyEtGyBtAtAtDtGyEtCtDyEtGzyzyyBtBtGyEtCtA0AyDtA0AtAyByCyE0D2Q&cr=1113969576&ir=
      [C:\Users\koop\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : oilkkkefbalmbfppgjmgjoefbclebkce
      [C:\Users\koop\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : hnecgiinnfijdlbjooeehnjbmdlgihod

      *************************

      AdwCleaner[R0].txt - [4160 octets] - [23/01/2015 11:53:50]
      AdwCleaner[S0].txt - [3956 octets] - [23/01/2015 11:57:56]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4016 octets] ##########

      DDS:

      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 11.0.9600.17496
      Run by koop at 12:12:06 on 2015-01-23
      Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.3977.2000 [GMT 1:00]
      .
      AV: F-PROT Antivirus for Windows *Enabled/Updated* {31B7FFC6-2716-5A4E-528D-32786E690ED2}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      ============== Running Processes ===============
      .
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\svchost.exe -k RPCSS
      c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Program Files\IDT\WDM\STacSV64.exe
      C:\Windows\system32\svchost.exe -k GPSvcGroup
      C:\Windows\system32\Hpservice.exe
      C:\Windows\system32\vcsFPService.exe
      C:\Windows\system32\svchost.exe -k NetworkService
      c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Windows\system32\WLANExt.exe
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
      C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
      C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe
      c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
      C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
      C:\Program Files\Intel\iCLS Client\HeciServer.exe
      C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
      C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
      C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
      C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
      C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
      C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
      C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
      C:\Windows\servicing\TrustedInstaller.exe
      C:\Windows\System32\svchost.exe -k secsvcs
      C:\Windows\system32\svchost.exe -k bthsvcs
      C:\Windows\System32\WUDFHost.exe
      C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
      C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Windows\system32\SearchIndexer.exe
      C:\Windows\system32\taskhost.exe
      C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
      c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
      C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
      C:\Program Files\IDT\WDM\sttray64.exe
      C:\Windows\System32\igfxtray.exe
      C:\Windows\System32\hkcmd.exe
      C:\Windows\System32\igfxpers.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
      C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
      C:\Windows\system32\igfxsrvc.exe
      C:\Windows\system32\NOTEPAD.EXE
      C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
      C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
      C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
      C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
      C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
      C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
      C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
      C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
      C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
      C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
      C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
      C:\Windows\system32\wuauclt.exe
      C:\Program Files (x86)\Browny02\BrYNSvc.exe
      c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
      C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
      C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
      C:\Windows\SYSTEM32\WISPTIS.EXE
      C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\svchost.exe -k SDRSVC
      C:\Windows\system32\taskeng.exe
      C:\Windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://www.google.com/
      mWinlogon: Userinit = userinit.exe,
      BHO: HP File Sanitizer: {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
      BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
      BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
      BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
      BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
      TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
      TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      uRun: [DYMOQuickPrint] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
      uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
      mRun: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
      mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
      mRun: [DsMgr] C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe
      mRun: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
      mRun: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
      mRun: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
      mRun: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
      mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
      mRun: [F-PROT Antivirus Tray application] C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
      mRun: [DLSService] "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"
      mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
      mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
      mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
      mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
      mExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
      uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
      mPolicies-Explorer: NoActiveDesktop = dword:1
      mPolicies-Explorer: NoActiveDesktopChanges = dword:1
      mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
      mPolicies-System: ConsentPromptBehaviorUser = dword:3
      mPolicies-System: EnableLUA = dword:0
      mPolicies-System: EnableUIADesktopToggle = dword:0
      mPolicies-System: PromptOnSecureDesktop = dword:0
      mPolicies-System: DisableCAD = dword:1
      IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
      IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
      IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
      IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
      IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
      TCP: NameServer = 10.252.110.242
      TCP: Interfaces\{0613D36D-2C4A-487F-A873-633B175C3B48} : DHCPNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
      TCP: Interfaces\{33B1413A-6091-4409-9A09-820DF37BF3D4} : DHCPNameServer = 10.252.110.242
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
      SSODL: WebCheck - <orphaned>
      LSA: Notification Packages = DPPassFilter scecli
      mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
      mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
      x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
      x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
      x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
      x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
      x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
      x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
      x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
      x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
      x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
      x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
      x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
      x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
      x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
      x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
      x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
      x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
      x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
      x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
      x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
      x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
      x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
      x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
      x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
      x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
      x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
      x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
      x64-Notify: igfxcui - igfxdev.dll
      x64-SSODL: WebCheck - <orphaned>
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - C:\Users\koop\AppData\Roaming\Mozilla\Firefox\Profiles\lmree7r7.default\
      FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
      FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
      FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
      FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
      FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
      FF - plugin: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
      FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
      FF - plugin: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll
      FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
      FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
      FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-7-15 667496]
      R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-7-15 28008]
      R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-4-26 20464]
      R0 PinFile;PinFile;C:\Windows\System32\drivers\PinFile.sys [2013-7-15 49928]
      R0 SDDisk2K;SDDisk2K;C:\Windows\System32\drivers\SDDisk2K.sys [2013-7-15 210184]
      R0 SDDToki;SDDToki;C:\Windows\System32\drivers\SDDToki.sys [2013-7-15 131848]
      R1 FPAV_RTP;FPAV_RTP;C:\Windows\System32\drivers\FPAV_RTP.sys [2014-4-17 842144]
      R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2013-3-1 227968]
      R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-4-22 2449592]
      R2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2014-2-3 33072]
      R2 FPAVServer;F-PROT Antivirus for Windows system;C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [2011-10-6 84136]
      R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
      R2 HPFSService;HP File Sanitizer;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2013-7-24 1748184]
      R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
      R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2013-6-20 43320]
      R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-7-19 14696]
      R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
      R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-3-23 131544]
      R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-3-23 169432]
      R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2014-4-9 377704]
      R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2013-12-11 16056]
      R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2014-4-17 72216]
      R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-1-23 1871160]
      R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-1-23 969016]
      R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2014-3-23 89168]
      R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2014-8-30 266240]
      R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2014-3-23 346192]
      R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2014-3-23 115280]
      R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2014-3-23 34384]
      R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2014-3-23 179432]
      R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2014-3-23 77464]
      R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2014-3-23 136424]
      R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2014-3-23 583760]
      R3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2014-4-16 456192]
      R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2013-7-10 1444664]
      R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-4-26 368112]
      R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-4-26 786416]
      R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-1-23 25816]
      R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-1-23 129752]
      R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-1-23 63704]
      R3 radpms;Driver for RADPMS Device;C:\Windows\System32\drivers\radpms.sys [2013-12-11 14944]
      R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-3-23 872152]
      R3 RTSPER;Realtek PCIE Card Reader - PER;C:\Windows\System32\drivers\RtsPer.sys [2013-6-17 418520]
      R3 SPUVCbv;SPUVCb Driver Service;C:\Windows\System32\drivers\SPUVCBv_x64.sys [2014-3-23 1512952]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
      S3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2013-3-1 55448]
      S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2014-8-30 95344]
      S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2014-8-30 21872]
      S3 DAMDrv;DAMDrv;C:\Windows\System32\drivers\DAMDrv64.sys [2013-2-18 65752]
      S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
      S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2014-4-16 14976]
      S3 FLCDLOCK;HP Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2013-3-4 556856]
      S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-3-23 169752]
      S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-11 114688]
      S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-8-8 452088]
      S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
      S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\drivers\leath_hid.sys [2014-3-23 39704]
      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-17 19456]
      S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-8-19 30448]
      S3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-8-19 34544]
      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-17 56832]
      S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-4-17 30208]
      .
      =============== Created Last 30 ================
      .
      2015-01-23 10:53:32 -------- d-----w- C:\AdwCleaner
      2015-01-23 08:00:51 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
      2015-01-23 08:00:20 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
      2015-01-23 08:00:20 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
      2015-01-23 08:00:20 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
      2015-01-23 08:00:20 -------- d-----w- C:\ProgramData\Malwarebytes
      2015-01-23 08:00:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
      2015-01-21 08:04:53 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C23B7C9-4952-41BE-AC13-F1077DC6F6F4}\mpengine.dll
      2015-01-19 08:27:41 -------- d-----w- C:\ProgramData\Visan
      2015-01-19 08:27:41 -------- d-----w- C:\ProgramData\HP Photo Creations
      2015-01-19 08:27:41 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
      2015-01-19 08:27:18 -------- d-----w- C:\Users\koop\AppData\Roaming\HpUpdate
      2015-01-19 08:27:12 741480 ------w- C:\Windows\System32\HPDiscoPMa111.dll
      2015-01-19 08:26:07 -------- d-----w- C:\Program Files\HP
      2015-01-19 08:26:07 -------- d-----w- C:\Program Files (x86)\HP
      2015-01-19 08:25:33 -------- d-----w- C:\Users\koop\AppData\Local\HP
      2015-01-19 07:45:41 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
      2015-01-19 07:45:41 303616 ----a-w- C:\Windows\System32\nlasvc.dll
      2015-01-19 07:45:41 210432 ----a-w- C:\Windows\System32\profsvc.dll
      2015-01-19 07:45:41 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
      2015-01-19 07:45:39 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
      2015-01-19 07:45:30 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
      2015-01-19 07:45:30 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
      2015-01-19 07:44:57 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
      2015-01-19 07:44:51 5553592 ----a-w- C:\Windows\System32\ntoskrnl.exe
      2015-01-19 07:44:50 3971512 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
      2015-01-19 07:44:50 3916728 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
      2015-01-19 07:44:49 503808 ----a-w- C:\Windows\System32\srcore.dll
      2015-01-19 07:44:49 50176 ----a-w- C:\Windows\System32\srclient.dll
      2015-01-19 07:44:49 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
      2015-01-19 07:44:49 296960 ----a-w- C:\Windows\System32\rstrui.exe
      2015-01-16 08:27:10 -------- d-----w- C:\Users\koop\AppData\Local\Mozilla
      2015-01-06 13:13:29 -------- d-----w- C:\ProgramData\phkkbkddpkfbigjgdbjhmafocalbaoid
      .
      ==================== Find3M ====================
      .
      2015-01-22 08:23:52 92520 ----a-w- C:\Windows\System32\LMIinit.dll
      2015-01-22 08:23:52 35688 ----a-w- C:\Windows\System32\LMIport.dll
      2015-01-22 08:23:52 107392 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
      2015-01-16 09:11:24 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2015-01-16 09:11:24 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2015-01-08 08:55:52 298120 ------w- C:\Windows\System32\MpSigStub.exe
      2014-11-26 12:17:45 92520 ----a-w- C:\Windows\System32\LMIinit.dll.000.bak
      2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
      2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
      2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
      2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
      2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
      2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
      2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
      2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
      2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
      2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
      2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
      2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
      2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
      2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
      2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
      2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
      2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
      2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
      2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
      2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
      2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
      2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
      2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
      2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
      2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
      2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
      2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
      2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
      2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
      2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
      2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
      2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
      2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
      2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
      2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
      2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
      .
      ============= FINISH: 12:13:58,90 ===============

      Comment


      • #4
        Gmer:

        GMER 2.1.19357 - http://www.gmer.net
        Rootkit scan 2015-01-23 12:45:05
        Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000097 HGST rev.GG2O 465,76GB
        Running: ywxze251.exe; Driver: C:\Users\koop\AppData\Local\Temp\kfldqpoc.sys


        ---- Kernel code sections - GMER 2.1 ----

        INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 448 fffff800031ac000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
        INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 495 fffff800031ac02f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

        ---- User code sections - GMER 2.1 ----

        .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[2884] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000751d1465 2 bytes [1D, 75]
        .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[2884] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751d14bb 2 bytes [1D, 75]
        .text ... * 2
        .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000751d1465 2 bytes [1D, 75]
        .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751d14bb 2 bytes [1D, 75]
        .text ... * 2
        .text c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000751d1465 2 bytes [1D, 75]
        .text c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe[3564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751d14bb 2 bytes [1D, 75]
        .text ... * 2
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5848] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000751d1465 2 bytes [1D, 75]
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5848] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000751d14bb 2 bytes [1D, 75]
        .text ... * 2

        ---- Threads - GMER 2.1 ----

        Thread C:\Windows\System32\svchost.exe [3376:4908] 000007fef7c89688

        ---- Registry - GMER 2.1 ----

        Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\28e347d10290
        Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\28e347d10290 (not active ControlSet)

        ---- EOF - GMER 2.1 ----

        Comment


        • #5
          Download of Update Ccleaner

          Start CCleaner op.
          • Run Ccleaner en klik in de linkse kolom op Opties
          • Selecteer het tabblad Geavanceerd
          • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
          • Selecteer het tabblad Instellingen
          • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
          • Klik in de linkse kolom op Cleaner.
          • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
          • Klik vervolgens in de linkse kolom op Register
          • Klik op Scan naar problemen.
          • Op de vraag of je een backup wil maken van het register, klik je "Ja".
          • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

          .


          Download Combofix naar je bureaublad.
          (Dus niet naar een download map of temp map)

          Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
          Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

          Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

          Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
          Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

          Als Combofix vraagt om een update, dan staat je dit toe.

          Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
          Deze kan je vinden als C:\combofix.txt.

          Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

          * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
          • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
          • Illegal operation attempted on a registry key that has been marked for deletion.
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            Combofix:

            ComboFix 15-01-22.02 - koop 23-01-2015 14:22:48.2.4 - x64
            Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.3977.1811 [GMT 1:00]
            Gestart vanuit: c:\users\koop\Desktop\ComboFix.exe
            AV: F-PROT Antivirus for Windows *Enabled/Updated* {31B7FFC6-2716-5A4E-528D-32786E690ED2}
            SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
            .
            .
            (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
            .
            .
            c:\users\koop\AppData\Local\dsisetup4735562.exe
            c:\users\koop\AppData\Local\dsisetup6118202.exe
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpaiidihgcehbmalapchgbeikblhgoba
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpaiidihgcehbmalapchgbeikblhgoba\193\background.html
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpaiidihgcehbmalapchgbeikblhgoba\193\manifest.json
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhbkiedoogpgipchgfiikmcfmglffdh
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhbkiedoogpgipchgfiikmcfmglffdh\118\background.html
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhbkiedoogpgipchgfiikmcfmglffdh\118\manifest.json
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bpaiidihgcehbmalapchgbeikblhgoba_0.localstorage
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dmkmnnkdkfigfjckkdeanfndngdapcei_0.localstorage
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hnecgiinnfijdlbjooeehnjbmdlgihod_0.localstorage
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_khhbkiedoogpgipchgfiikmcfmglffdh_0.localstorage
            c:\users\koop\AppData\Local\Google\Chrome\User Data\Default\Preferences
            .
            .
            (((((((((((((((((((( Bestanden Gemaakt van 2014-12-23 to 2015-01-23 ))))))))))))))))))))))))))))))
            .
            .
            2015-01-23 13:31 . 2015-01-23 13:31 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp
            2015-01-23 13:31 . 2015-01-23 13:31 -------- d-----w- c:\users\Default\AppData\Local\temp
            2015-01-23 12:23 . 2015-01-23 12:23 -------- d-----w- c:\program files\CCleaner
            2015-01-23 10:53 . 2015-01-23 10:58 -------- d-----w- C:\AdwCleaner
            2015-01-23 08:00 . 2015-01-23 12:11 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
            2015-01-23 08:00 . 2015-01-23 08:00 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
            2015-01-23 08:00 . 2015-01-23 08:00 -------- d-----w- c:\programdata\Malwarebytes
            2015-01-23 08:00 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
            2015-01-23 08:00 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
            2015-01-23 08:00 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
            2015-01-21 08:04 . 2014-12-15 03:13 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1C23B7C9-4952-41BE-AC13-F1077DC6F6F4}\mpengine.dll
            2015-01-19 08:27 . 2015-01-19 08:27 -------- d-----w- c:\programdata\Visan
            2015-01-19 08:27 . 2015-01-19 08:27 -------- d-----w- c:\programdata\HP Photo Creations
            2015-01-19 08:27 . 2015-01-19 08:27 -------- d-----w- c:\program files (x86)\HP Photo Creations
            2015-01-19 08:27 . 2015-01-19 08:27 -------- d-----w- c:\users\koop\AppData\Roaming\HpUpdate
            2015-01-19 08:27 . 2012-10-17 03:31 741480 ------w- c:\windows\system32\HPDiscoPMa111.dll
            2015-01-19 08:26 . 2015-01-19 08:27 -------- d-----w- c:\program files (x86)\HP
            2015-01-19 08:26 . 2015-01-19 08:26 -------- d-----w- c:\programdata\HP
            2015-01-19 08:26 . 2015-01-19 08:26 -------- d-----w- c:\program files\HP
            2015-01-19 08:25 . 2015-01-19 08:28 -------- d-----w- c:\users\koop\AppData\Local\HP
            2015-01-19 07:45 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll
            2015-01-19 07:45 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
            2015-01-19 07:45 . 2014-12-06 03:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
            2015-01-19 07:45 . 2014-12-06 03:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
            2015-01-19 07:45 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
            2015-01-19 07:45 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
            2015-01-19 07:45 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
            2015-01-19 07:44 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
            2015-01-19 07:44 . 2014-12-12 05:35 5553592 ----a-w- c:\windows\system32\ntoskrnl.exe
            2015-01-19 07:44 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
            2015-01-19 07:44 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
            2015-01-19 07:44 . 2014-12-12 05:31 503808 ----a-w- c:\windows\system32\srcore.dll
            2015-01-19 07:44 . 2014-12-12 05:31 50176 ----a-w- c:\windows\system32\srclient.dll
            2015-01-19 07:44 . 2014-12-12 05:31 296960 ----a-w- c:\windows\system32\rstrui.exe
            2015-01-19 07:44 . 2014-12-12 05:07 43008 ----a-w- c:\windows\SysWow64\srclient.dll
            2015-01-16 08:27 . 2015-01-16 08:27 -------- d-----w- c:\users\koop\AppData\Local\Mozilla
            2015-01-16 08:26 . 2015-01-16 08:26 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
            2015-01-06 13:13 . 2015-01-16 08:12 -------- d-----w- c:\programdata\phkkbkddpkfbigjgdbjhmafocalbaoid
            .
            .
            .
            ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
            .
            2015-01-23 12:11 . 2013-09-07 17:47 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
            2015-01-23 12:11 . 2013-09-07 17:47 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
            2015-01-22 08:23 . 2014-04-17 06:22 35688 ----a-w- c:\windows\system32\LMIport.dll
            2015-01-22 08:23 . 2014-04-17 06:22 107392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
            2015-01-22 08:23 . 2014-04-17 06:21 92520 ----a-w- c:\windows\system32\LMIinit.dll
            2015-01-19 07:46 . 2014-04-16 10:56 113365784 ----a-w- c:\windows\system32\MRT.exe
            2015-01-08 08:55 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
            2014-11-27 01:43 . 2014-12-11 07:58 389296 ----a-w- c:\windows\system32\iedkcs32.dll
            2014-11-26 12:17 . 2014-04-17 06:21 92520 ----a-w- c:\windows\system32\LMIinit.dll.000.bak
            2014-11-22 03:13 . 2014-12-11 07:58 25059840 ----a-w- c:\windows\system32\mshtml.dll
            2014-11-22 03:06 . 2014-12-11 07:58 2724864 ----a-w- c:\windows\system32\mshtml.tlb
            2014-11-22 03:06 . 2014-12-11 07:58 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
            2014-11-22 02:50 . 2014-12-11 07:58 66560 ----a-w- c:\windows\system32\iesetup.dll
            2014-11-22 02:50 . 2014-12-11 07:58 580096 ----a-w- c:\windows\system32\vbscript.dll
            2014-11-22 02:49 . 2014-12-11 07:58 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
            2014-11-22 02:49 . 2014-12-11 07:58 2885120 ----a-w- c:\windows\system32\iertutil.dll
            2014-11-22 02:48 . 2014-12-11 07:58 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
            2014-11-22 02:41 . 2014-12-11 07:58 54784 ----a-w- c:\windows\system32\jsproxy.dll
            2014-11-22 02:40 . 2014-12-11 07:58 34304 ----a-w- c:\windows\system32\iernonce.dll
            2014-11-22 02:37 . 2014-12-11 07:58 633856 ----a-w- c:\windows\system32\ieui.dll
            2014-11-22 02:35 . 2014-12-11 07:58 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
            2014-11-22 02:34 . 2014-12-11 07:58 814080 ----a-w- c:\windows\system32\jscript9diag.dll
            2014-11-22 02:34 . 2014-12-11 07:58 6039552 ----a-w- c:\windows\system32\jscript9.dll
            2014-11-22 02:26 . 2014-12-11 07:58 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
            2014-11-22 02:22 . 2014-12-11 07:58 490496 ----a-w- c:\windows\system32\dxtmsft.dll
            2014-11-22 02:20 . 2014-12-11 07:58 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
            2014-11-22 02:14 . 2014-12-11 07:58 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
            2014-11-22 02:09 . 2014-12-11 07:58 199680 ----a-w- c:\windows\system32\msrating.dll
            2014-11-22 02:08 . 2014-12-11 07:58 92160 ----a-w- c:\windows\system32\mshtmled.dll
            2014-11-22 02:07 . 2014-12-11 07:58 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
            2014-11-22 02:07 . 2014-12-11 07:58 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
            2014-11-22 02:06 . 2014-12-11 07:58 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
            2014-11-22 02:05 . 2014-12-11 07:58 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
            2014-11-22 02:05 . 2014-12-11 07:58 316928 ----a-w- c:\windows\system32\dxtrans.dll
            2014-11-22 01:54 . 2014-12-11 07:58 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
            2014-11-22 01:49 . 2014-12-11 07:58 718848 ----a-w- c:\windows\system32\ie4uinit.exe
            2014-11-22 01:49 . 2014-12-11 07:58 800768 ----a-w- c:\windows\system32\msfeeds.dll
            2014-11-22 01:47 . 2014-12-11 07:58 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
            2014-11-22 01:46 . 2014-12-11 07:58 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
            2014-11-22 01:43 . 2014-12-11 07:58 14412800 ----a-w- c:\windows\system32\ieframe.dll
            2014-11-22 01:40 . 2014-12-11 07:58 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
            2014-11-22 01:29 . 2014-12-11 07:58 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
            2014-11-22 01:28 . 2014-12-11 07:58 2358272 ----a-w- c:\windows\system32\wininet.dll
            2014-11-22 01:22 . 2014-12-11 07:58 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
            2014-11-22 01:21 . 2014-12-11 07:58 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
            2014-11-22 01:15 . 2014-12-11 07:58 1548288 ----a-w- c:\windows\system32\urlmon.dll
            2014-11-22 01:03 . 2014-12-11 07:58 800768 ----a-w- c:\windows\system32\ieapfltr.dll
            2014-11-22 01:00 . 2014-12-11 07:58 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
            2014-11-11 03:09 . 2014-12-11 07:58 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
            2014-11-11 03:08 . 2014-11-20 12:39 241152 ----a-w- c:\windows\system32\pku2u.dll
            2014-11-11 03:08 . 2014-11-20 12:39 728064 ----a-w- c:\windows\system32\kerberos.dll
            2014-11-11 02:44 . 2014-12-11 07:58 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
            2014-11-11 02:44 . 2014-11-20 12:39 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
            2014-11-11 02:44 . 2014-11-20 12:39 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
            2014-11-11 01:46 . 2014-12-11 07:57 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
            2014-11-08 03:16 . 2014-12-11 07:56 2048 ----a-w- c:\windows\system32\tzres.dll
            2014-11-08 02:45 . 2014-12-11 07:56 2048 ----a-w- c:\windows\SysWow64\tzres.dll
            2014-11-04 09:35 . 2014-04-17 09:20 590536 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
            2014-10-30 02:03 . 2014-12-11 07:57 165888 ----a-w- c:\windows\system32\charmap.exe
            2014-10-30 01:45 . 2014-12-11 07:57 155136 ----a-w- c:\windows\SysWow64\charmap.exe
            .
            .
            ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
            .
            .
            *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
            REGEDIT4
            .
            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive1]
            @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
            [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
            2014-04-17 09:24 220632 ----a-w- c:\users\koop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
            .
            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive2]
            @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
            [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
            2014-04-17 09:24 220632 ----a-w- c:\users\koop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
            .
            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive3]
            @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
            [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
            2014-04-17 09:24 220632 ----a-w- c:\users\koop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
            .
            [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
            "DYMOQuickPrint"="c:\program files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2014-02-03 1867056]
            "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2014-12-01 39408]
            "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
            "HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2013-07-10 185144]
            "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
            "DsMgr"="c:\program files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe" [2013-06-18 270552]
            "YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2013-06-24 136488]
            "YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2013-06-24 167488]
            "File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2013-07-24 13703896]
            "AccelerometerSysTrayApplet"="c:\program files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe" [2013-10-16 77088]
            "QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2013-10-16 337184]
            "F-PROT Antivirus Tray application"="c:\program files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe" [2010-11-03 1674016]
            "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2014-12-03 3498728]
            "ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2014-06-16 139776]
            "BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2012-06-06 3076096]
            "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
            .
            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
            "ConsentPromptBehaviorAdmin"= 0 (0x0)
            "ConsentPromptBehaviorUser"= 3 (0x3)
            "EnableLUA"= 0 (0x0)
            "EnableUIADesktopToggle"= 0 (0x0)
            "PromptOnSecureDesktop"= 0 (0x0)
            "DisableCAD"= 1 (0x1)
            .
            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
            "LoadAppInit_DLLs"=1 (0x1)
            .
            [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
            Notification Packages REG_MULTI_SZ DPPassFilter scecli
            .
            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FPAVServer]
            @="Service"
            .
            3;3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\ drivers\mwac.sys [x]
            3;4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drive rs\MBAMSwissArmy.sys [x]
            R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
            R2 FPAVServer;F-PROT Antivirus for Windows system;c:\program files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe;c:\program files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [x]
            R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
            R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
            R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
            R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
            R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
            R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
            R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys;c:\windows\ SYSNATIVE\drivers\ew_usbenumfilter.sys [x]
            R3 FLCDLOCK;HP Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
            R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
            R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
            R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
            R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
            R3 lehidmini;Bluetooth Low Energy Hid Device;c:\windows\system32\drivers\leath_hid.sys;c:\windows\SYSNATIVE\drivers\leath_hid.sys [x]
            R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
            R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_dri ver_AMDASF.sys [x]
            R3 SmbDrvI;SmbDrvI;c:\windows\system32\drivers\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\drivers\Smb_dr iver_Intel.sys [x]
            R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
            R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
            R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
            S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
            S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
            S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
            S0 PinFile;PinFile;c:\windows\system32\DRIVERS\PinFile.sys;c:\windows\SYSNATIVE\DRIVERS\PinFile.sys [x]
            S0 SDDisk2K;SDDisk2K;c:\windows\system32\DRIVERS\SDDisk2K.sys;c:\windows\SYSNATIVE\DRIVERS\SDDisk2K.sys [x]
            S0 SDDToki;SDDToki;c:\windows\system32\DRIVERS\SDDToki.sys;c:\windows\SYSNATIVE\DRIVERS\SDDToki.sys [x]
            S1 FPAV_RTP;FPAV_RTP;c:\windows\system32\DRIVERS\FPAV_RTP.sys;c:\windows\SYSNATIVE\DRIVERS\FPAV_RTP.sys [x]
            S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
            S2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
            S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [x]
            S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
            S2 HPFSService;HP File Sanitizer;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
            S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
            S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
            S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
            S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
            S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
            S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
            S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
            S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
            S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
            S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
            S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
            S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
            S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
            S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
            S3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
            S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
            S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
            S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
            S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
            S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
            S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
            S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
            S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
            S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
            S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
            S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
            S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
            S3 radpms;Driver for RADPMS Device;c:\windows\system32\DRIVERS\radpms.sys;c:\windows\SYSNATIVE\DRIVERS\radpms.sys [x]
            S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
            S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
            S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]
            .
            .
            --- Andere Services/Drivers In Geheugen ---
            .
            *NewlyCreated* - KFLDQPOC
            *NewlyCreated* - MBAMSWISSARMY
            *Deregistered* - kfldqpoc
            .
            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
            2014-12-11 08:22 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
            .
            Inhoud van de 'Gedeelde Taken' map
            .
            2015-01-23 c:\windows\Tasks\Adobe Flash Player Updater.job
            - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-07 12:11]
            .
            2015-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
            - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-01 20:09]
            .
            2015-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
            - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-01 20:09]
            .
            2015-01-20 c:\windows\Tasks\HPCeeScheduleForkoop.job
            - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
            .
            .
            --------- X64 Entries -----------
            .
            .
            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
            @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
            [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
            2014-04-17 09:24 244696 ----a-w- c:\users\koop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
            .
            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
            @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
            [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
            2014-04-17 09:24 244696 ----a-w- c:\users\koop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
            .
            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
            @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
            [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
            2014-04-17 09:24 244696 ----a-w- c:\users\koop\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
            .
            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
            @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
            [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
            2014-11-12 08:07 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
            .
            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
            @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
            [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
            2014-11-12 08:07 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
            .
            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
            @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
            [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
            2014-11-12 08:07 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
            "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-07-18 36352]
            "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-13 1703424]
            "IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-04-16 165872]
            "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-04-16 407536]
            "Persistence"="c:\windows\system32\igfxpers.exe" [2014-04-16 444400]
            "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2013-12-11 57928]
            "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
            "NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-12-16 21720]
            .
            ------- Bijkomende Scan -------
            .
            uStart Page = hxxp://www.google.com/
            uLocal Page = c:\windows\system32\blank.htm
            mLocal Page = c:\windows\SysWOW64\blank.htm
            IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
            IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
            TCP: DhcpNameServer = 10.252.110.242
            FF - ProfilePath - c:\users\koop\AppData\Roaming\Mozilla\Firefox\Profiles\lmree7r7.default\
            FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
            .
            - - - - ORPHANS VERWIJDERD - - - -
            .
            Wow6432Node-HKLM-Run-<NO NAME> - (no file)
            HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
            HKLM_Wow6432Node-ActiveSetup-{438363A8-F486-4C37-834C-4955773CB3D3} - msiexec
            HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
            AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
            AddRemove-Download &amp; Installeer Packages - c:\users\koop\AppData\Roaming\0S1P1R2Y1C1P1Q0D1F2W1G1I1F1T1Q\Download &amp; Installeer Packages\uninstaller.exe
            .
            .
            .
            --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
            @Denied: (A 2) (Everyone)
            @="FlashBroker"
            "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe,-101"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
            "Enabled"=dword:00000001
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
            @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
            @Denied: (A 2) (Everyone)
            @="IFlashBroker6"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
            @="{00020424-0000-0000-C000-000000000046}"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
            "Version"="1.0"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
            @Denied: (A 2) (Everyone)
            @="FlashBroker"
            "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe,-101"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
            "Enabled"=dword:00000001
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
            @Denied: (A 2) (Everyone)
            @="Shockwave Flash Object"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx"
            "ThreadingModel"="Apartment"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
            @="0"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
            @="ShockwaveFlash.ShockwaveFlash.16"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx, 1"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
            @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
            @="1.0"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
            @="ShockwaveFlash.ShockwaveFlash"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
            @Denied: (A 2) (Everyone)
            @="Macromedia Flash Factory Object"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx"
            "ThreadingModel"="Apartment"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
            @="FlashFactory.FlashFactory.1"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx, 1"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
            @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
            @="1.0"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
            @="FlashFactory.FlashFactory"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
            @Denied: (A 2) (Everyone)
            @="IFlashBroker6"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
            @="{00020424-0000-0000-C000-000000000046}"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
            "Version"="1.0"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
            @Denied: (A) (Everyone)
            "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
            @Denied: (A) (Everyone)
            .
            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
            "Key"="ActionsPane3"
            "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
            .
            [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
            @Denied: (A) (Users)
            @Denied: (A) (Everyone)
            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
            "BlindDial"=dword:00000000
            .
            [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
            @Denied: (Full) (Everyone)
            .
            Voltooingstijd: 2015-01-23 14:36:35
            ComboFix-quarantined-files.txt 2015-01-23 13:36
            .
            Pre-Run: 424.809.992.192 bytes beschikbaar
            Post-Run: 425.516.916.736 bytes beschikbaar
            .
            - - End Of File - - B61A08C40ED34ACF9C052CDB314E157C
            A36C5E4F47E84449FF07ED3517B43A31

            Comment


            • #7
              DDS (Ver_2012-11-20.01) - NTFS_AMD64
              Internet Explorer: 11.0.9600.17496
              Run by koop at 14:37:49 on 2015-01-23
              Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.3977.1777 [GMT 1:00]
              .
              AV: F-PROT Antivirus for Windows *Disabled/Updated* {31B7FFC6-2716-5A4E-528D-32786E690ED2}
              SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
              .
              ============== Running Processes ===============
              .
              C:\Windows\system32\lsm.exe
              C:\Windows\system32\svchost.exe -k DcomLaunch
              C:\Windows\system32\svchost.exe -k RPCSS
              c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
              C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
              C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
              C:\Windows\system32\svchost.exe -k LocalService
              C:\Windows\system32\svchost.exe -k netsvcs
              C:\Program Files\IDT\WDM\STacSV64.exe
              C:\Windows\system32\svchost.exe -k GPSvcGroup
              C:\Windows\system32\Hpservice.exe
              C:\Windows\system32\vcsFPService.exe
              C:\Windows\system32\svchost.exe -k NetworkService
              c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe
              C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
              C:\Windows\system32\WLANExt.exe
              C:\Windows\System32\spoolsv.exe
              C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
              C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
              C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
              C:\Program Files\Bonjour\mDNSResponder.exe
              C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
              C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
              c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
              C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
              C:\Program Files\Intel\iCLS Client\HeciServer.exe
              C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
              C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
              C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
              C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
              C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
              C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
              C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
              C:\Windows\system32\wbem\wmiprvse.exe
              C:\Windows\system32\wbem\unsecapp.exe
              C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
              C:\Windows\System32\svchost.exe -k secsvcs
              C:\Windows\system32\svchost.exe -k bthsvcs
              C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
              C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
              C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
              C:\Windows\system32\wbem\wmiprvse.exe
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
              C:\Program Files\Windows Media Player\wmpnetwk.exe
              C:\Windows\system32\SearchIndexer.exe
              C:\Windows\system32\taskhost.exe
              C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
              c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
              C:\Windows\system32\Dwm.exe
              c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
              C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
              C:\Program Files\IDT\WDM\sttray64.exe
              C:\Windows\System32\igfxtray.exe
              C:\Windows\System32\hkcmd.exe
              C:\Windows\System32\igfxpers.exe
              C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
              C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
              C:\Windows\system32\igfxsrvc.exe
              C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
              C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
              C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
              C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
              C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
              C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
              C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
              C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
              C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
              C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
              C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
              C:\Windows\system32\wuauclt.exe
              C:\Program Files (x86)\Browny02\BrYNSvc.exe
              c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
              C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
              C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
              C:\Windows\SYSTEM32\WISPTIS.EXE
              C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
              C:\Windows\system32\svchost.exe -k SDRSVC
              C:\Windows\system32\taskhost.exe
              C:\Program Files\CCleaner\CCleaner64.exe
              C:\Windows\system32\notepad.exe
              C:\Windows\system32\SearchProtocolHost.exe
              C:\Windows\system32\SearchFilterHost.exe
              C:\Windows\explorer.exe
              C:\Windows\System32\cscript.exe
              .
              ============== Pseudo HJT Report ===============
              .
              uStart Page = hxxp://www.google.com/
              BHO: HP File Sanitizer: {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
              BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
              BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
              BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
              BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
              BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
              TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
              TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
              TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
              uRun: [DYMOQuickPrint] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
              uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
              uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
              mRun: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
              mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
              mRun: [DsMgr] C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe
              mRun: [YouCam Mirage] "c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
              mRun: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
              mRun: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
              mRun: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
              mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
              mRun: [F-PROT Antivirus Tray application] C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FProtTray.exe
              mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
              mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
              mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
              mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
              uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
              uPolicies-Explorer: NoDrives = dword:0
              mPolicies-Explorer: NoDrives = dword:0
              mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
              mPolicies-System: ConsentPromptBehaviorUser = dword:3
              mPolicies-System: EnableLUA = dword:0
              mPolicies-System: EnableUIADesktopToggle = dword:0
              mPolicies-System: PromptOnSecureDesktop = dword:0
              mPolicies-System: DisableCAD = dword:1
              IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
              IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
              IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
              IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
              IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
              IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
              TCP: NameServer = 10.252.110.242
              TCP: Interfaces\{0613D36D-2C4A-487F-A873-633B175C3B48} : DHCPNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
              TCP: Interfaces\{33B1413A-6091-4409-9A09-820DF37BF3D4} : DHCPNameServer = 10.252.110.242
              Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
              Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
              SSODL: WebCheck - <orphaned>
              LSA: Notification Packages = DPPassFilter scecli
              mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
              x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
              x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
              x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
              x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
              x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
              x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
              x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
              x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
              x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
              x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
              x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
              x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
              x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
              x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
              x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
              x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
              x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
              x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
              x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
              x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
              x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
              x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
              x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
              x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
              x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
              x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
              x64-Notify: igfxcui - igfxdev.dll
              x64-SSODL: WebCheck - <orphaned>
              .
              ================= FIREFOX ===================
              .
              FF - ProfilePath - C:\Users\koop\AppData\Roaming\Mozilla\Firefox\Profiles\lmree7r7.default\
              FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
              FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
              FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
              FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
              FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
              FF - plugin: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
              FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
              FF - plugin: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll
              FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
              FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
              FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
              .
              ============= SERVICES / DRIVERS ===============
              .
              R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-7-15 667496]
              R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-7-15 28008]
              R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-4-26 20464]
              R0 PinFile;PinFile;C:\Windows\System32\drivers\PinFile.sys [2013-7-15 49928]
              R0 SDDisk2K;SDDisk2K;C:\Windows\System32\drivers\SDDisk2K.sys [2013-7-15 210184]
              R0 SDDToki;SDDToki;C:\Windows\System32\drivers\SDDToki.sys [2013-7-15 131848]
              R1 FPAV_RTP;FPAV_RTP;C:\Windows\System32\drivers\FPAV_RTP.sys [2014-4-17 842144]
              R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2013-3-1 227968]
              R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-4-22 2449592]
              R2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2014-2-3 33072]
              R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
              R2 HPFSService;HP File Sanitizer;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2013-7-24 1748184]
              R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
              R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2013-6-20 43320]
              R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-7-19 14696]
              R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
              R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-3-23 131544]
              R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-3-23 169432]
              R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2014-4-9 377704]
              R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2013-12-11 16056]
              R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2014-4-17 72216]
              R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-1-23 1871160]
              R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-1-23 969016]
              R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-4-22 4972864]
              R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2013-2-12 3165232]
              R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2013-3-1 323584]
              R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2014-3-23 89168]
              R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2014-8-30 266240]
              R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2014-3-23 346192]
              R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2014-3-23 115280]
              R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2014-3-23 34384]
              R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2014-3-23 179432]
              R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2014-3-23 77464]
              R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2014-3-23 136424]
              R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2014-3-23 583760]
              R3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2014-4-16 456192]
              R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2013-7-10 1444664]
              R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-4-26 368112]
              R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-4-26 786416]
              R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-1-23 25816]
              R3 radpms;Driver for RADPMS Device;C:\Windows\System32\drivers\radpms.sys [2013-12-11 14944]
              R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-3-23 872152]
              R3 RTSPER;Realtek PCIE Card Reader - PER;C:\Windows\System32\drivers\RtsPer.sys [2013-6-17 418520]
              R3 SPUVCbv;SPUVCb Driver Service;C:\Windows\System32\drivers\SPUVCBv_x64.sys [2014-3-23 1512952]
              S?3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-1-23 63704]
              S?4 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-1-23 129752]
              S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
              S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
              S2 FPAVServer;F-PROT Antivirus for Windows system;C:\Program Files (x86)\FRISK Software\F-PROT Antivirus for Windows\FPAVServer.exe [2011-10-6 84136]
              S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
              S3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2013-3-1 55448]
              S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2014-8-30 95344]
              S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2014-8-30 21872]
              S3 DAMDrv;DAMDrv;C:\Windows\System32\drivers\DAMDrv64.sys [2013-2-18 65752]
              S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
              S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2014-4-16 14976]
              S3 FLCDLOCK;HP Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2013-3-4 556856]
              S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-3-23 169752]
              S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-11 114688]
              S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-8-8 452088]
              S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
              S3 lehidmini;Bluetooth Low Energy Hid Device;C:\Windows\System32\drivers\leath_hid.sys [2014-3-23 39704]
              S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-4-17 19456]
              S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-8-19 30448]
              S3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-8-19 34544]
              S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
              S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-4-17 56832]
              S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-4-17 30208]
              S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-16 1255736]
              .
              =============== Created Last 30 ================
              .
              2015-01-23 13:36:46 -------- d-sh--w- C:\$RECYCLE.BIN
              2015-01-23 12:41:32 208896 ----a-w- C:\Windows\MBR.exe
              2015-01-23 12:41:31 98816 ----a-w- C:\Windows\sed.exe
              2015-01-23 12:41:31 256000 ----a-w- C:\Windows\PEV.exe
              2015-01-23 12:23:33 -------- d-----w- C:\Program Files\CCleaner
              2015-01-23 10:53:32 -------- d-----w- C:\AdwCleaner
              2015-01-23 08:00:51 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
              2015-01-23 08:00:20 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
              2015-01-23 08:00:20 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
              2015-01-23 08:00:20 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
              2015-01-23 08:00:20 -------- d-----w- C:\ProgramData\Malwarebytes
              2015-01-23 08:00:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
              2015-01-21 08:04:53 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C23B7C9-4952-41BE-AC13-F1077DC6F6F4}\mpengine.dll
              2015-01-19 08:27:41 -------- d-----w- C:\ProgramData\Visan
              2015-01-19 08:27:41 -------- d-----w- C:\ProgramData\HP Photo Creations
              2015-01-19 08:27:41 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
              2015-01-19 08:27:18 -------- d-----w- C:\Users\koop\AppData\Roaming\HpUpdate
              2015-01-19 08:27:12 741480 ------w- C:\Windows\System32\HPDiscoPMa111.dll
              2015-01-19 08:26:07 -------- d-----w- C:\Program Files\HP
              2015-01-19 08:26:07 -------- d-----w- C:\Program Files (x86)\HP
              2015-01-19 08:25:33 -------- d-----w- C:\Users\koop\AppData\Local\HP
              2015-01-19 07:45:41 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
              2015-01-19 07:45:41 303616 ----a-w- C:\Windows\System32\nlasvc.dll
              2015-01-19 07:45:41 210432 ----a-w- C:\Windows\System32\profsvc.dll
              2015-01-19 07:45:41 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
              2015-01-19 07:45:39 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
              2015-01-19 07:45:30 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
              2015-01-19 07:45:30 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
              2015-01-19 07:44:57 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
              2015-01-19 07:44:51 5553592 ----a-w- C:\Windows\System32\ntoskrnl.exe
              2015-01-19 07:44:50 3971512 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
              2015-01-19 07:44:50 3916728 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
              2015-01-19 07:44:49 503808 ----a-w- C:\Windows\System32\srcore.dll
              2015-01-19 07:44:49 50176 ----a-w- C:\Windows\System32\srclient.dll
              2015-01-19 07:44:49 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
              2015-01-19 07:44:49 296960 ----a-w- C:\Windows\System32\rstrui.exe
              2015-01-16 08:27:10 -------- d-----w- C:\Users\koop\AppData\Local\Mozilla
              2015-01-06 13:13:29 -------- d-----w- C:\ProgramData\phkkbkddpkfbigjgdbjhmafocalbaoid
              .
              ==================== Find3M ====================
              .
              2015-01-23 12:11:18 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
              2015-01-23 12:11:18 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
              2015-01-22 08:23:52 92520 ----a-w- C:\Windows\System32\LMIinit.dll
              2015-01-22 08:23:52 35688 ----a-w- C:\Windows\System32\LMIport.dll
              2015-01-22 08:23:52 107392 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
              2015-01-08 08:55:52 298120 ------w- C:\Windows\System32\MpSigStub.exe
              2014-11-26 12:17:45 92520 ----a-w- C:\Windows\System32\LMIinit.dll.000.bak
              2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
              2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
              2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
              2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
              2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
              2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
              2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
              2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
              2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
              2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
              2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
              2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
              2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
              2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
              2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
              2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
              2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
              2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
              2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
              2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
              2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
              2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
              2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
              2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
              2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
              2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
              2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
              2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
              2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
              2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
              2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
              2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
              2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
              2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
              2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
              2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
              .
              ============= FINISH: 14:38:08,28 ===============

              Comment


              • #8
                Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

                ComboFix /Uninstall

                Zorg ervoor dat er dus een spatie is tussen Combofix en /
                Daarna klik je op Enter.


                Klik op de afbeelding om te vergroten....


                Dit zal Combofix verwijderen+gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw,
                verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen
                en reset je Systeemherstel opnieuw.



                Download of Update Ccleaner

                Start CCleaner op.
                • Run Ccleaner en klik in de linkse kolom op Opties
                • Selecteer het tabblad Geavanceerd
                • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                • Selecteer het tabblad Instellingen
                • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                • Klik in de linkse kolom op Cleaner.
                • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                • Klik vervolgens in de linkse kolom op Register
                • Klik op Scan naar problemen.
                • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                .



                Vertel nu eens even of er nog problemen zijn?

                Emphyrio
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Zo te zien is alles weer terug naar normaal!

                  Comment


                  • #10
                    Prachtig

                    1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                    2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                    Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                    3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                    4) Allerlei tips en hints kan je hier raadplegen.


                    Ik zet het topic op opgelost.

                    Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                    naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                    Dit is gedaan om het forum netjes en overzichtelijk te houden.

                    Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                    Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                    Emphyrio
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment

                    Sorry, you are not authorized to view this page
                    Working...
                    X