Mededeling

Collapse
No announcement yet.

Nazicht op malware

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Nazicht op malware

    Goedemorgen Dorado,

    Ik heb de viruschecks uitgevoerd en hieronder plaats ik de logs ervan:

    MBAM
    ADWCleaner
    DDS
    Gmer

    ik heb nog nietr de twee andere logs geplaatst, wellicht volgt uit onderstaande logs eerst acties die ik moet uitvoeren (op jou advies).

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 24-1-2015
    Scan Time: 9:25:10
    Logfile: malwarelog.txt
    Administrator: Yes

    Version: 2.00.4.1028
    Malware Database: v2015.01.24.07
    Rootkit Database: v2015.01.14.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: JOHAN

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 409916
    Time Elapsed: 51 min, 15 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 11
    PUP.Optional.Vosteran.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, , [d7607a811d6cb581b13e44399073c43c],
    PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\PriceMeterLiveUpdate, , [05322ecd0584c07667d325573bc83ac6],
    PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, , [e94e9a615b2ee94dbeacf489f70cf50b],
    PUP.Optional.Vosteran.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, , [d76044b7236644f20ce3017cf211fd03],
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, , [1e19cf2c5732b680fe2accc4758ea35d],
    PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, , [0f28a05b5e2b76c0d2b5681dc142f808],
    PUP.Optional.SweetIM.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SweetIM, , [af88cd2ebacff046f277017c2bd8c838],
    PUP.Optional.Vosteran.A, HKU\S-1-5-21-1360557742-2907532109-2553311410-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Vosteran Browser, , [9d9aba411e6be155bdefdd2146be2fd1],
    PUP.Optional.Vosteran.A, HKU\S-1-5-21-1360557742-2907532109-2553311410-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, , [201749b274152214d21e116ce22113ed],
    PUP.Optional.InstallCore.A, HKU\S-1-5-21-1360557742-2907532109-2553311410-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [1522a65545441026c6ae6b546a9904fc],
    PUP.Optional.InstallCore.A, HKU\S-1-5-21-1360557742-2907532109-2553311410-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [1f186a9192f70531cfbac51048bc9e62],

    Registry Values: 5
    PUP.Optional.Vosteran, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Vosteran, , [bb7c976494f5f83e4661fa7dc73c49b7]
    PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, , [76c109f21079ea4cc84654acec19c838]
    PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, , [1e19cf2c5732b680fe2accc4758ea35d]
    PUP.Optional.InstallCore.A, HKU\S-1-5-21-1360557742-2907532109-2553311410-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0X1L1C1C1J2Z, , [1f186a9192f70531cfbac51048bc9e62]
    PUP.Optional.Vosteran, HKU\S-1-5-21-1360557742-2907532109-2553311410-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Vosteran, , [cd6a18e3a7e256e0145e99675ea7d927]

    Registry Data: 1
    PUP.Optional.Vosteran.A, HKU\S-1-5-21-1360557742-2907532109-2553311410-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://vosteran.com/?f=1&a=vst_secur...1249867673&ir=, Good: (www.google.com), Bad: (http://vosteran.com/?f=1&a=vst_secur...1249867673&ir=),,[eb4c0bf0e8a1340284efddc809fcd52b]

    Folders: 9
    PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran, , [9b9ca259b0d980b6462a3737659e8878],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Cache, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\GPUCache, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\User StyleSheets, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\pnacl, , [59de44b72e5b043251203e30de25d42c],

    Files: 147
    PUP.Optional.Bunndle, C:\Program Files\CamStudio 2.7\BunndleOfferManager.exe, , [1b1cdb205138f0462240fd601ae647b9],
    PUP.Optional.InstallCore, C:\Users\JOHAN\Downloads\CamStudio_Setup_v2.7.2_r326_(build_19Oct2013).exe, , [e35499623455ba7cdc31d99848bdac54],
    PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\Sqlite3.dll, , [9b9ca259b0d980b6462a3737659e8878],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Google Profile.ico, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Cookies, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Current Session, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Favicons, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Favicons-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\History, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\History Provider Cache, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\History-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Network Action Predictor, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Network Action Predictor-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Preferences, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Shortcuts, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Shortcuts-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Visited Links, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Web Data, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Web Data-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Cache\data_0, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Cache\data_1, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Cache\data_2, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Cache\data_3, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Cache\index, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\GPUCache\data_0, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\GPUCache\data_1, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\GPUCache\data_2, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\GPUCache\data_3, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\GPUCache\index, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_bjaelnipcipenlfdoncdclohekeglkac_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_eemcgdkfndhakfknompkggombfjjjeno_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_eemcgdkfndhakfknompkggombfjjjeno_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_giacidpcfkbjnapjaklcdchjmmnajmpm_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_mpcknfcdcgpffjddjeceioobdelceffo_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_oilkkkefbalmbfppgjmgjoefbclebkce_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_dub121.mail.live.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_embed.spotify.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_embed.spotify.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_im.anwb.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_im.anwb.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_login.skype.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_login.skype.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_mail.google.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_mijn.dlzv.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_mijn.dlzv.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_people.directory.live.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_play.google.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_play.google.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_plus.google.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_productforums.google.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_productforums.google.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_s7.addthis.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_s7.addthis.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_safe.txmblr.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_safe.txmblr.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_secure.skype.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_dub121.mail.live.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_people.directory.live.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_secure.skype.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_w.soundcloud.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.google.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.waternet.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_cdn.magnuum.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_nl.xhamster.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_waarbenjij.nu_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_shop.t-mobile.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_shop.t-mobile.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_support.google.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_support.google.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_talkgadget.google.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_talkgadget.google.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_tm.txmblr.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_tm.txmblr.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_treintickets.nsinternational.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_treintickets.nsinternational.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_w.soundcloud.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.abnamro.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.abnamro.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.anwb.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.anwb.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.centraalbeheer.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.centraalbeheer.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.dropbox.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.dropbox.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.google.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.google.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.linkedin.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.linkedin.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.nsinternational.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.nsinternational.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.nuon.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.nuon.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.nuonexclusief.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.nuonexclusief.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.tumblr.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.tumblr.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.upc.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.upc.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.waternet.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_allhornyhotmen.tumblr.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_allhornyhotmen.tumblr.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_cdn.magnuum.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_johankraaijenzang.waarbenjij.nu_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_johankraaijenzang.waarbenjij.nu_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_nl.xhamster.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_s7.addthis.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_s7.addthis.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_technet.microsoft.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_technet.microsoft.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_track.shop2market.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_track.shop2market.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_waarbenjij.nu_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.2night.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.2night.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.anwb.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.anwb.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.bever.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.bever.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.deltalloyd.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.deltalloyd.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.google.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.hetzwartefietsenplan.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.hetzwartefietsenplan.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.unie.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.unie.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.upc.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.upc.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.vergelijk.nl_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.vergelijk.nl_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.xtube.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\http_www.xtube.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_clients5.google.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_clients5.google.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_commerce.microsoft.com_0.localstorage, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\Local Storage\https_commerce.microsoft.com_0.localstorage-journal, , [59de44b72e5b043251203e30de25d42c],
    PUP.Optional.Vosteran, C:\Users\JOHAN\AppData\Local\Vosteran\User Data\Default\User StyleSheets\Custom.css, , [59de44b72e5b043251203e30de25d42c],

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    +++++++++++++++++++++++

    # AdwCleaner v4.108 - Rapport aangemaakt 24/01/2015 op 10:22:50
    # Laatste Update 17/01/2015 door Xplode
    # Database : 2015-01-24.1 [Live]
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruikersnaam : JOHAN - JOHAN-PC
    # Gestart vanuit : C:\Users\JOHAN\Desktop\adwcleaner_4.108.exe
    # Optie : Verwijderen

    ***** [ Services ] *****

    [#] Service Verwijderd : APNMCP

    ***** [ Bestanden / Mappen ] *****

    Map Verwijderd : C:\ProgramData\apn
    Map Verwijderd : C:\ProgramData\AskPartnerNetwork
    Map Verwijderd : C:\Program Files (x86)\AskPartnerNetwork
    Map Verwijderd : C:\Program Files (x86)\VNT
    Map Verwijderd : C:\Program Files (x86)\WSE_Vosteran
    Map Verwijderd : C:\Users\JOHAN\AppData\Local\Temp\apn
    Map Verwijderd : C:\Users\JOHAN\AppData\Local\AskPartnerNetwork
    Map Verwijderd : C:\Users\JOHAN\AppData\Local\VNT
    Map Verwijderd : C:\Users\JOHAN\AppData\Local\Vosteran
    Map Verwijderd : C:\Users\JOHAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér
    Map Verwijderd : C:\Users\JOHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
    Bestand Verwijderd : C:\Users\JOHAN\AppData\LocalLow\SkwConfig.bin

    ***** [ Taken ] *****

    Taak Verwijderd : Advanced System Protector_startup
    Taak Verwijderd : BrowserDefendert
    Taak Verwijderd : pricemetertask
    Taak Verwijderd : pricemeterwatcher

    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****

    Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
    Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
    Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\opjebaomffhbebmkanbennmagkdjkclo
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\opjebaomffhbebmkanbennmagkdjkclo
    Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
    Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
    Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    Sleutel Verwijderd : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Sleutel Verwijderd : HKCU\Software\AskPartnerNetwork
    Sleutel Verwijderd : HKCU\Software\InstallCore
    Sleutel Verwijderd : HKCU\Software\Myfree Codec
    Sleutel Verwijderd : HKCU\Software\SecuredDownload
    Sleutel Verwijderd : HKCU\Software\Vosteran Browser
    Sleutel Verwijderd : HKLM\SOFTWARE\AskPartnerNetwork
    Sleutel Verwijderd : HKLM\SOFTWARE\Myfree Codec
    Sleutel Verwijderd : HKLM\SOFTWARE\PriceMeterLiveUpdate
    Sleutel Verwijderd : HKLM\SOFTWARE\SupDp
    Sleutel Verwijderd : HKLM\SOFTWARE\SweetIM
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFF FF
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\41A387AA3A7A33D3590FA953D13500 11

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17496

    Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

    -\\ Mozilla Firefox v


    -\\ Google Chrome v


    *************************

    AdwCleaner[R0].txt - [5583 octets] - [24/01/2015 10:20:28]
    AdwCleaner[S0].txt - [4555 octets] - [24/01/2015 10:22:50]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4615 octets] ##########

    In twee delen...

  • #2
    ============================================

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17496
    Run by JOHAN at 10:35:05 on 2015-01-24
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3839.1553 [GMT 1:00]
    .
    AV: Norton Internet Security *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
    SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
    C:\Windows\SysWOW64\F5InstallerService.exe
    C:\Windows\SysWOW64\F5FltSrv.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
    C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Windows\vsnp2uvc.exe
    C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Sitecom\Common\RaUI.exe
    C:\Windows\system32\RunDll32.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.bing.com/search?q={searchTerms}
    uSearch Page = hxxp://www.bing.com/search?q={searchTerms}
    uDefault_Page_URL = about:blank
    uDefault_Search_URL = hxxp://www.google.com/ie
    mStart Page = about:blank
    mDefault_Page_URL = about:blank
    mURLSearchHooks: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - <orphaned>
    mURLSearchHooks: {b80f591e-fe9a-46cf-a13e-180377240586} - <orphaned>
    mWinlogon: Userinit = userinit.exe,
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coieplg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\ips\ipsbho.dll
    BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
    BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coieplg.dll
    TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
    uRun: [Google Update] "C:\Users\JOHAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
    uRun: [GoogleChromeAutoLaunch_9D055B46A58C2D6E75F0364CFE9F212E] "C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    StartupFolder: C:\Users\JOHAN\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INKTWA~1.LNK - C:\Windows\System32\RunDll32.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SITECO~1.LNK - C:\Program Files (x86)\Sitecom\Common\RaUI.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
    IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5certchk.cab
    DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
    DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/cachecleaner.cab
    DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxvpn.cab
    DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
    DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5tunsrv.cab
    DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/InstallerControl.cab
    DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
    DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5InspectionHost.cab
    DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/vdeskctrl.cab
    DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab
    DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxshost.cab
    DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxhost.cab
    DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5syschk.cab
    DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{13C00A54-3228-4A6E-BDBA-C43BCCE91A5E} : DHCPNameServer = 192.168.0.1
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    x64-mStart Page = about:blank
    x64-mSearch Page = hxxp://www.google.com
    x64-mDefault_Page_URL = about:blank
    x64-mDefault_Search_URL = hxxp://www.google.com
    x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
    x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coieplg.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
    x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coieplg.dll
    x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} -
    x64-Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-1-8 55024]
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1506000.020\symds64.sys [2014-10-1 493656]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1506000.020\symefa64.sys [2014-10-1 1148120]
    R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [2015-1-6 1622744]
    R1 ccSet_NIS;NIS Settings Manager;C:\Windows\System32\drivers\NISx64\1506000.020\ccsetx64.sys [2014-10-1 162392]
    R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\IPSDefs\20150123.001\IDSviA64.sys [2015-1-24 668888]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1506000.020\ironx64.sys [2014-10-1 266968]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1506000.020\symnets.sys [2014-10-1 593112]
    R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
    R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
    R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
    R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
    R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-20 2449592]
    R2 F5 Networks Component Installer;F5 Networks Component Installer;C:\Windows\SysWOW64\F5InstallerService.exe [2013-12-12 394768]
    R2 F5FltSrv;F5 Networks DNS Relay Proxy Service;C:\Windows\SysWOW64\F5FltSrv.exe [2013-12-12 317456]
    R2 F5TrafficSrv;F5 Networks Traffic Control Service;C:\Windows\SysWOW64\F5TrafficSrv.exe [2013-12-12 210448]
    R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496]
    R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
    R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe [2014-10-1 276376]
    R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe [2011-11-19 69632]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
    R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-5-10 243232]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 142640]
    R3 urvpndrv;F5 Networks VPN Adapter;C:\Windows\System32\drivers\covpnv64.sys [2012-4-6 45776]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
    S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-12-21 110336]
    S3 F5FltDrv;F5 Networks DNS Relay Driver;C:\Windows\SysWOW64\drivers\F5FltDrv.sys [2013-12-12 47336]
    S3 f5ipfw;F5 Networks StoneWall Filter;C:\Windows\System32\drivers\urfltv64.sys [2014-6-11 19688]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-14 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
    S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-10-11 44928]
    S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-13 129752]
    S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-10-11 29696]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-12-21 206080]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-9 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-8 1255736]
    .
    =============== Created Last 30 ================
    .
    2015-01-24 09:20:23 -------- d-----w- C:\AdwCleaner
    2015-01-24 08:24:28 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D5598D33-345B-4ADB-84CB-67F7F7928D2C}\mpengine.dll
    2015-01-24 08:23:20 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2015-01-24 08:23:20 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2015-01-24 08:23:20 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2015-01-24 08:23:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-01-22 18:23:04 -------- d-----w- C:\Program Files (x86)\E Dev
    2015-01-22 17:44:18 -------- d-----w- C:\Users\JOHAN\AppData\Roaming\IBANC
    2015-01-14 18:36:51 52736 ----a-w- C:\Windows\System32\TSWbPrxy.exe
    2015-01-14 18:36:49 210432 ----a-w- C:\Windows\System32\profsvc.dll
    2015-01-14 18:36:46 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
    2015-01-14 18:36:46 303616 ----a-w- C:\Windows\System32\nlasvc.dll
    2015-01-14 18:36:46 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
    2015-01-14 18:36:43 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
    2015-01-14 18:35:46 5553592 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2015-01-14 18:35:45 3971512 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2015-01-14 18:35:44 3916728 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2015-01-14 18:35:42 503808 ----a-w- C:\Windows\System32\srcore.dll
    2015-01-14 18:35:42 50176 ----a-w- C:\Windows\System32\srclient.dll
    2015-01-14 18:35:42 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
    2015-01-14 18:35:42 296960 ----a-w- C:\Windows\System32\rstrui.exe
    .
    ==================== Find3M ====================
    .
    2015-01-24 08:38:44 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2015-01-24 08:38:43 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2015-01-24 08:24:01 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2015-01-06 03:36:02 298120 ------w- C:\Windows\System32\MpSigStub.exe
    2014-12-13 05:09:01 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
    2014-12-13 03:33:44 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
    2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
    2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
    2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
    2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
    2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
    2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
    2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
    2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
    2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
    2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
    2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
    2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
    2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
    2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
    2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
    2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
    2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
    2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
    2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
    .
    ============= FINISH: 10:38:25,24 ===============


    =====================================================

    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2015-01-24 10:52:48
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000065 Hitachi_ rev.JPFO 298,09GB
    Running: nxfe2r3o.exe; Driver: C:\Users\JOHAN\AppData\Local\Temp\agdoypow.sys


    ---- Kernel code sections - GMER 2.1 ----

    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 448 fffff80002ff8000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 495 fffff80002ff802f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076721465 2 bytes [72, 76]
    .text C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe[1852] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000767214bb 2 bytes [72, 76]
    .text ... * 2
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2284] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076721465 2 bytes [72, 76]
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[2284] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000767214bb 2 bytes [72, 76]
    .text ... * 2
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection 000000007772fc80 5 bytes JMP 00000001003a012a
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 000000007772fcb0 5 bytes JMP 00000001003a0bc2
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 000000007772fe14 5 bytes JMP 00000001003a0048
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtReadVirtualMemory 000000007772fe90 5 bytes JMP 00000001003a0e68
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 000000007772fea8 5 bytes JMP 00000001003a0594
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtQueueApcThread 000000007772ff24 5 bytes JMP 00000001003a0f4a
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077730004 5 bytes JMP 00000001003a0758
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077730038 5 bytes JMP 00000001003a0ca4
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077730068 5 bytes JMP 00000001003a0d86
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077730084 5 bytes JMP 0000000100020050
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtAlertResumeThread 00000000777302e8 5 bytes JMP 00000001003a020c
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007773079c 5 bytes JMP 00000001003a03d0
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007773088c 5 bytes JMP 00000001003a09fe
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000777308a4 2 bytes JMP 00000001003a091c
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx + 3 00000000777308a7 2 bytes [C7, 88]
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 0000000077730df4 5 bytes JMP 00000001003a0676
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtQueueApcThreadEx 00000000777315d4 5 bytes JMP 00000001003a02ee
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 0000000077731920 5 bytes JMP 00000001003a083a
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 0000000077731be4 5 bytes JMP 00000001003a0ae0
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 0000000077731d70 5 bytes JMP 00000001003a04b2
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206 000000007560524f 7 bytes JMP 00000001003b03d8
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380 00000000756053d0 7 bytes JMP 00000001003b0684
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149 0000000075605677 7 bytes JMP 00000001003b04bc
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542 000000007560589a 7 bytes JMP 00000001003b012c
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382 0000000075605a1d 7 bytes JMP 00000001003b084c
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370 0000000075605c9b 7 bytes JMP 00000001003b05a0
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231 0000000075605d87 7 bytes JMP 00000001003b0768
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123 0000000075607240 7 bytes JMP 00000001003b02f4
    .text C:\Users\JOHAN\Desktop\nxfe2r3o.exe[3212] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000075171492 7 bytes JMP 00000001003b0930

    ---- Threads - GMER 2.1 ----

    Thread C:\Windows\system32\svchost.exe [1220:1276] 000007fef9b1341c
    Thread C:\Windows\system32\svchost.exe [1220:1320] 000007fef9b13a2c
    Thread C:\Windows\system32\svchost.exe [1220:1324] 000007fef9b15c20
    Thread C:\Windows\system32\svchost.exe [1220:1328] 000007fef9b13768
    Thread C:\Windows\system32\svchost.exe [1220:2132] 000007fef85abd70
    Thread C:\Windows\system32\svchost.exe [1220:3328] 000007fef9b13900
    Thread C:\Windows\system32\svchost.exe [1220:4676] 000007fef6205170
    Thread C:\Windows\system32\svchost.exe [1220:4776] 000007fef8405124
    Thread C:\Windows\System32\spoolsv.exe [1400:2804] 000007fef6bf10c8
    Thread C:\Windows\System32\spoolsv.exe [1400:2808] 000007fef6bc6144
    Thread C:\Windows\System32\spoolsv.exe [1400:2812] 000007fef8095fd0
    Thread C:\Windows\System32\spoolsv.exe [1400:2816] 000007fef7e83438
    Thread C:\Windows\System32\spoolsv.exe [1400:2820] 000007fef80963ec
    Thread C:\Windows\System32\spoolsv.exe [1400:2832] 000007fef7e83438
    Thread C:\Windows\System32\spoolsv.exe [1400:2836] 000007fef80963ec
    Thread C:\Windows\system32\svchost.exe [1440:1236] 000007fef91735c0
    Thread C:\Windows\system32\svchost.exe [1440:2860] 000007fef9175600
    Thread C:\Windows\system32\svchost.exe [1440:3168] 000007fef5c12940
    Thread C:\Windows\system32\svchost.exe [1440:3772] 000007fef5012888
    Thread C:\Windows\system32\svchost.exe [1440:3952] 000007fef5012a40
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4520:4808] 000007fefb952bf8
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4520:4816] 000007feeecd4830
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4520:5000] 000007fef8405124
    Thread C:\Windows\System32\svchost.exe [2888:1060] 000007feeffd9688

    ---- EOF - GMER 2.1 ----


    Dat waren de logs...

    Wacht je reactie even af, en bedankt alvast voor je hulp.


    Groet

    Jokra

    Comment


    • #3
      Hoi Jokra,

      Ik heb je topic even afgesplitst en in de juiste categorie gezet.

      Download of Update Ccleaner

      Start CCleaner op.
      • Run Ccleaner en klik in de linkse kolom op Opties
      • Selecteer het tabblad Geavanceerd
      • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
      • Selecteer het tabblad Instellingen
      • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
      • Klik in de linkse kolom op Cleaner.
      • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
      • Klik vervolgens in de linkse kolom op Register
      • Klik op Scan naar problemen.
      • Op de vraag of je een backup wil maken van het register, klik je "Ja".
      • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

      .


      Download Combofix naar je bureaublad.
      (Dus niet naar een download map of temp map)

      Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
      Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

      Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

      Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
      Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

      Als Combofix vraagt om een update, dan staat je dit toe.

      Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
      Deze kan je vinden als C:\combofix.txt.

      Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

      * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
      • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
      • Illegal operation attempted on a registry key that has been marked for deletion.
      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

      Comment


      • #4
        Twijfel of de mail/reactie nu is aangekomen bij jullie?

        daarom de logfiles nog een keer:

        DDS (Ver_2012-11-05.02) - NTFS_AMD64
        Internet Explorer: 11.0.9600.17496
        Run by JOHAN at 9:10:09 on 2015-01-25
        Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3839.1847 [GMT 1:00]
        .
        AV: Norton Internet Security *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
        SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
        SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
        FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
        .
        ============== Running Processes ===============
        .
        C:\Windows\system32\lsm.exe
        C:\Windows\system32\svchost.exe -k DcomLaunch
        C:\Windows\system32\nvvsvc.exe
        C:\Windows\system32\svchost.exe -k RPCSS
        C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
        C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
        C:\Windows\system32\svchost.exe -k LocalService
        C:\Windows\system32\svchost.exe -k netsvcs
        C:\Windows\system32\svchost.exe -k NetworkService
        C:\Windows\System32\spoolsv.exe
        C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
        C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
        C:\Windows\system32\nvvsvc.exe
        c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
        C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
        C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
        C:\Windows\system32\taskhost.exe
        C:\Windows\system32\Dwm.exe
        C:\Program Files\Bonjour\mDNSResponder.exe
        C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
        C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
        C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
        C:\Windows\SysWOW64\F5InstallerService.exe
        C:\Windows\SysWOW64\F5FltSrv.exe
        C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
        C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
        C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
        C:\Windows\system32\RunDll32.exe
        C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
        C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
        C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
        C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
        C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe
        C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
        C:\Windows\system32\svchost.exe -k imgsvc
        C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
        C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
        C:\Windows\system32\SearchIndexer.exe
        C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
        C:\Windows\System32\WUDFHost.exe
        C:\Program Files\Windows Media Player\wmpnetwk.exe
        C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
        C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
        C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
        C:\Windows\system32\svchost.exe -k SDRSVC
        C:\Windows\System32\svchost.exe -k secsvcs
        C:\Program Files\CCleaner\CCleaner64.exe
        C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
        C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Windows\system32\taskeng.exe
        C:\Windows\explorer.exe
        C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Windows\system32\wbem\wmiprvse.exe
        C:\Windows\System32\cscript.exe
        .
        ============== Pseudo HJT Report ===============
        .
        uStart Page = hxxp://www.google.com
        uDefault_Search_URL = hxxp://www.google.com/ie
        mStart Page = about:blank
        mDefault_Page_URL = about:blank
        mURLSearchHooks: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - <orphaned>
        mURLSearchHooks: {b80f591e-fe9a-46cf-a13e-180377240586} - <orphaned>
        BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
        BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
        BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
        BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
        BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coieplg.dll
        BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\ips\ipsbho.dll
        BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
        BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
        BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
        TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coieplg.dll
        TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
        uRun: [GoogleChromeAutoLaunch_9D055B46A58C2D6E75F0364CFE9F212E] "C:\Users\JOHAN\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
        uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
        mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
        mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
        mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
        mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
        mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
        StartupFolder: C:\Users\JOHAN\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INKTWA~1.LNK - C:\Windows\System32\RunDll32.exe
        StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SITECO~1.LNK - C:\Program Files (x86)\Sitecom\Common\RaUI.exe
        uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
        uPolicies-Explorer: NoDrives = dword:0
        mPolicies-Explorer: NoDrives = dword:0
        mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
        mPolicies-System: ConsentPromptBehaviorUser = dword:3
        mPolicies-System: EnableLUA = dword:0
        mPolicies-System: EnableUIADesktopToggle = dword:0
        mPolicies-System: PromptOnSecureDesktop = dword:0
        IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
        IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
        IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
        IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
        IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
        IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
        IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
        IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
        IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
        IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
        .
        INFO: HKCU has more than 50 listed domains.
        If you wish to scan all of them, select the 'Force scan all domains' option.
        .
        DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5certchk.cab
        DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
        DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/cachecleaner.cab
        DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxvpn.cab
        DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
        DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5tunsrv.cab
        DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/InstallerControl.cab
        DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
        DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5InspectionHost.cab
        DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/vdeskctrl.cab
        DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab
        DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxshost.cab
        DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxhost.cab
        DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5syschk.cab
        DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
        TCP: NameServer = 192.168.0.1
        TCP: Interfaces\{13C00A54-3228-4A6E-BDBA-C43BCCE91A5E} : DHCPNameServer = 192.168.0.1
        Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
        Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
        Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
        Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
        SSODL: WebCheck - <orphaned>
        x64-mStart Page = about:blank
        x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
        x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
        x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coieplg.dll
        x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
        x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
        x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
        x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coieplg.dll
        x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} -
        x64-Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
        x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
        x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
        x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
        x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
        x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
        x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
        x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
        x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
        x64-SSODL: WebCheck - <orphaned>
        .
        ============= SERVICES / DRIVERS ===============
        .
        R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-1-8 55024]
        R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1506000.020\symds64.sys [2014-10-1 493656]
        R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1506000.020\symefa64.sys [2014-10-1 1148120]
        R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [2015-1-6 1622744]
        R1 ccSet_NIS;NIS Settings Manager;C:\Windows\System32\drivers\NISx64\1506000.020\ccsetx64.sys [2014-10-1 162392]
        R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\IPSDefs\20150123.001\IDSviA64.sys [2015-1-24 668888]
        R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1506000.020\ironx64.sys [2014-10-1 266968]
        R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1506000.020\symnets.sys [2014-10-1 593112]
        R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
        R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
        R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
        R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-20 2449592]
        R2 F5 Networks Component Installer;F5 Networks Component Installer;C:\Windows\SysWOW64\F5InstallerService.exe [2013-12-12 394768]
        R2 F5FltSrv;F5 Networks DNS Relay Proxy Service;C:\Windows\SysWOW64\F5FltSrv.exe [2013-12-12 317456]
        R2 F5TrafficSrv;F5 Networks Traffic Control Service;C:\Windows\SysWOW64\F5TrafficSrv.exe [2013-12-12 210448]
        R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496]
        R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe [2014-10-1 276376]
        R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe [2011-11-19 69632]
        R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
        R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-5-10 243232]
        R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
        R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 142640]
        R3 urvpndrv;F5 Networks VPN Adapter;C:\Windows\System32\drivers\covpnv64.sys [2012-4-6 45776]
        S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
        S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
        S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
        S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
        S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
        S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-12-21 110336]
        S3 F5FltDrv;F5 Networks DNS Relay Driver;C:\Windows\SysWOW64\drivers\F5FltDrv.sys [2013-12-12 47336]
        S3 f5ipfw;F5 Networks StoneWall Filter;C:\Windows\System32\drivers\urfltv64.sys [2014-6-11 19688]
        S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-14 48488]
        S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
        S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
        S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-10-11 44928]
        S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-13 129752]
        S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-10-11 29696]
        S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-12-21 206080]
        S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-9 59392]
        S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-7-28 54784]
        S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-8 1255736]
        .
        =============== Created Last 30 ================
        .
        2015-01-25 08:07:23 -------- d-sh--w- C:\$RECYCLE.BIN
        2015-01-25 07:53:20 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D5598D33-345B-4ADB-84CB-67F7F7928D2C}\offreg.dll
        2015-01-25 07:51:55 98816 ----a-w- C:\Windows\sed.exe
        2015-01-25 07:51:55 256000 ----a-w- C:\Windows\PEV.exe
        2015-01-25 07:51:55 208896 ----a-w- C:\Windows\MBR.exe
        2015-01-24 09:20:23 -------- d-----w- C:\AdwCleaner
        2015-01-24 08:24:28 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D5598D33-345B-4ADB-84CB-67F7F7928D2C}\mpengine.dll
        2015-01-24 08:23:20 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
        2015-01-24 08:23:20 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
        2015-01-24 08:23:20 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
        2015-01-24 08:23:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
        2015-01-22 18:23:04 -------- d-----w- C:\Program Files (x86)\E Dev
        2015-01-22 17:44:18 -------- d-----w- C:\Users\JOHAN\AppData\Roaming\IBANC
        2015-01-14 18:36:51 52736 ----a-w- C:\Windows\System32\TSWbPrxy.exe
        2015-01-14 18:36:49 210432 ----a-w- C:\Windows\System32\profsvc.dll
        2015-01-14 18:36:46 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
        2015-01-14 18:36:46 303616 ----a-w- C:\Windows\System32\nlasvc.dll
        2015-01-14 18:36:46 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
        2015-01-14 18:36:43 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
        2015-01-14 18:35:46 5553592 ----a-w- C:\Windows\System32\ntoskrnl.exe
        2015-01-14 18:35:45 3971512 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
        2015-01-14 18:35:44 3916728 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
        2015-01-14 18:35:42 503808 ----a-w- C:\Windows\System32\srcore.dll
        2015-01-14 18:35:42 50176 ----a-w- C:\Windows\System32\srclient.dll
        2015-01-14 18:35:42 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
        2015-01-14 18:35:42 296960 ----a-w- C:\Windows\System32\rstrui.exe
        .
        ==================== Find3M ====================
        .
        2015-01-24 08:38:44 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
        2015-01-24 08:38:43 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
        2015-01-24 08:24:01 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
        2015-01-06 03:36:02 298120 ------w- C:\Windows\System32\MpSigStub.exe
        2014-12-13 05:09:01 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
        2014-12-13 03:33:44 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
        2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
        2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
        2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
        2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
        2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
        2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
        2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
        2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
        2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
        2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
        2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
        2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
        2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
        2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
        2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
        2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
        2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
        2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
        2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
        2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
        2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
        2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
        2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
        2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
        2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
        2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
        2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
        2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
        2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
        2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
        2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
        2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
        2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
        2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
        2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
        2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
        2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
        2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
        2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
        2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
        2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
        2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
        2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
        2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
        .
        ============= FINISH: 9:10:25,03 ===============

        ComboFix 15-01-22.02 - JOHAN 25-01-2015 8:54.1.2 - x64
        Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3839.2214 [GMT 1:00]
        Gestart vanuit: c:\users\JOHAN\Desktop\ComboFix.exe
        AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
        FW: Norton Internet Security *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
        SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
        SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
        .
        .
        (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        c:\users\JOHAN\AppData\Roaming\Microsoft\Windows\Recent\http--boys.camsalon.nl-.url
        c:\users\JOHAN\Documents\~WRL0005.tmp

        Comment


        • #5
          (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          c:\users\JOHAN\AppData\Roaming\Microsoft\Windows\Recent\http--boys.camsalon.nl-.url
          c:\users\JOHAN\Documents\~WRL0005.tmp
          .
          .
          (((((((((((((((((((( Bestanden Gemaakt van 2014-12-25 to 2015-01-25 ))))))))))))))))))))))))))))))
          .
          .
          2015-01-25 08:02 . 2015-01-25 08:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
          2015-01-25 08:02 . 2015-01-25 08:02 -------- d-----w- c:\users\Default\AppData\Local\temp
          2015-01-25 07:53 . 2015-01-25 07:53 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D5598D33-345B-4ADB-84CB-67F7F7928D2C}\offreg.dll
          2015-01-24 09:20 . 2015-01-24 09:23 -------- d-----w- C:\AdwCleaner
          2015-01-24 08:24 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D5598D33-345B-4ADB-84CB-67F7F7928D2C}\mpengine.dll
          2015-01-24 08:23 . 2015-01-24 08:23 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
          2015-01-24 08:23 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
          2015-01-24 08:23 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
          2015-01-24 08:23 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
          2015-01-22 18:23 . 2015-01-22 18:23 -------- d-----w- c:\program files (x86)\E Dev
          2015-01-22 17:44 . 2015-01-22 17:44 -------- d-----w- c:\users\JOHAN\AppData\Roaming\IBANC
          2015-01-14 18:36 . 2014-12-11 17:47 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
          2015-01-14 18:36 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll
          2015-01-14 18:36 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
          2015-01-14 18:36 . 2014-12-06 03:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
          2015-01-14 18:36 . 2014-12-06 03:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
          2015-01-14 18:36 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
          2015-01-14 18:35 . 2014-12-12 05:35 5553592 ----a-w- c:\windows\system32\ntoskrnl.exe
          2015-01-14 18:35 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
          2015-01-14 18:35 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
          2015-01-14 18:35 . 2014-12-12 05:31 503808 ----a-w- c:\windows\system32\srcore.dll
          2015-01-14 18:35 . 2014-12-12 05:31 50176 ----a-w- c:\windows\system32\srclient.dll
          2015-01-14 18:35 . 2014-12-12 05:31 296960 ----a-w- c:\windows\system32\rstrui.exe
          2015-01-14 18:35 . 2014-12-12 05:07 43008 ----a-w- c:\windows\SysWow64\srclient.dll
          .
          .
          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2015-01-24 08:38 . 2012-07-19 07:41 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
          2015-01-24 08:38 . 2011-07-16 16:12 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
          2015-01-24 08:24 . 2014-05-13 20:22 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
          2015-01-14 19:29 . 2011-01-08 19:54 113365784 ----a-w- c:\windows\system32\MRT.exe
          2015-01-06 03:36 . 2011-01-08 13:01 298120 ------w- c:\windows\system32\MpSigStub.exe
          2014-12-13 05:09 . 2014-12-20 10:04 144384 ----a-w- c:\windows\system32\ieUnatt.exe
          2014-12-13 03:33 . 2014-12-20 10:04 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
          2014-12-04 02:50 . 2014-12-10 18:17 413184 ----a-w- c:\windows\system32\generaltel.dll
          2014-12-04 02:50 . 2014-12-10 18:17 741376 ----a-w- c:\windows\system32\invagent.dll
          2014-12-04 02:50 . 2014-12-10 18:17 396800 ----a-w- c:\windows\system32\devinv.dll
          2014-12-04 02:50 . 2014-12-10 18:17 830976 ----a-w- c:\windows\system32\appraiser.dll
          2014-12-04 02:50 . 2014-12-10 18:17 192000 ----a-w- c:\windows\system32\aepic.dll
          2014-12-04 02:50 . 2014-12-10 18:17 227328 ----a-w- c:\windows\system32\aepdu.dll
          2014-12-04 02:44 . 2014-12-10 18:17 1083392 ----a-w- c:\windows\system32\aeinv.dll
          2014-12-01 23:28 . 2014-12-10 18:17 1232040 ----a-w- c:\windows\system32\aitstatic.exe
          2014-11-27 01:43 . 2014-12-10 18:18 389296 ----a-w- c:\windows\system32\iedkcs32.dll
          2014-11-22 03:13 . 2014-12-10 18:18 25059840 ----a-w- c:\windows\system32\mshtml.dll
          2014-11-22 03:06 . 2014-12-10 18:18 2724864 ----a-w- c:\windows\system32\mshtml.tlb
          2014-11-22 03:06 . 2014-12-10 18:18 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
          2014-11-22 02:50 . 2014-12-10 18:18 66560 ----a-w- c:\windows\system32\iesetup.dll
          2014-11-22 02:50 . 2014-12-10 18:18 580096 ----a-w- c:\windows\system32\vbscript.dll
          2014-11-22 02:49 . 2014-12-10 18:18 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
          2014-11-22 02:49 . 2014-12-10 18:18 2885120 ----a-w- c:\windows\system32\iertutil.dll
          2014-11-22 02:48 . 2014-12-10 18:18 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
          2014-11-22 02:41 . 2014-12-10 18:18 54784 ----a-w- c:\windows\system32\jsproxy.dll
          2014-11-22 02:40 . 2014-12-10 18:18 34304 ----a-w- c:\windows\system32\iernonce.dll
          2014-11-22 02:37 . 2014-12-10 18:18 633856 ----a-w- c:\windows\system32\ieui.dll
          2014-11-22 02:35 . 2014-12-10 18:18 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
          2014-11-22 02:34 . 2014-12-10 18:18 814080 ----a-w- c:\windows\system32\jscript9diag.dll
          2014-11-22 02:34 . 2014-12-10 18:18 6039552 ----a-w- c:\windows\system32\jscript9.dll
          2014-11-22 02:26 . 2014-12-10 18:18 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
          2014-11-22 02:22 . 2014-12-10 18:18 490496 ----a-w- c:\windows\system32\dxtmsft.dll
          2014-11-22 02:20 . 2014-12-10 18:18 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
          2014-11-22 02:14 . 2014-12-10 18:18 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
          2014-11-22 02:09 . 2014-12-10 18:18 199680 ----a-w- c:\windows\system32\msrating.dll
          2014-11-22 02:08 . 2014-12-10 18:18 92160 ----a-w- c:\windows\system32\mshtmled.dll
          2014-11-22 02:07 . 2014-12-10 18:18 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
          2014-11-22 02:07 . 2014-12-10 18:18 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
          2014-11-22 02:06 . 2014-12-10 18:18 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
          2014-11-22 02:05 . 2014-12-10 18:18 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
          2014-11-22 02:05 . 2014-12-10 18:18 316928 ----a-w- c:\windows\system32\dxtrans.dll
          2014-11-22 01:54 . 2014-12-10 18:18 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
          2014-11-22 01:49 . 2014-12-10 18:18 718848 ----a-w- c:\windows\system32\ie4uinit.exe
          2014-11-22 01:49 . 2014-12-10 18:18 800768 ----a-w- c:\windows\system32\msfeeds.dll
          2014-11-22 01:47 . 2014-12-10 18:18 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
          2014-11-22 01:46 . 2014-12-10 18:18 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
          2014-11-22 01:43 . 2014-12-10 18:18 14412800 ----a-w- c:\windows\system32\ieframe.dll
          2014-11-22 01:40 . 2014-12-10 18:18 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
          2014-11-22 01:29 . 2014-12-10 18:18 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
          2014-11-22 01:28 . 2014-12-10 18:18 2358272 ----a-w- c:\windows\system32\wininet.dll
          2014-11-22 01:22 . 2014-12-10 18:18 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
          2014-11-22 01:21 . 2014-12-10 18:18 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
          2014-11-22 01:15 . 2014-12-10 18:18 1548288 ----a-w- c:\windows\system32\urlmon.dll
          2014-11-22 01:03 . 2014-12-10 18:18 800768 ----a-w- c:\windows\system32\ieapfltr.dll
          2014-11-22 01:00 . 2014-12-10 18:18 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
          2014-11-11 03:09 . 2014-12-10 18:17 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
          2014-11-11 03:08 . 2014-11-19 18:52 241152 ----a-w- c:\windows\system32\pku2u.dll
          2014-11-11 03:08 . 2014-11-19 18:52 728064 ----a-w- c:\windows\system32\kerberos.dll
          2014-11-11 02:44 . 2014-12-10 18:17 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
          2014-11-11 02:44 . 2014-11-19 18:52 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
          2014-11-11 02:44 . 2014-11-19 18:52 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
          2014-11-11 01:46 . 2014-12-10 18:17 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
          2014-11-08 03:16 . 2014-12-10 18:15 2048 ----a-w- c:\windows\system32\tzres.dll
          2014-11-08 02:45 . 2014-12-10 18:15 2048 ----a-w- c:\windows\SysWow64\tzres.dll
          2014-11-04 09:35 . 2013-06-14 19:31 590536 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
          2014-10-30 02:03 . 2014-12-10 18:17 165888 ----a-w- c:\windows\system32\charmap.exe
          2014-10-30 01:45 . 2014-12-10 18:17 155136 ----a-w- c:\windows\SysWow64\charmap.exe
          .
          .
          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
          REGEDIT4
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrivePro1 (ErrorConflict)]
          @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
          [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
          2014-11-12 00:41 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrivePro2 (SyncInProgress)]
          @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
          [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
          2014-11-12 00:41 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrivePro3 (InSync)]
          @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
          [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
          2014-11-12 00:41 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt1"]
          @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 131480 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt2"]
          @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 131480 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt3"]
          @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 131480 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt4"]
          @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 131480 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt5"]
          @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 131480 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt6"]
          @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 131480 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt7"]
          @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 131480 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt8"]
          @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 131480 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
          .
          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "GoogleChromeAutoLaunch_9D055B46A58C2D6E75F0364CFE9F212E"="c:\users\JOHAN\AppData\Local\Google\Chrom e\Application\chrome.exe" [2015-01-09 856904]
          "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
          .
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
          "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
          "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
          "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
          "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
          "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
          .
          c:\users\JOHAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
          Inktwaarschuwingen controleren - HP Officejet Pro 8600 (netwerk).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN366DWJ1J05KC;CONNECTION=NW;MONITOR=1; [2009-7-14 45568]
          .
          c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
          Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\RaUI.exe -s [2011-11-19 1773568]
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
          "ConsentPromptBehaviorAdmin"= 0 (0x0)
          "ConsentPromptBehaviorUser"= 3 (0x3)
          "EnableLUA"= 0 (0x0)
          "EnableUIADesktopToggle"= 0 (0x0)
          "PromptOnSecureDesktop"= 0 (0x0)
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
          "LoadAppInit_DLLs"=1 (0x1)
          .
          R0 AFS;AFS; [x]
          R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
          R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
          R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
          R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
          R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
          R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
          R3 F5FltDrv;F5 Networks DNS Relay Driver;c:\windows\SysWOW64\drivers\F5FltDrv.sys;c:\windows\SysWOW64\drivers\F5FltDrv.sys [x]
          R3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltv64.sys;c:\windows\SYSNATIVE\drivers\urfltv64.sys [x]
          R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
          R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
          R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
          R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drive rs\MBAMSwissArmy.sys [x]
          R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
          R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
          R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
          R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
          R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
          S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
          S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64 \1506000.020\SYMDS64.SYS [x]
          S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\ NISx64\1506000.020\SYMEFA64.SYS [x]
          S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\BASHDefs\20150106.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [x]
          S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NIS x64\1506000.020\ccSetx64.sys [x]
          S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\IPSDefs\20150123.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\IPSDefs\20150123.001\IDSvia64.sys [x]
          S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx6 4\1506000.020\Ironx64.SYS [x]
          S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx6 4\1506000.020\SYMNETS.SYS [x]
          S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
          S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
          S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
          S2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
          S2 F5 Networks Component Installer;F5 Networks Component Installer;c:\windows\SysWOW64\F5InstallerService.exe;c:\windows\SysWOW64\F5InstallerService.exe [x]
          S2 F5FltSrv;F5 Networks DNS Relay Proxy Service;c:\windows\SysWOW64\F5FltSrv.exe;c:\windows\SysWOW64\F5FltSrv.exe [x]
          S2 F5TrafficSrv;F5 Networks Traffic Control Service;c:\windows\SysWOW64\F5TrafficSrv.exe;c:\windows\SysWOW64\F5TrafficSrv.exe [x]
          S2 Greg_Service;GRegService;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe [x]
          S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [x]
          S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
          S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
          S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
          S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
          S3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\DRIVERS\covpnv64.sys;c:\windows\SYSNATIVE\DRIVERS\covpnv64.sys [x]
          .
          .
          Inhoud van de 'Gedeelde Taken' map
          .
          2015-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
          - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-19 08:38]
          .
          2015-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
          - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-14 19:24]
          .
          2015-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
          - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-14 19:24]
          .
          2015-01-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1360557742-2907532109-2553311410-1000Core.job
          - c:\users\JOHAN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-08 08:19]
          .
          2015-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1360557742-2907532109-2553311410-1000UA.job
          - c:\users\JOHAN\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-08 08:19]
          .
          .
          --------- X64 Entries -----------
          .
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
          @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
          [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
          2014-11-12 08:07 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
          @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
          [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
          2014-11-12 08:07 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
          @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
          [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
          2014-11-12 08:07 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt1"]
          @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 164760 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt2"]
          @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 164760 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt3"]
          @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 164760 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt4"]
          @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 164760 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt5"]
          @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 164760 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt6"]
          @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 164760 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt7"]
          @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 164760 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt8"]
          @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
          [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
          2014-06-24 22:04 164760 ----a-w- c:\users\JOHAN\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
          .
          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-06-22 662016]
          .
          ------- Bijkomende Scan -------
          .
          uStart Page = hxxp://www.google.com
          uLocal Page = c:\windows\system32\blank.htm
          uDefault_Search_URL = hxxp://www.google.com/ie
          mDefault_Page_URL = about:blank
          mStart Page = about:blank
          mLocal Page = c:\windows\SysWOW64\blank.htm
          uInternet Settings,ProxyOverride = *.local
          IE: &Verzenden naar OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
          IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
          IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
          IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
          IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
          TCP: DhcpNameServer = 192.168.0.1
          DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
          DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
          DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
          DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab
          DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab
          .
          - - - - ORPHANS VERWIJDERD - - - -
          .
          Toolbar-Locked - (no file)
          Toolbar-10 - (no file)
          Wow6432Node-HKLM-Run-<NO NAME> - (no file)
          HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
          Toolbar-Locked - (no file)
          Toolbar-10 - (no file)
          AddRemove-MyFreeCodec - c:\program files (x86)\MyFree Codec\1.0b beta\uninstall.exe
          .
          .
          .
          [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
          "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.6.0.32\diMaster.dll\" /prefetch:1"
          "ImagePath"="\SystemRoot\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS"
          "TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.6.0.32;c:\program files (x86)\Norton Internet Security\Engine64\21.6.0.32"
          .
          --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
          .
          [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
          @Denied: (A 2) (Everyone)
          @="FlashBroker"
          "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe,-101"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
          "Enabled"=dword:00000001
          .
          [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
          @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_287_ActiveX.exe"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
          @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
          @Denied: (A 2) (Everyone)
          @="IFlashBroker6"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
          @="{00020424-0000-0000-C000-000000000046}"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
          @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
          "Version"="1.0"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
          @Denied: (A 2) (Everyone)
          @="FlashBroker"
          "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe,-101"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
          "Enabled"=dword:00000001
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
          @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_287_ActiveX.exe"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
          @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
          @Denied: (A 2) (Everyone)
          @="Shockwave Flash Object"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
          @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx"
          "ThreadingModel"="Apartment"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
          @="0"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
          @="ShockwaveFlash.ShockwaveFlash.16"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
          @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx, 1"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
          @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
          @="1.0"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
          @="ShockwaveFlash.ShockwaveFlash"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
          @Denied: (A 2) (Everyone)
          @="Macromedia Flash Factory Object"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
          @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx"
          "ThreadingModel"="Apartment"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
          @="FlashFactory.FlashFactory.1"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
          @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_287.ocx, 1"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
          @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
          @="1.0"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
          @="FlashFactory.FlashFactory"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
          @Denied: (A 2) (Everyone)
          @="IFlashBroker6"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
          @="{00020424-0000-0000-C000-000000000046}"
          .
          [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
          @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
          "Version"="1.0"
          .
          [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
          @Denied: (A) (Everyone)
          "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
          .
          [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
          @Denied: (A) (Everyone)
          .
          [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
          "Key"="ActionsPane3"
          "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
          .
          [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
          @Denied: (A) (Users)
          @Denied: (A) (Everyone)
          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
          "BlindDial"=dword:00000000
          .
          [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
          @Denied: (Full) (Everyone)
          .
          Voltooingstijd: 2015-01-25 09:07:13
          ComboFix-quarantined-files.txt 2015-01-25 08:07
          .
          Pre-Run: 14.904.762.368 bytes beschikbaar
          Post-Run: 14.761.320.448 bytes beschikbaar
          .
          - - End Of File - - 6F8326701ACFDE322B7101DB67305E1B
          A36C5E4F47E84449FF07ED3517B43A31


          groet

          jokra

          Comment


          • #6
            Hoe is het nu?
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              reactie n.a.v. loggings

              Goede avond Emphyrio,

              De computer start inderdaad sneller op.

              Zijn de uitkomsten van de loggingen okay?

              Bevinden zich er geen bijzondere dingen/virussen ed meer op de PC die traagheid kunnen veroorzaken of risico's

              met zich mee brengen?

              Als alles op dat punt ook goed is mag het onderwerp gesloten worden en dank ik je voor je medewerking en snelle ondersteuning.

              mvrgrt,

              Jokra

              Comment


              • #8
                Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

                ComboFix /Uninstall

                Zorg ervoor dat er dus een spatie is tussen Combofix en /
                Daarna klik je op Enter.


                Klik op de afbeelding om te vergroten....


                Dit zal Combofix verwijderen+gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw,
                verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen
                en reset je Systeemherstel opnieuw.




                Download of Update Ccleaner

                Start CCleaner op.
                • Run Ccleaner en klik in de linkse kolom op Opties
                • Selecteer het tabblad Geavanceerd
                • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                • Selecteer het tabblad Instellingen
                • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                • Klik in de linkse kolom op Cleaner.
                • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                • Klik vervolgens in de linkse kolom op Register
                • Klik op Scan naar problemen.
                • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                .


                1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                4) Allerlei tips en hints kan je hier raadplegen.


                Ik zet het topic op opgelost.

                Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                Dit is gedaan om het forum netjes en overzichtelijk te houden.

                Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                Emphyrio
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X