Mededeling

Collapse
No announcement yet.

Spam verstuurd vanuit email-account

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Spam verstuurd vanuit email-account

    Op verzoek weer nieuw topic aangemaakt. Hierbij de gevraagde bestanden van Mbam en Adwcleaner.

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 1-5-2015
    Scantijd: 07:52:52
    Logbestand: 0501-mbamlog.txt
    Beheerder: Ja

    Versie: 2.01.6.1022
    Malware Gegevensbestand: v2015.04.30.07
    Rootkit Gegevensbestand: v2015.04.21.01
    Licentie: Gratis
    Malwarebescherming: Uitgeschakeld
    Kwaadaardige Website Bescherming: Uitgeschakeld
    Zelfbescherming: Uitgeschakeld

    Besturingssysteem: Windows 8.1
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Eigenaar

    Scantype: Bedreigingsscan
    Resultaat: Voltooid
    Objecten Gescand: 433916
    Verstreken Tijd: 29 m, 48 s

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Uitgeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 0
    (Geen kwaadaardige items gedetecteerd)

    Modules: 0
    (Geen kwaadaardige items gedetecteerd)

    Registersleutels: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerwaardes: 1
    PUP.Optional.Astromenda.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Astromenda\\, , [615e92e0305a47ef10414881ed1619e7]

    Registerdata: 0
    (Geen kwaadaardige items gedetecteerd)

    Mappen: 0
    (Geen kwaadaardige items gedetecteerd)

    Bestanden: 0
    (Geen kwaadaardige items gedetecteerd)

    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)


    (end)


    # AdwCleaner v4.200 - Logbestand aangemaakt 01/05/2015 op 08:30:46
    # Laatste update 29/03/2015 door Xplode
    # Database : 2015-04-30.2 [Server]
    # Besturingssysteem : Windows 8.1 (x64)
    # Gebruikersnaam : Eigenaar - E1-771
    # Gestart vanuit : C:\Users\Eigenaar\Downloads\adwcleaner_4.200.exe
    # Optie : Scannen

    ***** [ Services ] *****


    ***** [ Bestanden / Mappen ] *****

    Map Gevonden : C:\ProgramData\pokki
    Map Gevonden : C:\Users\AW4D\AppData\Local\pokki
    Map Gevonden : C:\Users\CDA\AppData\Local\pokki
    Map Gevonden : C:\Users\Eigenaar\AppData\Local\pokki

    ***** [ Geplande taken ] *****


    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****

    Sleutel Gevonden : HKCU\Software\Local AppWizard-Generated Applications
    Sleutel Gevonden : [x64] HKCU\Software\Local AppWizard-Generated Applications
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E77358593193D847A0EC
    Sleutel Gevonden : HKLM\SOFTWARE\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC
    Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC

    ***** [ Webbrowsers ] *****

    -\\ Internet Explorer v11.0.9600.17416


    -\\ Google Chrome v42.0.2311.135


    *************************

    AdwCleaner[R0].txt - [5316 bytes] - [30/03/2015 16:53:55]
    AdwCleaner[R1].txt - [1354 bytes] - [01/05/2015 08:30:46]
    AdwCleaner[S0].txt - [5325 bytes] - [30/03/2015 16:55:13]


    E-Peek v 1.9.9.0 © Emphyrio/Onsia Patrick 2013-2015
    E Dev
    Run at vr 1 mei 2015 08:35
    .
    Windows 8.1 (64 bits)
    C:\WINDOWS [NTFS - Fixed]
    Default Browser: Internet Explorer
    Boot mode: Normal boot
    User logged in: Eigenaar
    .
    Java x86: n/a
    Java x64: n/a
    .
    AV : Windows Defender [Updated - Not Running]
    AV : AVG Internet Security 2015 [Updated - Running]
    AS : Windows Defender [Updated - Not Running]
    AS : AVG Internet Security 2015 [Updated - Running]
    FW : FW : AVG Internet Security 2015 [Updated - Running]

    .
    ==================== Files and Folders history =================================

    Folders Created Last 7 days :

    24-04-2015 ##### r-h-s-d+a- C:\Program Files (x86)\Hp
    24-04-2015 ##### r-h-s-d+a- C:\Program Files (x86)\Hewlett-Packard
    01-05-2015 ##### r-h-s-d+a+ C:\Program Files (x86)\PConverter_dzEI

    Files Modified Last 7 days :

    24-04-2015 01823174 r-h-s-d-a+ C:\WINDOWS\system32\PerfStringBackup.INI
    24-04-2015 00806704 r-h-s-d-a+ C:\WINDOWS\system32\perfh013.dat
    24-04-2015 00722476 r-h-s-d-a+ C:\WINDOWS\system32\perfh009.dat
    24-04-2015 00162170 r-h-s-d-a+ C:\WINDOWS\system32\perfc013.dat
    24-04-2015 00135592 r-h-s-d-a+ C:\WINDOWS\system32\perfc009.dat

    Files Created Last 7 days :


    ==================== RUNNING PROCESSES =========================================

    [ActivateDesktop] -Eigenaar- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe - ()
    [AdminService] -SYSTEM- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe - (Windows (R) Win 7 DDK provider)
    [audiodg] -LOCAL SERVICE- C:\Windows\System32\audiodg.exe - (audiodg.exe)
    [avgcsrva] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe - (AVG Technologies CZ, s.r.o.)
    [avgemca] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgemca.exe - (AVG Technologies CZ, s.r.o.)
    [avgfws] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgfws.exe - (AVG Technologies CZ, s.r.o.)
    [avgidsagent] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe - (AVG Technologies CZ, s.r.o.)
    [avgnsa] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe - (AVG Technologies CZ, s.r.o.)
    [avgrsa] -SYSTEM- c:\PROGRA~2\AVG\AVG2015\avgrsa.exe - (AVG Technologies CZ, s.r.o.)
    [avgui] -Eigenaar- C:\Program Files (x86)\AVG\AVG2015\avgui.exe - (AVG Technologies CZ, s.r.o.)
    [avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.)
    [BtvStack] -Eigenaar- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe - (Qualcomm Atheros Commnucations)
    [CCDMonitorService] -SYSTEM- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe - (Acer Incorporated)
    [ConversionService] -SYSTEM- C:\Program Files (x86)\PDF Architect\ConversionService.exe - (pdfforge GmbH)
    [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
    [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
    [ctfmon] -Eigenaar- C:\WINDOWS\SysWOW64\ctfmon.exe - (Microsoft Corporation)
    [dasHost] -LOCAL SERVICE- C:\WINDOWS\system32\dashost.exe - (Microsoft Corporation)
    [dllhost] -SYSTEM- C:\WINDOWS\system32\DllHost.exe - (Microsoft Corporation)
    [dwm] -DWM-14- C:\WINDOWS\System32\dwm.exe - (Microsoft Corporation)
    [E-Peek 1.9.9.0] -Eigenaar- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.9.9.0.exe - (E Dev)
    [ePowerEvent] -SYSTEM- C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe - (Acer Incorporated)
    [ePowerSvc] -SYSTEM- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe - (Acer Incorporated)
    [ePowerTray] -Eigenaar- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe - (Acer Incorporated)
    [ETDCtrl] -Eigenaar- C:\Program Files\Elantech\ETDCtrl.exe - (ELAN Microelectronics Corp.)
    [ETDCtrlHelper] -Eigenaar- C:\Program Files\Elantech\ETDCtrlHelper.exe - (ELAN Microelectronics Corp.)
    [ETDTouch] -Eigenaar- C:\Program Files\Elantech\ETDTouch.exe - (ELAN Microelectronics Corp.)
    [explorer] -Eigenaar- C:\WINDOWS\Explorer.EXE - (Microsoft Corporation)
    [GarminService] -SYSTEM- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe - (Garmin Ltd. or its subsidiaries)
    [GoogleCrashHandler] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe - (Google Inc.)
    [GoogleCrashHandler64] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe - (Google Inc.)
    [HeciServer] -SYSTEM- C:\Program Files\Intel\iCLS Client\HeciServer.exe - (Intel(R) Corporation)
    [HelperService] -SYSTEM- C:\Program Files (x86)\PDF Architect\HelperService.exe - (pdfforge GmbH)
    [HpDeviceDetection3] -SYSTEM- C:\Program Files (x86)\Hp\Common\HPDeviceDetection3.exe - (Hewlett-Packard Company)
    [HPSupportSolutionsFrameworkService] -SYSTEM- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe - (Hewlett-Packard Company)
    [igfxCUIService] -SYSTEM- C:\WINDOWS\system32\igfxCUIService.exe - (Intel Corporation)
    [igfxEM] -Eigenaar- C:\WINDOWS\system32\igfxEM.exe - (Intel Corporation)
    [igfxext] -Eigenaar- C:\WINDOWS\system32\igfxext.exe - (Intel Corporation)
    [igfxHK] -Eigenaar- C:\WINDOWS\system32\igfxHK.exe - (Intel Corporation)
    [igfxTray] -Eigenaar- C:\WINDOWS\system32\igfxTray.exe - (Intel Corporation)
    [Jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe - (Intel Corporation)
    [LMEvent] -SYSTEM- C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe - (Acer Incorporate)
    [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation)
    [LMSvc] -SYSTEM- C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe - (Acer Incorporate)
    [LMTray] -Eigenaar- C:\Program Files\Acer\Acer Launch Manager\LMTray.exe - (Acer Incorporate)
    [lsass] -SYSTEM- C:\WINDOWS\system32\lsass.exe - (Microsoft Corporation)
    [NASvc] -SYSTEM- c:\Program Files (x86)\Nero\Update\NASvc.exe - (Nero AG)
    [OSPPSVC] -NETWORK SERVICE- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE - (Microsoft Corporation)
    [PresentationFontCache] -LOCAL SERVICE- C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe - (Microsoft Corporation)
    [RAVCpl64] -Eigenaar- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor)
    [RuntimeBroker] -Eigenaar- C:\Windows\System32\RuntimeBroker.exe - (Microsoft Corporation)
    [SearchFilterHost] -SYSTEM- C:\WINDOWS\system32\SearchFilterHost.exe - (Microsoft Corporation)
    [SearchIndexer] -SYSTEM- C:\WINDOWS\system32\SearchIndexer.exe - (Microsoft Corporation)
    [SearchProtocolHost] -SYSTEM- C:\WINDOWS\system32\SearchProtocolHost.exe - (Microsoft Corporation)
    [services] -SYSTEM- C:\Windows\System32\services.exe - (services.exe)
    [SettingSyncHost] -Eigenaar- C:\Windows\System32\SettingSyncHost.exe - (Microsoft Corporation)
    [SkyDrive] -Eigenaar- C:\Windows\System32\skydrive.exe - (Microsoft Corporation)
    [smss] -SYSTEM- C:\Windows\System32\smss.exe - (smss.exe)
    [spoolsv] -SYSTEM- C:\WINDOWS\System32\spoolsv.exe - (Microsoft Corporation)
    [System] -N/A- - (System)
    [SystemExplorer] -Eigenaar- C:\Program Files (x86)\System Explorer\SystemExplorer.exe - (Mister Group)
    [SystemExplorerService64] -SYSTEM- C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe - (Mister Group)
    [taskhostex] -Eigenaar- C:\WINDOWS\system32\taskhostex.exe - (Microsoft Corporation)
    [TeamViewer] -Eigenaar- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe - (TeamViewer GmbH)
    [TeamViewer_Service] -SYSTEM- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe - (TeamViewer GmbH)
    [TomTomHOMEService] -SYSTEM- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe - (TomTom)
    [TuneUpUtilitiesApp64] -Eigenaar- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe - (AVG)
    [TuneUpUtilitiesService64] -SYSTEM- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe - (AVG)
    [tv_w32] -SYSTEM- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe - (TeamViewer GmbH)
    [tv_x64] -SYSTEM- C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe - (TeamViewer GmbH)
    [UNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe - (Intel Corporation)
    [unsecapp] -Eigenaar- C:\WINDOWS\system32\wbem\unsecapp.exe - (Microsoft Corporation)
    [unsecapp] -SYSTEM- C:\WINDOWS\system32\wbem\unsecapp.exe - (Microsoft Corporation)
    [wininit] -SYSTEM- C:\WINDOWS\system32\wininit.exe - (Microsoft Corporation)
    [winlogon] -SYSTEM- C:\WINDOWS\System32\WinLogon.exe - (Microsoft Corporation)
    [WmiPrvSE] -NETWORK SERVICE- C:\WINDOWS\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
    [WmiPrvSE] -SYSTEM- C:\WINDOWS\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
    [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation)
    [WtuSystemSupport] -SYSTEM- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe - ()

    ==================== IE PAGES ==================================================

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main
    Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    Local Page = C:\Windows\SysWOW64\blank.htm
    Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes
    DefaultScope = {0EE52562-FD44-42F5-9CA6-36AFE19A292D}

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0EE52562-FD44-42F5-9CA6-36AFE19A292D}
    DisplayName = Bing
    URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

    ==================== IE PAGES x64 ==============================================

    HKLM\Software\Microsoft\Internet Explorer\Main
    Start Page = hxxp://acer13.msn.com
    Local Page = C:\WINDOWS\system32\blank.htm
    Default_Page_URL = hxxp://acer13.msn.com
    Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

    HKLM\Software\Microsoft\Internet Explorer\SearchScopes
    DefaultScope = {0EE52562-FD44-42F5-9CA6-36AFE19A292D}

    HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0EE52562-FD44-42F5-9CA6-36AFE19A292D}
    DisplayName = Bing
    URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

    ==================== Auto Load =================================================

    HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon
    Userinit = userinit.exe,
    Shell = explorer.exe

    ==================== Auto Load x64 =============================================

    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
    Userinit = C:\Windows\system32\userinit.exe,
    Shell = explorer.exe

    ==================== Google Chrome =============================================


    ==================== Windows Host File =========================================


    ==================== BHO =======================================================

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
    {3A2D5EBA-F86D-4BD3-A177-019765996711}
    HKCR\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711} Default = PDF Architect Helper
    => HKCR\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}\InProcServer32 Default = C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll

    {B4F3A835-0E21-4959-BA22-42B3008E02FF}
    HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler
    => HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL

    ==================== BHO x64 ===================================================

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
    {B4F3A835-0E21-4959-BA22-42B3008E02FF}
    HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler
    => HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL

    ==================== Auto Start Programs =======================================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
    SystemExplorerAutoStart = "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
    BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

    HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    GoogleChromeAutoLaunch_E906F75BB452BCF2818C69147DD66E6F = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    msnmsgr = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

    ==================== Auto Start Programs x64 ===================================

    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    ETDCtrl = C:\Program Files\Elantech\ETDCtrl.exe
    RTHDVCPL = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved [2 = enabled 3= disabled]
    Classic Start Menu = 2
    ETDCtrl = 2
    HotKeysCmds = 2
    IgfxTray = 2
    Persistence = 2
    RTHDVCPL = 2
    AVG_UI = 2
    IObit Malware Fighter = 2
    mcui_exe = 7
    SystemExplorerAutoStart = 2
    vProt = 2

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    GoogleChromeAutoLaunch_E906F75BB452BCF2818C69147DD66E6F = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    msnmsgr = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

    CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
    ==================== Extra Items IE ============================================

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

    ==================== Extra Items IE x64 ========================================

    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\PRINT @ Text = Printing

    ==================== Internet Default Prefix ===================================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    Default = http://

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes
    WWW = http://

    ==================== Internet Default Prefix x64 ===============================

    HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    Default = http://

    HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes
    WWW = http://

    ==================== Protocol Hijackers ========================================

    HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\wlpg
    CLSID = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}
    => SOFTWARE\Classes\\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\InProcServer32 @ Default = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [4cf29c44e072c377b6866c399947e99a]


    HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\text/xml
    CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
    => SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown


    ==================== Protocol Hijackers x64 ====================================

    HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml
    CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
    => SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown


    ==================== ShellServiceObjectDelayLoad ===============================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
    => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]


    ==================== ShellServiceObjectDelayLoad x64 =========================

    HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
    => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]


    ==================== Extra (Torpig/ConduitSearch) ==============================

    HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ Default = {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}
    => HKCR\CLSID\{8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}\InProcServer32 @ Default = C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll

    HKCR\Directory\shellex\CopyHookHandlers\ClearfiCopyHook @ Default = {ED32C084-BABB-11E1-B491-D4D66088709B}
    => HKCR\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}\InProcServer32 @ Default = C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll

    HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ Default = {217FC9C0-3AEA-1069-A2DB-08002B30309D}
    => HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32 @ Default = C:\WINDOWS\system32\shell32.dll

    HKCR\Directory\shellex\CopyHookHandlers\Sharing @ Default = {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
    => HKCR\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32 @ Default = C:\WINDOWS\system32\ntshrui.dll


    ==================== DRIVERS and SERVICES ======================================

    *** Win32OwnProcess ***

    SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\qualcomm atheros\bluetooth suite\adminservice.exe
    SERV - R2 - [avgfws] - AVG Firewall - c:\program files (x86)\avg\avg2015\avgfws.exe
    SERV - R2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe
    SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe
    SERV - R2 - [Garmin Device Interaction Service] - Garmin Device Interaction Service - c:\program files (x86)\garmin\device interaction service\garminservice.exe
    SERV - R2 - [HPSupportSolutionsFrameworkService] - HP Support Solutions Framework Service - c:\program files (x86)\hp\common\hpsupportsolutionsframeworkservice.exe
    SERV - R2 - [igfxCUIService1.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\igfxcuiservice.exe
    SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
    SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
    SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
    SERV - R2 - [LMSvc] - Launch Manager Service - c:\program files\acer\acer launch manager\lmsvc.exe
    SERV - R2 - [NAUpdate] - Nero Update - c:\program files (x86)\nero\update\nasvc.exe
    SERV - R2 - [PDF Architect Helper Service] - PDF Architect Helper Service - c:\program files (x86)\pdf architect\helperservice.exe
    SERV - R2 - [PDF Architect Service] - PDF Architect Service - c:\program files (x86)\pdf architect\conversionservice.exe
    SERV - R2 - [TeamViewer9] - TeamViewer 9 - c:\program files (x86)\teamviewer\version9\teamviewer_service.exe
    SERV - R2 - [TuneUp.UtilitiesSvc] - AVG PC TuneUp Service - c:\program files (x86)\avg\avg pc tuneup\tuneuputilitiesservice64.exe
    SERV - R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
    SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
    SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
    SERV - R2 - [WtuSystemSupport] - WtuSystemSupport - c:\program files (x86)\avg web tuneup\wtusystemsupport.exe
    SERV - R3 - [ePowerSvc] - ePower Service - c:\program files\acer\acer power management\epowersvc.exe
    SERV - R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
    SERV - R3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
    SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
    SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
    SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
    SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
    SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
    SERV - S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
    SERV - S3 - [DeviceFastLaneService] - Device Fast-lane Service - c:\program files\acer\acer device fast-lane\devicefastlanesvc.exe
    SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
    SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
    SERV - S3 - [ICCS] - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - c:\program files (x86)\intel\intel(r) integrated clock controller service\iccproxy.exe
    SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
    SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
    SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
    SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
    SERV - S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
    SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
    SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
    SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
    SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
    SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
    SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
    SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
    SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
    SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
    SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
    SERV - S4 - [GamesAppService] - GamesAppService - c:\program files (x86)\wildtangent games\app\gamesappservice.exe

    *** Win32ShareProcess ***

    SERV - R2 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
    SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
    SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
    SERV - R3 - [SystemExplorerHelpService] - System Explorer Service - c:\program files (x86)\system explorer\service\systemexplorerservice64.exe
    SERV - R3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
    SERV - S2 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
    SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

    *** Others ***

    SERV - R2 - [CCDMonitorService] - CCDMonitorService - c:\program files (x86)\acer\acer cloud\ccdmonitorservice.exe
    SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
    SERV - R2 - [TomTomHOMEService] - TomTomHOMEService - c:\program files (x86)\tomtom home 2\tomtomhomeservice.exe
    SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

    *** File System Driver ***

    DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\WINDOWS\system32\Drivers\AVGIDSHA.sys
    DRV - R0 - [Avgloga] - AVG Logging Driver - C:\WINDOWS\system32\Drivers\Avgloga.sys
    DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\WINDOWS\system32\Drivers\Avgmfx64.sys
    DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\WINDOWS\system32\Drivers\Avgrkx64.sys
    DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys
    DRV - R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys
    DRV - R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys
    DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys
    DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys
    DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\WINDOWS\system32\Drivers\srv.sys
    DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\WINDOWS\system32\Drivers\srv2.sys

    *** Kernel Driver ***

    DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\WINDOWS\system32\Drivers\ACPI.sys
    DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys
    DRV - R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys
    DRV - R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys
    DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\WINDOWS\system32\Drivers\disk.sys
    DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\WINDOWS\system32\Drivers\fvevol.sys
    DRV - R0 - [iaStorA] - iaStorA - C:\WINDOWS\system32\Drivers\iaStorA.sys
    DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\WINDOWS\system32\Drivers\intelpep.sys
    DRV - R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys
    DRV - R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys
    DRV - R0 - [mountmgr] - Mount Point Manager - C:\WINDOWS\system32\Drivers\mountmgr.sys
    DRV - R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys
    DRV - R0 - [NDIS] - NDIS System Driver - C:\WINDOWS\system32\Drivers\NDIS.sys
    DRV - R0 - [partmgr] - Partition Manager - C:\WINDOWS\system32\Drivers\partmgr.sys
    DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\WINDOWS\system32\Drivers\pci.sys
    DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys
    DRV - R0 - [pdc] - pdc - C:\WINDOWS\system32\Drivers\pdc.sys
    DRV - R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys
    DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\WINDOWS\system32\Drivers\spaceport.sys
    DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\WINDOWS\system32\Drivers\Tcpip.sys
    DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\WINDOWS\system32\Drivers\vdrvroot.sys
    DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\WINDOWS\system32\Drivers\volmgr.sys
    DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\WINDOWS\system32\Drivers\volmgrx.sys
    DRV - R0 - [volsnap] - Opslagvolumes - C:\WINDOWS\system32\Drivers\volsnap.sys
    DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\WINDOWS\system32\Drivers\Wdf01000.sys
    DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\WINDOWS\system32\Drivers\WFPLWFS.sys
    DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\WINDOWS\system32\Drivers\AFD.sys
    DRV - R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys
    DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\WINDOWS\system32\Drivers\tdx.sys
    DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys
    DRV - S0 - [Avgboota] - AVG Early Launch Anti-Malware Driver - C:\WINDOWS\system32\Drivers\Avgboota.sys
    DRV - S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys
    DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys
    DRV - S3 - [atapi] - IDE-kanaal - C:\WINDOWS\system32\Drivers\atapi.sys

    ==================== SvcHost - White Listed ====================================

    WOW x64 - All Ok

    ==================== SvcHost x64 - White Listed ================================

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
    BthHFSrv = ServiceDll = C:\WINDOWS\System32\BthHFSrv.dll [9307a4b743d277c499cda8e19e5687ac]

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
    UxTuneUp = ServiceDll = C:\WINDOWS\System32\uxtuneup.dll [5e95a5e82ae0242a546d7596035cc7d1]



    ==================== SigCheck x86 Fast =========================================

    Fast Scan All ok

    ==================== SigCheck x64 Fast =========================================

    Fast Scan All ok

    ==================== Job tasks at C:\WINDOWS\Tasks =============================

    C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 940 bytes [ 14-2-2014 19:07:45 ]

    C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 1074 bytes [ 8-2-2015 19:13:34 ]

    C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 1078 bytes [ 8-2-2015 19:13:35 ]

    C:\WINDOWS\Tasks\SA.DAT 6 bytes [ 22-8-2013 16:45:54 ]


    ==================== Job tasks at C:\WINDOWS\system32\Tasks ====================

    C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 3828 bytes [ 14-2-2014 19:07:45 ]
    => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    C:\WINDOWS\system32\Tasks\ALU 3626 bytes [ 19-7-2013 11:55:03 ]
    => C:\Program Files (x86)\Acer\Live Updater\updater.exe

    C:\WINDOWS\system32\Tasks\ALUAgent 4402 bytes [ 19-7-2013 11:55:03 ]
    => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe

    C:\WINDOWS\system32\Tasks\CreateChoiceProcessTask 3552 bytes [ 12-1-2014 00:52:45 ]
    => C:\Windows\BrowserChoice\browserchoice.exe

    C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Eigenaar) 2876 bytes [ 8-2-2015 18:23:27 ]
    => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

    C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (SYSTEM) 2860 bytes [ 16-7-2014 22:53:18 ]
    => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

    C:\WINDOWS\system32\Tasks\GarminUpdaterTask 3556 bytes [ 10-4-2015 16:58:17 ]
    => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe

    C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 3814 bytes [ 13-1-2014 14:33:56 ]
    => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 4050 bytes [ 13-1-2014 14:33:57 ]
    => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    C:\WINDOWS\system32\Tasks\Launch Manager 2904 bytes [ 26-10-2013 15:32:42 ]
    => "C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"

    C:\WINDOWS\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1221181360-1772278862-46273954-1001 3098 bytes [ 12-3-2015 17:11:22 ]
    => %localappdata%\Microsoft\OneDrive\OneDrive.exe

    C:\WINDOWS\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1221181360-1772278862-46273954-1004 3088 bytes [ 11-5-2014 17:58:56 ]
    => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe

    C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1221181360-1772278862-46273954-1001 3596 bytes [ 11-1-2014 11:19:19 ]

    C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1221181360-1772278862-46273954-1005 3594 bytes [ 11-5-2014 18:36:16 ]

    C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1221181360-1772278862-46273954-500 3592 bytes [ 26-10-2013 15:16:07 ]

    C:\WINDOWS\system32\Tasks\Power Management 2914 bytes [ 26-10-2013 15:30:46 ]
    => "C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"

    C:\WINDOWS\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2762 bytes [ 17-1-2014 20:29:17 ]
    => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe

    C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{49876D50-9B14-4960-A86A-851238F61274} 3962 bytes [ 13-1-2014 16:23:32 ]
    => C:\WINDOWS\system32\msfeedssync.exe


    ==================== Job tasks at C:\WINDOWS\SysWOW64\Tasks ====================

    There are no .job files found.

    ==================== End scanning at vr 1 mei 2015 08:36 (0 Min 26 Sec ) =======

  • #2
    Open een kladblokbestand.
    Kopieer onderstaande in dit kladblokbestand.

    @ECHO OFF
    IF EXIST log.txt DEL log.txt
    ECHO Deleting folders>>log.txt
    FOR %%I in (
    "C:\Program Files (x86)\IObit"
    ) DO (
    IF EXIST %%I (
    RD /S /Q %%I
    IF EXIST %%I (
    ECHO %%I not deleted>>log.txt
    ) ELSE (
    ECHO %%I deleted>>log.txt)
    ) ELSE (
    ECHO %%I not found>>log.txt))
    START NOTEPAD.EXE log.txt
    DEL %0
    Ga naar Bestand - Opslaan als.
    Bij "Opslaan in" kies je: Bureaublad
    Bij "Bestandsnaam" zet je: del.bat
    Bij "Opslaan als type" selecteer je: Alle bestanden .
    Klik op de knop Opslaan.
    Rechtsklikken op del.bat en Uitvoeren als Administrator.
    Post de inhoud van de logfile die opent.


    Je hebt een oudere versie van E-Peek lopen.
    Uninstall E-Peek (E Dev > UninstallEPeek.exe), download en installeer de nieuwere versie.
    Post de log.


    Start E-Peek, ga naar het tabblad Tools en klik op Show Debug log.
    Post deze log.
    Last edited by Emphyrio; 01-05-15, 22:12.
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Logfile del.bat

      Deleting folders
      "C:\Program Files (x86)\IObit" deleted

      Comment


      • #4
        E-Peek:

        E-Peek v 1.9.9.0 ENHANCED © Emphyrio/Onsia Patrick 2013-2015
        E Dev
        Run at za 2 mei 2015 07:30
        .
        Windows 8.1 (64 bits)
        C:\WINDOWS [NTFS - Fixed]
        Default Browser: Internet Explorer
        Boot mode: Normal boot
        User logged in: Eigenaar
        .
        Java x86: n/a
        Java x64: n/a
        .
        AV : Windows Defender [Updated - Not Running]
        AV : AVG Internet Security 2015 [Updated - Running]
        AS : Windows Defender [Updated - Not Running]
        AS : AVG Internet Security 2015 [Updated - Running]
        FW : FW : AVG Internet Security 2015 [Updated - Running]

        .
        ==================== Files and Folders history =================================

        Folders Created Last 7 days :

        02-05-2015 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev
        01-05-2015 ##### r-h-s-d+a+ C:\Program Files (x86)\PConverter_dzEI

        Files Modified Last 7 days :

        02-05-2015 00000058 r-h-s-d-a+ C:\WINDOWS\system32\log.txt
        01-05-2015 01823174 r-h-s-d-a+ C:\WINDOWS\system32\PerfStringBackup.INI
        01-05-2015 00806704 r-h-s-d-a+ C:\WINDOWS\system32\perfh013.dat
        01-05-2015 00722476 r-h-s-d-a+ C:\WINDOWS\system32\perfh009.dat
        01-05-2015 00162170 r-h-s-d-a+ C:\WINDOWS\system32\perfc013.dat
        01-05-2015 00135592 r-h-s-d-a+ C:\WINDOWS\system32\perfc009.dat

        Files Created Last 7 days :

        02-05-2015 00000058 r-h-s-d-a+ C:\WINDOWS\system32\log.txt

        ==================== RUNNING PROCESSES =========================================

        [ActivateDesktop] -Eigenaar- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe - ()
        [AdminService] -SYSTEM- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe - (Windows (R) Win 7 DDK provider)
        [audiodg] -LOCAL SERVICE- C:\Windows\System32\audiodg.exe - (audiodg.exe)
        [avgcsrva] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe - (AVG Technologies CZ, s.r.o.)
        [avgemca] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgemca.exe - (AVG Technologies CZ, s.r.o.)
        [avgfws] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgfws.exe - (AVG Technologies CZ, s.r.o.)
        [avgidsagent] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe - (AVG Technologies CZ, s.r.o.)
        [avgnsa] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe - (AVG Technologies CZ, s.r.o.)
        [avgrsa] -SYSTEM- c:\PROGRA~2\AVG\AVG2015\avgrsa.exe - (AVG Technologies CZ, s.r.o.)
        [avgui] -Eigenaar- C:\Program Files (x86)\AVG\AVG2015\avgui.exe - (AVG Technologies CZ, s.r.o.)
        [avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.)
        [BtvStack] -Eigenaar- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe - (Qualcomm Atheros Commnucations)
        [CCDMonitorService] -SYSTEM- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe - (Acer Incorporated)
        [chrome] -Eigenaar- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
        [chrome] -Eigenaar- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
        [chrome] -Eigenaar- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
        [chrome] -Eigenaar- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
        [chrome] -Eigenaar- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
        [chrome] -Eigenaar- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
        [chrome] -Eigenaar- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
        [chrome] -Eigenaar- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
        [ConversionService] -SYSTEM- C:\Program Files (x86)\PDF Architect\ConversionService.exe - (pdfforge GmbH)
        [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
        [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
        [ctfmon] -Eigenaar- C:\WINDOWS\SysWOW64\ctfmon.exe - (Microsoft Corporation)
        [dasHost] -LOCAL SERVICE- C:\WINDOWS\system32\dashost.exe - (Microsoft Corporation)
        [dllhost] -SYSTEM- C:\WINDOWS\system32\DllHost.exe - (Microsoft Corporation)
        [dwm] -DWM-15- C:\WINDOWS\System32\dwm.exe - (Microsoft Corporation)
        [E-Peek 1.9.9.0] -Eigenaar- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.9.9.0.exe - (E Dev)
        [ePowerEvent] -SYSTEM- C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe - (Acer Incorporated)
        [ePowerSvc] -SYSTEM- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe - (Acer Incorporated)
        [ePowerTray] -Eigenaar- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe - (Acer Incorporated)
        [ETDCtrl] -Eigenaar- C:\Program Files\Elantech\ETDCtrl.exe - (ELAN Microelectronics Corp.)
        [ETDCtrlHelper] -Eigenaar- C:\Program Files\Elantech\ETDCtrlHelper.exe - (ELAN Microelectronics Corp.)
        [ETDTouch] -Eigenaar- C:\Program Files\Elantech\ETDTouch.exe - (ELAN Microelectronics Corp.)
        [explorer] -Eigenaar- C:\WINDOWS\Explorer.EXE - (Microsoft Corporation)
        [GarminService] -SYSTEM- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe - (Garmin Ltd. or its subsidiaries)
        [GoogleCrashHandler] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe - (Google Inc.)
        [GoogleCrashHandler64] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe - (Google Inc.)
        [HeciServer] -SYSTEM- C:\Program Files\Intel\iCLS Client\HeciServer.exe - (Intel(R) Corporation)
        [HelperService] -SYSTEM- C:\Program Files (x86)\PDF Architect\HelperService.exe - (pdfforge GmbH)
        [HpDeviceDetection3] -SYSTEM- C:\Program Files (x86)\Hp\Common\HPDeviceDetection3.exe - (Hewlett-Packard Company)
        [HPSupportSolutionsFrameworkService] -SYSTEM- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe - (Hewlett-Packard Company)
        [igfxCUIService] -SYSTEM- C:\WINDOWS\system32\igfxCUIService.exe - (Intel Corporation)
        [igfxEM] -Eigenaar- C:\WINDOWS\system32\igfxEM.exe - (Intel Corporation)
        [igfxext] -Eigenaar- C:\WINDOWS\system32\igfxext.exe - (Intel Corporation)
        [igfxHK] -Eigenaar- C:\WINDOWS\system32\igfxHK.exe - (Intel Corporation)
        [igfxTray] -Eigenaar- C:\WINDOWS\system32\igfxTray.exe - (Intel Corporation)
        [Jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe - (Intel Corporation)
        [LMEvent] -SYSTEM- C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe - (Acer Incorporate)
        [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation)
        [LMSvc] -SYSTEM- C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe - (Acer Incorporate)
        [LMTray] -Eigenaar- C:\Program Files\Acer\Acer Launch Manager\LMTray.exe - (Acer Incorporate)
        [lsass] -SYSTEM- C:\WINDOWS\system32\lsass.exe - (Microsoft Corporation)
        [msiexec] -SYSTEM- C:\WINDOWS\system32\msiexec.exe - (Microsoft Corporation)
        [NASvc] -SYSTEM- c:\Program Files (x86)\Nero\Update\NASvc.exe - (Nero AG)
        [OSPPSVC] -NETWORK SERVICE- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE - (Microsoft Corporation)
        [PresentationFontCache] -LOCAL SERVICE- C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe - (Microsoft Corporation)
        [RAVCpl64] -Eigenaar- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor)
        [SearchFilterHost] -SYSTEM- C:\WINDOWS\system32\SearchFilterHost.exe - (Microsoft Corporation)
        [SearchIndexer] -SYSTEM- C:\WINDOWS\system32\SearchIndexer.exe - (Microsoft Corporation)
        [SearchProtocolHost] -SYSTEM- C:\WINDOWS\system32\SearchProtocolHost.exe - (Microsoft Corporation)
        [services] -SYSTEM- C:\Windows\System32\services.exe - (services.exe)
        [SettingSyncHost] -Eigenaar- C:\Windows\System32\SettingSyncHost.exe - (Microsoft Corporation)
        [SkyDrive] -Eigenaar- C:\Windows\System32\skydrive.exe - (Microsoft Corporation)
        [smss] -SYSTEM- C:\Windows\System32\smss.exe - (smss.exe)
        [spoolsv] -SYSTEM- C:\WINDOWS\System32\spoolsv.exe - (Microsoft Corporation)
        [System] -N/A- - (System)
        [SystemExplorer] -Eigenaar- C:\Program Files (x86)\System Explorer\SystemExplorer.exe - (Mister Group)
        [SystemExplorerService64] -SYSTEM- C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe - (Mister Group)
        [taskhost] -LOCAL SERVICE- C:\WINDOWS\system32\taskhost.exe - (Microsoft Corporation)
        [taskhostex] -Eigenaar- C:\WINDOWS\system32\taskhostex.exe - (Microsoft Corporation)
        [TeamViewer] -Eigenaar- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe - (TeamViewer GmbH)
        [TeamViewer_Service] -SYSTEM- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe - (TeamViewer GmbH)
        [TomTomHOMEService] -SYSTEM- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe - (TomTom)
        [TuneUpUtilitiesApp64] -Eigenaar- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe - (AVG)
        [TuneUpUtilitiesService64] -SYSTEM- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe - (AVG)
        [tv_w32] -SYSTEM- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe - (TeamViewer GmbH)
        [tv_x64] -SYSTEM- C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe - (TeamViewer GmbH)
        [UNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe - (Intel Corporation)
        [unsecapp] -Eigenaar- C:\WINDOWS\system32\wbem\unsecapp.exe - (Microsoft Corporation)
        [unsecapp] -SYSTEM- C:\WINDOWS\system32\wbem\unsecapp.exe - (Microsoft Corporation)
        [wininit] -SYSTEM- C:\WINDOWS\system32\wininit.exe - (Microsoft Corporation)
        [winlogon] -SYSTEM- C:\WINDOWS\System32\WinLogon.exe - (Microsoft Corporation)
        [WmiPrvSE] -NETWORK SERVICE- C:\WINDOWS\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
        [WmiPrvSE] -SYSTEM- C:\WINDOWS\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
        [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation)
        [WtuSystemSupport] -SYSTEM- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe - ()

        ==================== IE PAGES ==================================================

        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main
        Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
        Local Page = C:\Windows\SysWOW64\blank.htm
        Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
        Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
        Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes
        DefaultScope = {0EE52562-FD44-42F5-9CA6-36AFE19A292D}

        HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0EE52562-FD44-42F5-9CA6-36AFE19A292D}
        DisplayName = Bing
        URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

        ==================== IE PAGES x64 ==============================================

        HKLM\Software\Microsoft\Internet Explorer\Main
        Start Page = hxxp://acer13.msn.com
        Local Page = C:\WINDOWS\system32\blank.htm
        Default_Page_URL = hxxp://acer13.msn.com
        Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
        Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

        HKLM\Software\Microsoft\Internet Explorer\SearchScopes
        DefaultScope = {0EE52562-FD44-42F5-9CA6-36AFE19A292D}

        HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0EE52562-FD44-42F5-9CA6-36AFE19A292D}
        DisplayName = Bing
        URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS

        ==================== Auto Load =================================================

        HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon
        Userinit = userinit.exe,
        Shell = explorer.exe

        ==================== Auto Load x64 =============================================

        HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
        Userinit = C:\Windows\system32\userinit.exe,
        Shell = explorer.exe

        ==================== Google Chrome =============================================


        ==================== Windows Host File =========================================


        ==================== BHO =======================================================

        HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
        {3A2D5EBA-F86D-4BD3-A177-019765996711}
        HKCR\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711} Default = PDF Architect Helper
        => HKCR\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}\InProcServer32 Default = C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll

        {B4F3A835-0E21-4959-BA22-42B3008E02FF}
        HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler
        => HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL

        ==================== BHO x64 ===================================================

        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
        {B4F3A835-0E21-4959-BA22-42B3008E02FF}
        HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler
        => HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL

        ==================== Auto Start Programs =======================================

        HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
        AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
        SystemExplorerAutoStart = "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY

        HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
        BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

        HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
        GoogleChromeAutoLaunch_E906F75BB452BCF2818C69147DD66E6F = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
        msnmsgr = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

        ==================== Auto Start Programs x64 ===================================

        HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
        ETDCtrl = C:\Program Files\Elantech\ETDCtrl.exe
        RTHDVCPL = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

        HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
        BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved [2 = enabled 3= disabled]
        Classic Start Menu = 2
        ETDCtrl = 2
        HotKeysCmds = 2
        IgfxTray = 2
        Persistence = 2
        RTHDVCPL = 2
        AVG_UI = 2
        IObit Malware Fighter = 2
        mcui_exe = 7
        SystemExplorerAutoStart = 2
        vProt = 2

        HKCU\Software\Microsoft\Windows\CurrentVersion\Run
        GoogleChromeAutoLaunch_E906F75BB452BCF2818C69147DD66E6F = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
        msnmsgr = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

        CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
        ==================== Extra Items IE ============================================

        HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
        HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
        HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
        HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
        HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
        HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
        HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

        ==================== Extra Items IE x64 ========================================

        HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
        HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
        HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
        HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
        HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
        HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
        HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
        HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\PRINT @ Text = Printing

        ==================== Internet Default Prefix ===================================

        HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
        Default = http://

        HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes
        WWW = http://

        ==================== Internet Default Prefix x64 ===============================

        HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
        Default = http://

        HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes
        WWW = http://

        ==================== Protocol Hijackers ========================================

        HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\wlpg
        CLSID = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}
        => SOFTWARE\Classes\\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\InProcServer32 @ Default = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [4cf29c44e072c377b6866c399947e99a]


        HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\text/xml
        CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
        => SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown


        ==================== Protocol Hijackers x64 ====================================

        HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml
        CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
        => SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown


        ==================== ShellServiceObjectDelayLoad ===============================

        HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
        WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
        => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]


        ==================== ShellServiceObjectDelayLoad x64 =========================

        HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
        WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
        => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]


        ==================== Extra (Torpig/ConduitSearch) ==============================

        HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ Default = {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}
        => HKCR\CLSID\{8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}\InProcServer32 @ Default = C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll

        HKCR\Directory\shellex\CopyHookHandlers\ClearfiCopyHook @ Default = {ED32C084-BABB-11E1-B491-D4D66088709B}
        => HKCR\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}\InProcServer32 @ Default = C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll

        HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ Default = {217FC9C0-3AEA-1069-A2DB-08002B30309D}
        => HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32 @ Default = C:\WINDOWS\system32\shell32.dll

        HKCR\Directory\shellex\CopyHookHandlers\Sharing @ Default = {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
        => HKCR\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32 @ Default = C:\WINDOWS\system32\ntshrui.dll


        ==================== DRIVERS and SERVICES ======================================

        *** Win32OwnProcess ***

        SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\qualcomm atheros\bluetooth suite\adminservice.exe
        SERV - R2 - [avgfws] - AVG Firewall - c:\program files (x86)\avg\avg2015\avgfws.exe
        SERV - R2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe
        SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe
        SERV - R2 - [Garmin Device Interaction Service] - Garmin Device Interaction Service - c:\program files (x86)\garmin\device interaction service\garminservice.exe
        SERV - R2 - [HPSupportSolutionsFrameworkService] - HP Support Solutions Framework Service - c:\program files (x86)\hp\common\hpsupportsolutionsframeworkservice.exe
        SERV - R2 - [igfxCUIService1.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\igfxcuiservice.exe
        SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
        SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
        SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
        SERV - R2 - [LMSvc] - Launch Manager Service - c:\program files\acer\acer launch manager\lmsvc.exe
        SERV - R2 - [NAUpdate] - Nero Update - c:\program files (x86)\nero\update\nasvc.exe
        SERV - R2 - [PDF Architect Helper Service] - PDF Architect Helper Service - c:\program files (x86)\pdf architect\helperservice.exe
        SERV - R2 - [PDF Architect Service] - PDF Architect Service - c:\program files (x86)\pdf architect\conversionservice.exe
        SERV - R2 - [TeamViewer9] - TeamViewer 9 - c:\program files (x86)\teamviewer\version9\teamviewer_service.exe
        SERV - R2 - [TuneUp.UtilitiesSvc] - AVG PC TuneUp Service - c:\program files (x86)\avg\avg pc tuneup\tuneuputilitiesservice64.exe
        SERV - R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
        SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
        SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
        SERV - R2 - [WtuSystemSupport] - WtuSystemSupport - c:\program files (x86)\avg web tuneup\wtusystemsupport.exe
        SERV - R3 - [ePowerSvc] - ePower Service - c:\program files\acer\acer power management\epowersvc.exe
        SERV - R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
        SERV - R3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
        SERV - R3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
        SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
        SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
        SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
        SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
        SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
        SERV - S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
        SERV - S3 - [DeviceFastLaneService] - Device Fast-lane Service - c:\program files\acer\acer device fast-lane\devicefastlanesvc.exe
        SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
        SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
        SERV - S3 - [ICCS] - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - c:\program files (x86)\intel\intel(r) integrated clock controller service\iccproxy.exe
        SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
        SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
        SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
        SERV - S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
        SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
        SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
        SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
        SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
        SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
        SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
        SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
        SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
        SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
        SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
        SERV - S4 - [GamesAppService] - GamesAppService - c:\program files (x86)\wildtangent games\app\gamesappservice.exe

        *** Win32ShareProcess ***

        SERV - R2 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
        SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
        SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
        SERV - R3 - [SystemExplorerHelpService] - System Explorer Service - c:\program files (x86)\system explorer\service\systemexplorerservice64.exe
        SERV - R3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
        SERV - S2 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
        SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

        *** Others ***

        SERV - R2 - [CCDMonitorService] - CCDMonitorService - c:\program files (x86)\acer\acer cloud\ccdmonitorservice.exe
        SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
        SERV - R2 - [TomTomHOMEService] - TomTomHOMEService - c:\program files (x86)\tomtom home 2\tomtomhomeservice.exe
        SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

        *** File System Driver ***

        DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\WINDOWS\system32\Drivers\AVGIDSHA.sys
        DRV - R0 - [Avgloga] - AVG Logging Driver - C:\WINDOWS\system32\Drivers\Avgloga.sys
        DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\WINDOWS\system32\Drivers\Avgmfx64.sys
        DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\WINDOWS\system32\Drivers\Avgrkx64.sys
        DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys
        DRV - R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys
        DRV - R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys
        DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys
        DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys
        DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\WINDOWS\system32\Drivers\srv.sys
        DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\WINDOWS\system32\Drivers\srv2.sys

        *** Kernel Driver ***

        DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\WINDOWS\system32\Drivers\ACPI.sys
        DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys
        DRV - R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys
        DRV - R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys
        DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\WINDOWS\system32\Drivers\disk.sys
        DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\WINDOWS\system32\Drivers\fvevol.sys
        DRV - R0 - [iaStorA] - iaStorA - C:\WINDOWS\system32\Drivers\iaStorA.sys
        DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\WINDOWS\system32\Drivers\intelpep.sys
        DRV - R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys
        DRV - R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys
        DRV - R0 - [mountmgr] - Mount Point Manager - C:\WINDOWS\system32\Drivers\mountmgr.sys
        DRV - R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys
        DRV - R0 - [NDIS] - NDIS System Driver - C:\WINDOWS\system32\Drivers\NDIS.sys
        DRV - R0 - [partmgr] - Partition Manager - C:\WINDOWS\system32\Drivers\partmgr.sys
        DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\WINDOWS\system32\Drivers\pci.sys
        DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys
        DRV - R0 - [pdc] - pdc - C:\WINDOWS\system32\Drivers\pdc.sys
        DRV - R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys
        DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\WINDOWS\system32\Drivers\spaceport.sys
        DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\WINDOWS\system32\Drivers\Tcpip.sys
        DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\WINDOWS\system32\Drivers\vdrvroot.sys
        DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\WINDOWS\system32\Drivers\volmgr.sys
        DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\WINDOWS\system32\Drivers\volmgrx.sys
        DRV - R0 - [volsnap] - Opslagvolumes - C:\WINDOWS\system32\Drivers\volsnap.sys
        DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\WINDOWS\system32\Drivers\Wdf01000.sys
        DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\WINDOWS\system32\Drivers\WFPLWFS.sys
        DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\WINDOWS\system32\Drivers\AFD.sys
        DRV - R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys
        DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\WINDOWS\system32\Drivers\tdx.sys
        DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys
        DRV - S0 - [Avgboota] - AVG Early Launch Anti-Malware Driver - C:\WINDOWS\system32\Drivers\Avgboota.sys
        DRV - S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys
        DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys
        DRV - S3 - [atapi] - IDE-kanaal - C:\WINDOWS\system32\Drivers\atapi.sys

        ==================== SvcHost - White Listed ====================================

        WOW x64 - All Ok

        ==================== SvcHost x64 - White Listed ================================

        HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
        BthHFSrv = ServiceDll = C:\WINDOWS\System32\BthHFSrv.dll [9307a4b743d277c499cda8e19e5687ac]

        HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
        UxTuneUp = ServiceDll = C:\WINDOWS\System32\uxtuneup.dll [5e95a5e82ae0242a546d7596035cc7d1]



        ==================== SigCheck x86 Fast =========================================

        Fast Scan All ok

        ==================== SigCheck x64 Fast =========================================

        Fast Scan All ok

        ==================== Job tasks at C:\WINDOWS\Tasks =============================

        C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 940 bytes [ 14-2-2014 19:07:45 ]

        C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 1074 bytes [ 8-2-2015 19:13:34 ]

        C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 1078 bytes [ 8-2-2015 19:13:35 ]

        C:\WINDOWS\Tasks\SA.DAT 6 bytes [ 22-8-2013 16:45:54 ]


        ==================== Job tasks at C:\WINDOWS\system32\Tasks ====================

        C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 3828 bytes [ 14-2-2014 19:07:45 ]
        => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

        C:\WINDOWS\system32\Tasks\ALU 3626 bytes [ 19-7-2013 11:55:03 ]
        => C:\Program Files (x86)\Acer\Live Updater\updater.exe

        C:\WINDOWS\system32\Tasks\ALUAgent 4402 bytes [ 19-7-2013 11:55:03 ]
        => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe

        C:\WINDOWS\system32\Tasks\CreateChoiceProcessTask 3552 bytes [ 12-1-2014 00:52:45 ]
        => C:\Windows\BrowserChoice\browserchoice.exe

        C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Eigenaar) 2876 bytes [ 8-2-2015 18:23:27 ]
        => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

        C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (SYSTEM) 2860 bytes [ 16-7-2014 22:53:18 ]
        => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

        C:\WINDOWS\system32\Tasks\GarminUpdaterTask 3556 bytes [ 10-4-2015 16:58:17 ]
        => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe

        C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 3814 bytes [ 13-1-2014 14:33:56 ]
        => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

        C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 4050 bytes [ 13-1-2014 14:33:57 ]
        => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

        C:\WINDOWS\system32\Tasks\Launch Manager 2904 bytes [ 26-10-2013 15:32:42 ]
        => "C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"

        C:\WINDOWS\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1221181360-1772278862-46273954-1001 3098 bytes [ 12-3-2015 17:11:22 ]
        => %localappdata%\Microsoft\OneDrive\OneDrive.exe

        C:\WINDOWS\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1221181360-1772278862-46273954-1004 3088 bytes [ 11-5-2014 17:58:56 ]
        => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe

        C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1221181360-1772278862-46273954-1001 3594 bytes [ 11-1-2014 11:19:19 ]

        C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1221181360-1772278862-46273954-1005 3594 bytes [ 11-5-2014 18:36:16 ]

        C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1221181360-1772278862-46273954-500 3592 bytes [ 26-10-2013 15:16:07 ]

        C:\WINDOWS\system32\Tasks\Power Management 2914 bytes [ 26-10-2013 15:30:46 ]
        => "C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"

        C:\WINDOWS\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2762 bytes [ 17-1-2014 20:29:17 ]
        => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe

        C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{49876D50-9B14-4960-A86A-851238F61274} 3962 bytes [ 13-1-2014 16:23:32 ]
        => C:\WINDOWS\system32\msfeedssync.exe


        ==================== Job tasks at C:\WINDOWS\SysWOW64\Tasks ====================

        There are no .job files found.

        ==================== End scanning at za 2 mei 2015 07:30 (0 Min 30 Sec ) =======

        Comment


        • #5
          E-Peek dblog:

          za 2 mei 2015 07:30 : Scan started
          za 2 mei 2015 07:30 : Header OK
          za 2 mei 2015 07:30 : Find History OK
          za 2 mei 2015 07:30 : Running Processes OK
          za 2 mei 2015 07:30 : IE Pages OK
          za 2 mei 2015 07:30 : Auto load OK
          za 2 mei 2015 07:30 : preference file C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesnot present
          za 2 mei 2015 07:30 : Default Browser OK
          za 2 mei 2015 07:30 : Hostfiles OK
          za 2 mei 2015 07:30 : BHO OK
          za 2 mei 2015 07:30 : ASP OK
          za 2 mei 2015 07:30 : IEO OK
          za 2 mei 2015 07:30 : RED OK
          za 2 mei 2015 07:30 : EI OK
          za 2 mei 2015 07:30 : LSP OK
          za 2 mei 2015 07:30 : IDP OK
          za 2 mei 2015 07:30 : DSIE OK
          za 2 mei 2015 07:30 : TZ OK
          za 2 mei 2015 07:30 : DPF OK
          za 2 mei 2015 07:30 : DH OK
          za 2 mei 2015 07:30 : PH OK
          za 2 mei 2015 07:30 : USH OK
          za 2 mei 2015 07:30 : AS OK
          za 2 mei 2015 07:30 : SSODL OK
          za 2 mei 2015 07:30 : STS OK
          za 2 mei 2015 07:30 : Extra Items OK
          za 2 mei 2015 07:30 : SERV OK
          za 2 mei 2015 07:30 : Unknow ValueName => bthaudiosvc
          za 2 mei 2015 07:30 : SVC OK
          za 2 mei 2015 07:30 : Fast Scan SigCheck OK
          za 2 mei 2015 07:30 : STS OK
          za 2 mei 2015 07:30 : Scan ended

          Comment


          • #6
            Zijn er nog problemen?
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              Voor zover ik het nu kan overzien zijn er geen problemen. In ieder geval ik ervaar ze niet meer.

              Comment


              • #8
                Mooi zo


                1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                4) Allerlei tips en hints kan je hier raadplegen.


                Ik zet het topic op opgelost.

                Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                naar de sectie "Afgesloten topics virusinfecties en is een reactie niet meer mogelijk
                Dit is gedaan om het forum netjes en overzichtelijk te houden.

                Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                Emphyrio
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Bedankt! En ik zal de tips ter harte nemen en een donatie aan Nucia doen!

                  Comment


                  • #10
                    Grag gedaan
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment

                    Sorry, you are not authorized to view this page
                    Working...
                    X