Mededeling

Collapse
No announcement yet.

PC 'bevriest' voortdurend

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • PC 'bevriest' voortdurend

    Bij courante programma's (als IE, Outlook e.a.) 'bevriest' de PC om de haverklap; met wat geluk hernemen de programma's na luttele tijd weer. Evenwel is het handmatig uitschakelen en heropstarten van de PC meestal de ultieme mogelijkheid ... tot de volgende 'stop', en dat gebeurt actueel veel té frequent.
    Mogelijk spyware en/of virus aan het werk ?
    Dank - Leifoet

    Topic in de juiste setie gezet
    Last edited by Emphyrio; 09-05-15, 16:34.

  • #2
    De eerste stap is het uitvoeren van deze richtlijn:

    !!! BELANGRIJK !!!: Lees dit eerst voor je hier een bericht plaatst!

    Post de gevraagde logjes.

    Emphyrio
    Malware Research [email protected]arebytes (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Beste Emphyrio,
      Dank om mijn vraag in het juiste forum te plaatsen.

      1e antwoordposting (van 3)

      1. MBAM (Bedreigingsscan)
      2. AdwClaener
      3. DDS

      1. MBAM - had 'bedreigingsscan' reeds gemaakt - cfr. hierna - uitgebreide scan (o.a. op de schijven) is nu aan het draaien en wordt na beëindiging onmiddellijk gepost (= 3de antwoordposting)

      Malwarebytes Anti-Malware
      www.malwarebytes.org
      Update, 10/05/2015 10:24:00, SYSTEM, PAUL-PC, Manual, Remediation Database, 2015.4.6.2, 2015.5.9.1,
      Update, 10/05/2015 10:24:01, SYSTEM, PAUL-PC, Manual, Rootkit Database, 2015.3.31.1, 2015.4.21.1,
      Update, 10/05/2015 10:24:09, SYSTEM, PAUL-PC, Manual, Malware Database, 2015.4.16.4, 2015.5.10.2,
      Scan, 10/05/2015 11:10:36, SYSTEM, PAUL-PC, Manual, Start: % 1 10/05/2015, Duur: % 1 min 46 sec, Bedreigingsscan, Voltooid, 0 Malware Detections, 0 niet-Malware Detections,
      (end)


      2. AdwCleaner

      # AdwCleaner v4.203 - Logbestand aangemaakt 10/05/2015 op 14:30:37
      # Laatste update 30/04/2015 door Xplode
      # Database : 2015-05-09.1 [Server]
      # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
      # Gebruikersnaam : Paul - PAUL-PC
      # Gestart vanuit : C:\Users\Paul\Desktop\adwcleaner_4.203.exe
      # Optie : Verwijderen

      ***** [ Services ] *****

      ***** [ Bestanden / Mappen ] *****

      Map Verwijderd : C:\Users\Paul\Favorites\eXact
      Map Verwijderd : C:\Program Files (x86)\DownloadManager
      Map Verwijderd : C:\Users\Paul\AppData\Local\genienext
      Map Verwijderd : C:\Users\Paul\AppData\Local\Mobogenie
      Map Verwijderd : C:\Users\Paul\AppData\LocalLow\HPAppData
      Map Verwijderd : C:\Users\Paul\AppData\Roaming\Systweak
      Map Verwijderd : C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
      Map Verwijderd : C:\Users\Paul\Documents\PC Speed Maximizer
      Bestand Verwijderd : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aipfmkinhleccnodemkoofnnofpbbpac_0.localstorage
      Bestand Verwijderd : C:\Windows\SysWOW64\RegistryHelperLM.ocx
      Bestand Verwijderd : C:\Users\Paul\daemonprocess.txt

      ***** [ Geplande taken ] *****

      Taak Verwijderd : Dealply

      ***** [ Snelkoppelingen ] *****

      ***** [ Register ] *****

      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
      Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
      Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91EE0830-B539-45AB-83F2-741FED0B0E2F}
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2d9083ce-8758-4704-ba57-3c891d7452bd}
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d429207-4689-492d-a0e5-cdc5dfbb5005}
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9103c314-c4e2-4463-8934-b19bcb46236d}
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97cef41c-5055-474a-855a-892d4fe3e596}
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d375ee64-f893-498a-a0e9-0e9829c88c3d}
      Sleutel Verwijderd : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91EE0830-B539-45AB-83F2-741FED0B0E2F}
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
      Sleutel Verwijderd : HKCU\Software\DriverTuner_Init
      Sleutel Verwijderd : HKCU\Software\DriverTuner
      Sleutel Verwijderd : HKCU\Software\Linkey
      Sleutel Verwijderd : HKLM\SOFTWARE\Trymedia Systems
      Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
      Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\deltaweb.be
      Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\packagetracer.dl.tb.ask.com
      Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
      Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\wetransfer.nl.softonic.com
      Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.deltaweb.be

      ***** [ Webbrowsers ] *****

      -\\ Internet Explorer v11.0.9600.17728
      -\\ Google Chrome v42.0.2311.135

      [C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [Search Provider] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWLniD5Hi5TtMwz_P2UzAlGH8tcO91_iO44Gu-CckyQ-Wa3VAsfVWSBGUmR8p2TrCMoAmpY4jyJaRAGRIrV4r0dxhBDkuNt_Px1KBzdWQbRGXFN0EbpJ-aN0FwMT9T-yJrmkf41vbWF7n_K_ulRdC22dow,,&q={searchTerms}
      [C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Verwijderd [Extension] : bopakagnckmlgajfccecajhnimjiiedh

      *************************

      AdwCleaner[R0].txt - [12971 bytes] - [18/11/2013 23:12:44]
      AdwCleaner[R1].txt - [4294 bytes] - [09/12/2013 04:04:45]
      AdwCleaner[R2].txt - [3773 bytes] - [30/10/2014 02:56:37]
      AdwCleaner[R3].txt - [4427 bytes] - [11/02/2015 11:03:38]
      AdwCleaner[R4].txt - [5716 bytes] - [10/05/2015 14:29:09]
      AdwCleaner[S0].txt - [13139 bytes] - [18/11/2013 23:13:54]
      AdwCleaner[S1].txt - [3898 bytes] - [09/12/2013 04:05:31]
      AdwCleaner[S2].txt - [422 bytes] - [11/02/2015 11:05:48]
      AdwCleaner[S3].txt - [5153 bytes] - [10/05/2015 14:30:37]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [5212 bytes] ##########


      3. DDS

      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 11.0.9600.17728 BrowserJavaVersion: 11.31.2
      Run by Paul at 14:53:41 on 2015-05-10
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8160.5117 [GMT 2:00]
      .
      AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
      AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
      SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
      SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
      .
      ============== Running Processes ===============
      .
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
      C:\Windows\system32\svchost.exe -k RPCSS
      C:\Program Files\Microsoft Security Client\MsMpEng.exe
      C:\Windows\system32\atiesrxx.exe
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Windows\system32\svchost.exe -k GPSvcGroup
      C:\Windows\system32\atieclxx.exe
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Windows\system32\taskhost.exe
      C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
      C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files (x86)\ASCOMP Software\Synchredible\synchredible.exe
      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      C:\Windows\system32\svchost.exe -k bthsvcs
      C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
      C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
      C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
      C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
      C:\Program Files\Microsoft Security Client\msseces.exe
      C:\Program Files\MakerBot\MakerWare\conveyor-svc.exe
      C:\Program Files\Greenshot\Greenshot.exe
      C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
      c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
      C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
      C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
      C:\Windows\system32\mfevtps.exe
      C:\Windows\system32\mfevtps.exe
      C:\Program Files\Microsoft LifeCam\MSCamS64.exe
      C:\Windows\System32\svchost.exe -k HPZ12
      C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
      C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Windows\SysWOW64\NLSSRV32.EXE
      C:\Program Files (x86)\PasswordBox\pbbtnService.exe
      C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
      C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
      C:\Windows\System32\svchost.exe -k HPZ12
      C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
      C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
      C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe
      C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
      C:\Windows\system32\svchost.exe -k imgsvc
      C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
      C:\Windows\sysWOW64\wbem\wmiprvse.exe
      C:\Program Files\McAfee\MSC\McAPExe.exe
      C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
      C:\Program Files\CCleaner\CCleaner64.exe
      C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
      C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
      C:\Windows\system32\svchost.exe -k HPService
      C:\Program Files\Microsoft Security Client\NisSrv.exe
      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Windows\System32\WUDFHost.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      C:\Windows\system32\svchost.exe -k SDRSVC
      C:\Windows\System32\svchost.exe -k LocalServicePeerNet
      C:\Windows\system32\Macromed\Flash\FlashUtil64_17_0_0_169_ActiveX.exe
      C:\Windows\System32\svchost.exe -k swprv
      C:\Windows\servicing\TrustedInstaller.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://www.standaard.be/
      uSearch Bar = Preserve
      mStart Page = about:blank
      mWinlogon: Userinit = userinit.exe
      BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
      BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
      BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
      BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
      BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
      BHO: CutePDF Form Filler Helper: {D41289F2-69C6-417B-897E-C653D677CBAF} - C:\Program Files (x86)\Acro Software\CutePDF Filler Evaluation\CPFillerCoE.dll
      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
      BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      TB: PasswordBox: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
      TB: PasswordBox: {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
      EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
      EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
      uRun: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
      uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
      uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
      uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
      mRun: [mcpltui_exe] "C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe" /platui /runkey
      StartupFolder: C:\Users\Paul\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe
      StartupFolder: C:\Users\Paul\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
      StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
      mPolicies-Explorer: NoActiveDesktop = dword:1
      mPolicies-Explorer: NoActiveDesktopChanges = dword:1
      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
      mPolicies-System: ConsentPromptBehaviorUser = dword:3
      mPolicies-System: EnableUIADesktopToggle = dword:0
      mPolicies-Windows\System: UseOEMBackground = dword:1
      IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
      IE: Klant openen op monitor &1 - C:\Windows\web\AOpenClient.htm
      IE: Klant openen op monitor &2 - C:\Windows\web\AOpenClient.htm
      IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
      IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
      IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
      DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
      DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/nirvana/controls/pcmatic.cab
      DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
      DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
      DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
      DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      TCP: NameServer = 192.168.1.1
      TCP: Interfaces\{5953C892-1708-4951-A807-B14682B97CE3} : DHCPNameServer = 192.168.1.1
      Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      Notify: SDWinLogon - SDWinLogon.dll
      SSODL: WebCheck - <orphaned>
      SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
      mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
      mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      x64-mStart Page = about:blank
      x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
      x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
      x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
      x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
      x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
      x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
      x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
      x64-Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe
      x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
      x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
      x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
      x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
      x64-SSODL: WebCheck - <orphaned>
      x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
      .
      ============= SERVICES / DRIVERS ===============
      .
      R?2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2015-5-3 155368]
      R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-6-25 38528]
      R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2014-8-3 718840]
      R0 DC324e;DC324e;C:\Windows\System32\drivers\DC324e.sys [2011-6-25 49752]
      R0 DC3410;DC3410;C:\Windows\System32\drivers\DC3410.sys [2011-6-25 48328]
      R0 mfedisk;McAfee AAC Disk Filter Driver;C:\Windows\System32\drivers\mfedisk.sys [2015-2-17 101872]
      R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-9-24 864072]
      R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2015-2-17 340448]
      R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-11-15 274696]
      R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2011-6-25 24880]
      R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2011-6-25 310064]
      R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-3-18 52856]
      R0 xfiltx64;VIA SATA IDE Hot-plug Driver;C:\Windows\System32\drivers\xfiltx64.sys [2011-6-25 26776]
      R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2014-2-20 121928]
      R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2014-8-3 148696]
      R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Program Files\HWiNFO64\HWiNFO64A.SYS [2012-7-31 30592]
      R2 AcerSyncSystemService;AcerSyncSystemService;C:\Program Files\Acer\AcerSync\AcerSyncSystemService.exe [2012-4-29 81304]
      R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
      R2 DraftSight API Service;DraftSight API Service;C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-11-21 117760]
      R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2014-2-20 69368]
      R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-5-3 340744]
      R2 MakerBot Conveyor Service;MakerBot Conveyor Service;C:\Program Files\MakerBot\MakerWare\conveyor-svc.exe [2013-11-27 78336]
      R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2015-5-3 752232]
      R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-5-3 340744]
      R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-5-3 340744]
      R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2015-5-3 372144]
      R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-12-13 250672]
      R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-11-15 124560]
      R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-6-17 230408]
      R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2013-6-17 69640]
      R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-3-27 67584]
      R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2015-2-5 487960]
      R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-1-21 1738168]
      R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-1-21 2088408]
      R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2015-1-21 171928]
      R2 SOHDms;Sony Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-1-16 495248]
      R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-6-26 5037888]
      R3 ACSSCR;ACR38 Smart Card Reader;C:\Windows\System32\drivers\a38usb.sys [2013-11-7 62592]
      R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
      R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2014-8-3 593144]
      R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2011-6-25 32344]
      R3 mfeaack;McAfee Inc. mfeaack;C:\Windows\System32\drivers\mfeaack.sys [2015-2-17 401736]
      R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-11-4 337888]
      R3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-12-13 232656]
      R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-11-4 488000]
      R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-11-26 411944]
      R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-1-30 366512]
      R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
      R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
      R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-9-22 849992]
      R3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
      R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-6-25 47232]
      S1 gfpstyfd;gfpstyfd;C:\Windows\System32\drivers\gfpstyfd.sys [2015-5-10 55104]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
      S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-5-3 340744]
      S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
      S3 2310_00;2310_00;C:\Windows\System32\drivers\2310_00.sys [2011-6-25 170528]
      S3 ahcix64;ahcix64;C:\Windows\System32\drivers\ahcix64.sys [2011-6-25 264272]
      S3 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2011-6-25 226616]
      S3 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-6-25 78976]
      S3 androidusb;ADB Interface Driver;C:\Windows\System32\drivers\androidusb.sys [2012-6-5 31744]
      S3 arcm_a64;arcm_a64;C:\Windows\System32\drivers\arcm_a64.sys [2011-6-25 52768]
      S3 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-6-25 36448]
      S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-6-25 126952]
      S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-6-25 390632]
      S3 b06diag;Broadcom NetXtreme II Diag Driver;C:\Windows\System32\drivers\bxdiaga.sys [2011-6-25 88104]
      S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2012-3-2 165688]
      S3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2011-6-25 157288]
      S3 BFNVis64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\XenoVa64.sys [2011-6-25 157288]
      S3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2014-1-28 89640]
      S3 BXOIS;BXOIS;C:\Windows\System32\drivers\bxois.sys [2011-6-25 533544]
      S3 cbaf;UWB Cable Based Association Framework Driver;C:\Windows\System32\drivers\cbaf.sys [2011-6-25 15872]
      S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-11-4 68784]
      S3 DC133;DC133;C:\Windows\System32\drivers\DC133.sys [2011-6-25 39320]
      S3 DC150;DC150;C:\Windows\System32\drivers\DC150.sys [2011-6-25 39832]
      S3 DC154;DC154;C:\Windows\System32\drivers\DC154.sys [2011-6-25 48136]
      S3 DC300e;DC300e;C:\Windows\System32\drivers\DC300e.sys [2011-6-25 40344]
      S3 DC4300;DC4300;C:\Windows\System32\drivers\DC4300.sys [2011-6-25 48360]
      S3 DC600e;DC600e;C:\Windows\System32\drivers\DC600e.sys [2011-6-25 40744]
      S3 dfuuwb;Intel Wireless UWB Link 1480M Device Firmware Utility;C:\Windows\System32\drivers\DfuUWB.sys [2011-6-25 503296]
      S3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2011-6-25 76112]
      S3 enecirhid;ENE CIR HID Receiver;C:\Windows\System32\drivers\enecirhid.sys [2011-6-25 20304]
      S3 enecirhidma;ENE CIR HIDmini Filter;C:\Windows\System32\drivers\enecirhidma.sys [2011-6-25 12112]
      S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-6-25 40832]
      S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-6-25 65280]
      S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-30 48488]
      S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
      S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2013-9-22 56600]
      S3 hptiop;hptiop;C:\Windows\System32\drivers\hptiop.sys [2011-6-25 17440]
      S3 hptmv;hptmv;C:\Windows\System32\drivers\hptmv.sys [2011-6-25 93472]
      S3 hptmv6;hptmv6;C:\Windows\System32\drivers\hptmv6.sys [2011-6-25 152096]
      S3 HWA;Intel(R) Wireless USB Host Adapter;C:\Windows\System32\drivers\HWA.sys [2011-6-25 61440]
      S3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTVE.sys [2011-6-25 43416]
      S3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTXPE.sys [2011-6-25 51096]
      S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-4-15 114688]
      S3 IFCoEMP;IFCoEMP;C:\Windows\System32\drivers\ifM60x64.sys [2011-6-25 349968]
      S3 IFCoEVB;IFCoEVB;C:\Windows\System32\drivers\ifP60x64.sys [2011-6-25 70928]
      S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-6-25 158976]
      S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2011-6-25 40144]
      S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2011-6-25 42192]
      S3 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2011-6-25 26712]
      S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-9-21 351520]
      S3 LVUVC64;Logitech Webcam 200(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-9-21 4763680]
      S3 MegaSR1;MegaSR1;C:\Windows\System32\drivers\MegaSR1.sys [2011-6-25 461320]
      S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-11-26 96112]
      S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-13 36720]
      S3 mv61xx;mv61xx;C:\Windows\System32\drivers\mv61xx.sys [2011-6-25 181040]
      S3 NTIOLib_1_0_4;NTIOLib_1_0_4;C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2013-9-22 14136]
      S3 nvamacpi;nvamacpi;C:\Windows\System32\drivers\nvamacpi.sys [2011-6-25 28192]
      S3 O2MDRDR;O2MDRDR;C:\Windows\System32\drivers\o2mdx64.sys [2011-6-25 58400]
      S3 O2SDRDR;O2SDRDR;C:\Windows\System32\drivers\o2sdx64.sys [2011-6-25 56096]
      S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
      S3 Pnp680;Pnp680;C:\Windows\System32\drivers\PnP680.sys [2011-6-25 80424]
      S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2012-10-7 19032]
      S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2012-10-7 12384]
      S3 qcusbser;ACER Android USB Device for Legacy Serial Communication;C:\Windows\System32\drivers\qcusbser.sys [2012-4-29 120960]
      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-20 19456]
      S3 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2011-6-25 61952]
      S3 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2011-6-25 79360]
      S3 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2011-6-25 99328]
      S3 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2011-6-25 55808]
      S3 rr172x;rr172x;C:\Windows\System32\drivers\rr172x.sys [2011-6-25 124448]
      S3 rr174x;rr174x;C:\Windows\System32\drivers\rr174x.sys [2011-6-25 159264]
      S3 rr2210;rr2210;C:\Windows\System32\drivers\rr2210.sys [2011-6-25 153632]
      S3 rr232x;rr232x;C:\Windows\System32\drivers\rr232x.sys [2011-6-25 152096]
      S3 rr2340;rr2340;C:\Windows\System32\drivers\rr2340.sys [2011-6-25 162400]
      S3 rr2522;rr2522;C:\Windows\System32\drivers\rr2522.sys [2011-6-25 168032]
      S3 rr62x;rr62x;C:\Windows\System32\drivers\rr62x.sys [2011-6-25 155232]
      S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-6-25 250984]
      S3 SI3112r;SI3112r;C:\Windows\System32\drivers\SI3112r.sys [2011-6-25 164656]
      S3 SI3114;SI3114;C:\Windows\System32\drivers\SI3114.sys [2011-6-25 99120]
      S3 SI3124;SI3124;C:\Windows\System32\drivers\SI3124.sys [2011-6-25 113456]
      S3 Si3124r5;Si3124r5;C:\Windows\System32\drivers\Si3124r5.sys [2011-6-25 334640]
      S3 Si3531;Si3531;C:\Windows\System32\drivers\Si3531.sys [2011-6-25 333864]
      S3 SOHDs;Sony Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2013-12-3 79000]
      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-20 57856]
      S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-5-20 30208]
      S3 uwbusb;UWB Bus Control USB-Miniport Driver;C:\Windows\System32\drivers\usbuwbmini.sys [2011-6-25 13312]
      S3 vcrdrx64;VIA MSP Card Reader Host Controller;C:\Windows\System32\drivers\vcrdrx64.sys [2011-6-25 127088]
      S3 viamrx64;viamrx64;C:\Windows\System32\drivers\viamrx64.sys [2011-6-25 161904]
      S3 videX64;videX64;C:\Windows\System32\drivers\videX64.sys [2011-6-25 15000]
      S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-2 1255736]
      S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
      SUnknown qokxhlbw;qokxhlbw; [x]
      .
      =============== File Associations ===============
      .
      FileExt: .txt: txtfile="C:\Windows\System32\NOTEPAD.EXE" %1
      FileExt: .ini: inifile="C:\Windows\System32\NOTEPAD.EXE" %1
      FileExt: .inf: inffile="C:\Windows\System32\NOTEPAD.EXE" %1
      .
      =============== Created Last 30 ================
      .
      2015-05-10 12:49:51 55104 ----a-w- C:\Windows\System32\drivers\gfpstyfd.sys
      2015-05-10 12:41:45 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{654A3981-A3A4-481C-B64C-7A005160FFCD}\offreg.dll
      2015-05-10 06:22:42 12032440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{654A3981-A3A4-481C-B64C-7A005160FFCD}\mpengine.dll
      2015-05-09 03:54:11 12032440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
      2015-05-07 16:41:27 261056 ----a-w- C:\Windows\System32\drivers\avchv.sys
      2015-05-03 13:19:11 -------- d-----w- C:\Program Files (x86)\McAfee.com
      2015-05-03 13:16:16 -------- d-----w- C:\Program Files\McAfee.com
      2015-05-03 08:19:59 -------- d-----w- C:\Program Files\Autodesk
      2015-05-02 17:32:35 -------- d-----w- C:\Program Files\devcon
      2015-05-02 17:19:08 79024 ----a-w- C:\Users\Paul\devcon.exe
      2015-05-02 16:25:39 -------- d-----w- C:\Program Files (x86)\ConEmu
      2015-05-02 15:38:28 -------- d-----w- C:\Program Files (x86)\NirSoft
      2015-05-02 09:21:19 -------- d-----w- C:\Nieuwe map (2)
      2015-05-01 21:55:34 -------- d-----w- C:\Users\Paul\AppData\Roaming\Greenshot
      2015-05-01 21:55:33 -------- d-----w- C:\Users\Paul\AppData\Local\Greenshot
      2015-05-01 21:54:46 -------- d-----w- C:\Program Files\Greenshot
      2015-04-30 09:11:25 -------- d-----w- C:\Users\Paul\AppData\Roaming\PhotoScape
      2015-04-30 09:11:11 -------- d-----w- C:\Program Files (x86)\PhotoScape
      2015-04-27 09:46:01 1187344 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{01457E98-DDEA-4341-964C-9EE6CC82AE22}\gapaengine.dll
      2015-04-15 09:12:53 957952 ----a-w- C:\Windows\System32\appraiser.dll
      2015-04-15 09:11:59 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
      .
      ==================== Find3M ====================
      .
      2015-05-10 12:27:40 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
      2015-04-15 14:39:26 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2015-04-15 14:39:26 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2015-03-25 03:24:41 98304 ----a-w- C:\Windows\System32\wudriver.dll
      2015-03-25 03:24:41 3298816 ----a-w- C:\Windows\System32\wucltux.dll
      2015-03-25 03:24:41 191488 ----a-w- C:\Windows\System32\wuwebv.dll
      2015-03-25 03:24:08 60416 ----a-w- C:\Windows\System32\WinSetupUI.dll
      2015-03-25 03:23:58 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
      2015-03-25 03:23:55 36864 ----a-w- C:\Windows\System32\wuapp.exe
      2015-03-25 03:00:57 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
      2015-03-25 03:00:57 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
      2015-03-25 03:00:15 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
      2015-03-23 03:25:15 726528 ----a-w- C:\Windows\System32\generaltel.dll
      2015-03-23 03:25:01 769536 ----a-w- C:\Windows\System32\invagent.dll
      2015-03-23 03:24:56 419840 ----a-w- C:\Windows\System32\devinv.dll
      2015-03-23 03:24:53 30720 ----a-w- C:\Windows\System32\acmigration.dll
      2015-03-23 03:24:53 227328 ----a-w- C:\Windows\System32\aepdu.dll
      2015-03-23 03:24:53 192000 ----a-w- C:\Windows\System32\aepic.dll
      2015-03-23 03:17:39 1111552 ----a-w- C:\Windows\System32\aeinv.dll
      2015-03-13 04:25:14 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
      2015-03-13 04:25:01 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
      2015-03-13 04:09:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
      2015-03-13 04:08:33 584192 ----a-w- C:\Windows\System32\vbscript.dll
      2015-03-13 04:08:27 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
      2015-03-13 04:08:17 417280 ----a-w- C:\Windows\System32\html.iec
      2015-03-13 04:06:54 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
      2015-03-13 03:54:11 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
      2015-03-13 03:54:00 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
      2015-03-13 03:53:22 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
      2015-03-13 03:50:45 6025216 ----a-w- C:\Windows\System32\jscript9.dll
      2015-03-13 03:44:48 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
      2015-03-13 03:42:18 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
      2015-03-13 03:28:48 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
      2015-03-13 03:28:37 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
      2015-03-13 03:27:51 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
      2015-03-13 03:27:35 340992 ----a-w- C:\Windows\SysWow64\html.iec
      2015-03-13 03:26:19 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
      2015-03-13 03:16:26 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
      2015-03-13 03:15:40 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
      2015-03-13 03:05:50 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
      2015-03-13 03:05:24 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
      2015-03-13 03:01:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
      2015-03-13 02:49:21 4305408 ----a-w- C:\Windows\SysWow64\jscript9.dll
      2015-03-13 02:45:57 2358784 ----a-w- C:\Windows\System32\wininet.dll
      2015-03-13 02:43:41 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
      2015-03-13 02:42:47 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
      2015-03-13 02:20:28 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
      2015-03-10 03:25:10 1882624 ----a-w- C:\Windows\System32\msxml3.dll
      2015-03-10 03:21:42 2048 ----a-w- C:\Windows\System32\msxml3r.dll
      2015-03-10 03:08:26 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
      2015-03-10 03:05:39 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
      2015-03-06 05:56:10 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
      2015-03-06 05:56:10 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
      2015-03-06 05:42:39 210944 ----a-w- C:\Windows\System32\wdigest.dll
      2015-03-06 05:42:36 86528 ----a-w- C:\Windows\System32\TSpkg.dll
      2015-03-06 05:42:35 29184 ----a-w- C:\Windows\System32\sspisrv.dll
      2015-03-06 05:42:35 136192 ----a-w- C:\Windows\System32\sspicli.dll
      2015-03-06 05:42:33 341504 ----a-w- C:\Windows\System32\schannel.dll
      2015-03-06 05:42:33 28160 ----a-w- C:\Windows\System32\secur32.dll
      2015-03-06 05:42:29 314880 ----a-w- C:\Windows\System32\msv1_0.dll
      2015-03-06 05:42:29 309760 ----a-w- C:\Windows\System32\ncrypt.dll
      2015-03-06 05:42:27 728064 ----a-w- C:\Windows\System32\kerberos.dll
      2015-03-06 05:42:27 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
      2015-03-06 05:42:20 22016 ----a-w- C:\Windows\System32\credssp.dll
      2015-03-06 05:41:46 31232 ----a-w- C:\Windows\System32\lsass.exe
      2015-03-06 05:41:31 64000 ----a-w- C:\Windows\System32\auditpol.exe
      2015-03-06 05:39:16 60416 ----a-w- C:\Windows\System32\msobjs.dll
      2015-03-06 05:38:57 146432 ----a-w- C:\Windows\System32\msaudite.dll
      2015-03-06 05:36:56 686080 ----a-w- C:\Windows\System32\adtschema.dll
      2015-03-06 05:10:34 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
      2015-03-06 05:10:30 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
      2015-03-06 05:10:26 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
      2015-03-06 05:10:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
      2015-03-06 05:10:22 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
      2015-03-06 05:10:22 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
      2015-03-06 05:10:18 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
      2015-03-06 05:10:11 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
      2015-03-06 05:09:31 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
      2015-03-06 05:09:19 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
      2015-03-06 05:07:50 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
      2015-03-06 05:07:43 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
      2015-03-06 05:06:20 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
      2015-03-05 05:12:33 404480 ----a-w- C:\Windows\System32\gdi32.dll
      2015-03-05 04:05:06 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
      2015-03-04 04:55:13 367552 ----a-w- C:\Windows\System32\clfs.sys
      2015-03-04 04:41:27 79360 ----a-w- C:\Windows\System32\clfsw32.dll
      2015-03-04 04:10:54 58880 ----a-w- C:\Windows\SysWow64\clfsw32.dll
      2015-03-03 13:17:35 295552 ------w- C:\Windows\System32\MpSigStub.exe
      2015-02-26 03:25:44 3204096 ----a-w- C:\Windows\System32\win32k.sys
      2015-02-25 03:18:01 754688 ----a-w- C:\Windows\System32\drivers\http.sys
      2015-02-20 04:41:01 41984 ----a-w- C:\Windows\System32\lpk.dll
      2015-02-20 04:40:59 100864 ----a-w- C:\Windows\System32\fontsub.dll
      2015-02-20 04:40:56 14336 ----a-w- C:\Windows\System32\dciman32.dll
      2015-02-20 04:40:55 46080 ----a-w- C:\Windows\System32\atmlib.dll
      2015-02-20 04:13:49 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
      2015-02-20 04:13:46 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
      2015-02-20 04:13:43 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
      2015-02-20 04:12:51 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
      2015-02-20 03:29:16 372224 ----a-w- C:\Windows\System32\atmfd.dll
      2015-02-20 03:09:16 299008 ----a-w- C:\Windows\SysWow64\atmfd.dll
      .
      ============= FINISH: 14:56:18,00 ===============

      Ik merk dat 'McAfee regelmatig 'opduikt' in deze logfiles - mede gevolg van mislukte 'her-download. Kan dat eventueel een conflict veroorzaken met Bitdefender ? - hoe restanten verwijderen ? via configuratiescherm en ook in register ?

      Dank voor nazicht - Leifoet

      Comment


      • #4
        Beste Emphyrio,

        2e antwoordposting (van 3)

        4. GMER
        In plaats van deze te lange logfile uit te splitsen stuur ik ze ineens door als bijlage - is minder risicovol - mijn excuses.
        20150510_GMER_logbestand.txt

        Groeten - Leifoet

        Comment


        • #5
          Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

          Download TDSSKiller en plaats het op je bureaublad.
          .
          • Pak de bestanden in tdsskiller.zip uit.
          • Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.
          • Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit (Load update).
          • Klik op de knop "Start Scan" en volg de instructies.
          • Zet de items dat het vind in quarantaine

          .
          Als er een Reboot (herstart) wordt gevraagt, dan klik je op Reboot Now.
          Anders klik je op Report.
          Kopie en plak de logfile die tevoorschijn komt.

          Opmerking: Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt



          Extra nota... Zorg ervoor dat je Security software uitgeschakeld is tijdens het installeren en gebruik van E-Peek.

          Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

          Download setupE-Peek.exe naar je bureaublad.
          Dubbelklik erop en volg de instructies.
          Op het einde van de installatie, zal E-Peek opstarten.
          Klik op "Scan".
          Post de log.
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            Beste Emphyrio,

            M.b.t. jouw recente posting : ik ga er van uit dat Antivirus, Firewall en/of Antispywarescanner moet uitgeschakeld zijn om TDSSKiller te draaien // E-Peek : ook voor Windows 7 van toepassing of enkel voor Windows 8.x ?
            MBAM is al 2u34min aan het draaien - nog steeds C:\drive => actueel 0 geselecteerde objecten.
            Dank - Leifoet

            Comment


            • #7
              Bij gebruik van de tools, best steeds tijdelijk uitzetten.

              E-Peek is van toepassing op alle systemen vanaf Vista.

              MBAM moest je niet runnen.
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                Beste Emphyrio,

                1. TDSSKiller - logfile
                20150510_TDSS-logfile.rtf

                2. E-Peek
                Installatie onderdeel Microsoft SQL Server Compact gaat niet vooruit - statusbalkje is nog steeds leeg na 20' - lijkt mij niet pluis of duurt dat steeds zolang ?

                Ter info : MBAM scan duurde ca een (klein) etmaal en leverde 4 objecten op : 4 x pup.optional .mindspark.A - problematisch ?

                Dank - Leifoet

                Comment


                • #9
                  Beste Emphyrio,

                  Installatie E-Peek is gelukt na uitschakeling van de bestaande directory Microsoft SQL Server Compact.

                  Scanning the directory geeft evenwel vrijwel onmiddellijk volgende foutmelding (*) : unhandled exception had occured in your application ... heb op continue gedrukt - was ca 15' aan het draaien en er gebeurde niets - hoelang duurt dit scannen van het register normaal ?

                  (*) Details van de foutmelding :
                  See the end of this message for details on invoking
                  just-in-time (JIT) debugging instead of this dialog box.

                  ************** Exception Text **************
                  System.NullReferenceException: Object reference not set to an instance of an object.
                  at E_Peek.Form1.getProfileGC(String vers)
                  at E_Peek.Form1.DB()
                  at E_Peek.Form1.btnScan_Click(Object sender, EventArgs e)
                  at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
                  at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
                  at System.Windows.Forms.Control.WndProc(Message& m)
                  at System.Windows.Forms.ButtonBase.WndProc(Message& m)
                  at System.Windows.Forms.Button.WndProc(Message& m)
                  at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)


                  ************** Loaded Assemblies **************
                  mscorlib
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.18444 built by: FX451RTMGDR
                  CodeBase: file:///C:/Windows/Microsoft.NET/Framework64/v4.0.30319/mscorlib.dll
                  ----------------------------------------
                  E-Peek 1.9.9.0
                  Assembly Version: 1.9.9.0
                  Win32 Version: 1.9.9.0
                  CodeBase: file:///C:/Program%20Files%20(x86)/E%20Dev/E-Peek/E-Peek%201.9.9.0.exe
                  ----------------------------------------
                  System.Windows.Forms
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.18408 built by: FX451RTMGREL
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
                  ----------------------------------------
                  System.Drawing
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.18408 built by: FX451RTMGREL
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
                  ----------------------------------------
                  System
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.34238 built by: FX452RTMGDR
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
                  ----------------------------------------
                  EDevLib001
                  Assembly Version: 1.0.0.4
                  Win32 Version: 1.0.0.4
                  CodeBase: file:///C:/Program%20Files%20(x86)/E%20Dev/E-Peek/EDevLib001.DLL
                  ----------------------------------------
                  System.Configuration
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.18408 built by: FX451RTMGREL
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Configuration/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
                  ----------------------------------------
                  System.Xml
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.34234 built by: FX452RTMGDR
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Xml/v4.0_4.0.0.0__b77a5c561934e089/System.Xml.dll
                  ----------------------------------------
                  System.Management
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.18408 built by: FX451RTMGREL
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Management/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Management.dll
                  ----------------------------------------
                  System.Data.SqlServerCe
                  Assembly Version: 3.5.1.0
                  Win32 Version: 3.5.8080.0
                  CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Data.SqlServerCe/3.5.1.0__89845dcd8080cc91/System.Data.SqlServerCe.dll
                  ----------------------------------------
                  System.Data
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.18408 built by: FX451RTMGREL
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_64/System.Data/v4.0_4.0.0.0__b77a5c561934e089/System.Data.dll
                  ----------------------------------------
                  System.Core
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.18408 built by: FX451RTMGREL
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
                  ----------------------------------------
                  System.Transactions
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.18408 built by: FX451RTMGREL
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_64/System.Transactions/v4.0_4.0.0.0__b77a5c561934e089/System.Transactions.dll
                  ----------------------------------------
                  Newtonsoft.Json
                  Assembly Version: 6.0.0.0
                  Win32 Version: 6.0.1.17001
                  CodeBase: file:///C:/Program%20Files%20(x86)/E%20Dev/E-Peek/Newtonsoft.Json.DLL
                  ----------------------------------------
                  System.EnterpriseServices
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.18408 built by: FX451RTMGREL
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_64/System.EnterpriseServices/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.EnterpriseServices.dll
                  ----------------------------------------
                  System.Numerics
                  Assembly Version: 4.0.0.0
                  Win32 Version: 4.0.30319.18408 built by: FX451RTMGREL
                  CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Numerics/v4.0_4.0.0.0__b77a5c561934e089/System.Numerics.dll
                  ----------------------------------------

                  ************** JIT Debugging **************
                  To enable just-in-time (JIT) debugging, the .config file for this
                  application or computer (machine.config) must have the
                  jitDebugging value set in the system.windows.forms section.
                  The application must also be compiled with debugging
                  enabled.

                  For example:

                  <configuration>
                  <system.windows.forms jitDebugging="true" />
                  </configuration>

                  When JIT debugging is enabled, any unhandled exception
                  will be sent to the JIT debugger registered on the computer
                  rather than be handled by this dialog box.


                  Nieuwe poging : is nu 34 minuten bezig met 'Scanning the registry...' (of heb ik te weinig geduld ?)
                  Wat zou het probleem kunnen zijn ?
                  Dank - Leifoet

                  Comment


                  • #10
                    Verwijder de momentele E-Peek van je pc via E Dev (staat op je bureaublad) > UninstallE-Peek
                    Verwijder setupE-Peek.


                    Download AppCheck.zip naar je bureaublad.

                    Unzip het en rechtsklik op NetCheck.exe en kies "Uitvoeren als Admin...".
                    Post de log.
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Beste Emphyrio,

                      Na uitpakken en rechtsklikken op Checknet.exe (NetCheck.exe vind ik niet in die map) krijg ik 2 windows

                      Window 1Microsoft Windows NT 6.1.7601 Service Pack 1
                      You got admin rights

                      Checking Net version ... >> Net version is ok
                      Checking for SQL CE .... >> Check is ok
                      Check is ok
                      Checking for E Dev ....... >> E Dev folder does not exist. check is ok

                      All is ok. Go Ahead

                      Window 2
                      ma 11 mei 2015 18:36
                      Microsoft Windows NT 6.1.7601 Service Pack 1 User has admin rights.
                      ******************************************
                      .Net versions detection
                      ******************************************
                      v2.0.50727 2.0.50727.5420 SP2
                      v3.0 3.0.30729.5420 SP2
                      v3.5 3.5.30729.5420 SP1
                      v4
                      Client 4.5.50938
                      Full 4.5.50938
                      v4.0
                      Client 4.0.0.0
                      ******************************************
                      SQL CE Version detection
                      ******************************************
                      SQL Server CE x86 is ok

                      v3.5 = 3.5.8080.0 SP = 2
                      SQL Server CE x64 is ok

                      ******************************************
                      E Dev detection
                      ******************************************
                      E Dev folder is not present


                      Blijbaar is een folder niet aanwezig ?
                      Groeten, Leifoet

                      Comment


                      • #12
                        Het is idd CheckNet.exe

                        De log toont me dat E Dev verwijderdt (of niet aanwezig) is. Dat is goed, had ik ook gevraagd
                        (Ik had ook enkel om de log gevraagd).

                        Moet even één en ander nog onderzoeken, ik meld me terug als dit gebeurt is.
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          Spybot, Search and Destroy mag je verwijderen van je pc.
                          Deze heeft geen meerwaarde.


                          Download of Update Ccleaner

                          Start CCleaner op.
                          • Run Ccleaner en klik in de linkse kolom op Opties
                          • Selecteer het tabblad Geavanceerd
                          • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                          • Selecteer het tabblad Instellingen
                          • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                          • Klik in de linkse kolom op Cleaner.
                          • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                          • Klik vervolgens in de linkse kolom op Register
                          • Klik op Scan naar problemen.
                          • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                          • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                          .


                          Download Combofix naar je bureaublad.
                          (Dus niet naar een download map of temp map)

                          Extra nota... Zorg ervoor dat je Security software uitgeschakeld is tijdens het gebruik van Combofix.
                          Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

                          Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

                          Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                          Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                          Als Combofix vraagt om een update, dan staat je dit toe.

                          Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                          Deze kan je vinden als C:\combofix.txt.

                          Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                          * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                          • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                          • Illegal operation attempted on a registry key that has been marked for deletion.
                          Last edited by Emphyrio; 11-05-15, 19:11.
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            Beste Emphyrio,

                            1. Spybot .. verwijderd

                            2. CCleaner uitgevoerd als volgt :

                            In 'Cleaner' bepaalde items niet gewist
                            Internet Explorer : enkel gewist : tijdelijke internetbestanden en index-dat-bestanden
                            Windows verkenner : alles gewist behalve TaakbalkGa ... en Netwerkwachtwoorden
                            Systeem : 5 eerste items gewist (= Prullenbak t/m bestandsfragmenten van Checkdisk)
                            Geavanceerd : niets gewist

                            In IE bepaalde zaken niet gewist (geschiedenis / cookies ... ) - had ik destijds zo ingesteld omwille van werkbesparing (items moeten anders nadien weer samengesteld worden).
                            Indien het wissen van bepaalde zaken toch zeer belangrijk is, wil mij daarop attent maken aub

                            In Register - alles gekuist (gebruik dit overigens regelmatig)
                            Verouderde softwaresleutel McAeeRiskScan krijg ik niet weg => hoe wel ?

                            3. Combofix

                            ComboFix 15-05-09.01 - Paul 12/05/2015 15:58:41.1.4 - x64
                            Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8160.3663 [GMT 2:00]
                            Gestart vanuit: c:\users\Paul\Desktop\ComboFix.exe
                            AV: Bitdefender Antivirus Free Edition *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
                            AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
                            SP: Bitdefender Antivirus Free Edition *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
                            SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
                            SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                            .
                            ADS - Windows: deleted 192 bytes in 1 streams.
                            .
                            (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            .
                            c:\programdata\1388789552.bdinstall.bin
                            c:\programdata\1388789666.16680.bin
                            c:\programdata\1388789666.22680.bin
                            c:\programdata\1388789666.27964.bin
                            c:\programdata\1388790904.bdinstall.bin
                            c:\programdata\1388882447.bdinstall.bin
                            c:\programdata\1388882458.1128.bin
                            c:\programdata\1388882458.3272.bin
                            c:\programdata\1388882458.5056.bin
                            c:\programdata\1388882458.6172.bin
                            c:\programdata\1388883524.bdinstall.bin
                            c:\programdata\1388883562.bdinstall.bin
                            c:\programdata\1388884044.bdinstall.bin
                            c:\programdata\1388884055.bdinstall.bin
                            c:\programdata\1388912677.bdinstall.bin
                            c:\programdata\1389003581.bdinstall.bin
                            c:\programdata\1389004286.bdinstall.bin
                            c:\programdata\1392919803.bdinstall.bin
                            c:\programdata\1392919804.bdinstall.bin
                            c:\programdata\1392920917.bdinstall.bin
                            c:\programdata\1392920918.bdinstall.bin
                            c:\programdata\1392921131.bdinstall.bin
                            c:\programdata\1392921154.bdinstall.bin
                            c:\programdata\1392921177.bdinstall.bin
                            c:\programdata\1392921376.bdinstall.bin
                            c:\programdata\1392921419.bdinstall.bin
                            c:\programdata\1394208744.bdinstall.bin
                            c:\programdata\1394208746.bdinstall.bin
                            c:\programdata\1398564989.bdinstall.bin
                            c:\programdata\1398564991.bdinstall.bin
                            c:\programdata\1398565137.bdinstall.bin
                            c:\programdata\1398565230.bdinstall.bin
                            c:\programdata\1405841645.bdinstall.bin
                            c:\programdata\1405841646.bdinstall.bin
                            c:\programdata\1406164384.bdinstall.bin
                            c:\programdata\1406164386.bdinstall.bin
                            c:\programdata\1406906342.bdinstall.bin
                            c:\programdata\1406906343.bdinstall.bin
                            c:\programdata\1407030470.bdinstall.bin
                            c:\programdata\1407030472.bdinstall.bin
                            c:\users\Paul\AppData\Roaming\Microsoft\Office\unins000.exe
                            c:\users\Paul\devcon.exe
                            c:\users\Paul\Favorites\CUSTOMERS.html
                            c:\windows\msdownld.tmp
                            .
                            .
                            (((((((((((((((((((( Bestanden Gemaakt van 2015-04-12 to 2015-05-12 ))))))))))))))))))))))))))))))
                            .
                            .
                            2015-05-12 14:11 . 2015-05-12 14:11 -------- d-----w- c:\users\Default\AppData\Local\temp
                            2015-05-12 13:38 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3579C80A-5FA2-4D1C-ACE4-995B8E38A0FA}\mpengine.dll
                            2015-05-12 12:55 . 2015-05-12 12:55 202 ----a-w- c:\windows\system32\cc_20150512_145505.reg
                            2015-05-12 12:54 . 2015-05-12 12:54 202 ----a-w- c:\windows\system32\cc_20150512_145421.reg
                            2015-05-12 12:53 . 2015-05-12 12:53 300 ----a-w- c:\windows\system32\cc_20150512_145330.reg
                            2015-05-12 12:52 . 2015-05-12 12:52 82 ----a-w- c:\windows\system32\cc_20150512_145228.reg
                            2015-05-12 12:51 . 2015-05-12 12:51 4396 ----a-w- c:\windows\system32\cc_20150512_145149.reg
                            2015-05-12 12:50 . 2015-05-12 12:50 18558 ----a-w- c:\windows\system32\cc_20150512_145025.reg
                            2015-05-11 13:21 . 2015-05-11 16:26 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
                            2015-05-11 13:20 . 2015-05-11 13:20 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
                            2015-05-11 12:48 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
                            2015-05-11 08:49 . 2015-05-11 08:49 -------- d-----w- c:\users\Paul\AppData\Roaming\E Dev
                            2015-05-07 16:41 . 2015-05-07 16:41 261056 ----a-w- c:\windows\system32\drivers\avchv.sys
                            2015-05-03 13:19 . 2015-05-03 13:19 -------- d-----w- c:\program files (x86)\McAfee.com
                            2015-05-03 13:16 . 2015-05-03 13:16 -------- d-----w- c:\program files\McAfee.com
                            2015-05-03 08:25 . 2015-05-03 08:25 -------- d-----w- c:\programdata\Autodesk
                            2015-05-03 08:19 . 2015-05-03 08:19 -------- d-----w- c:\program files\Autodesk
                            2015-05-02 17:32 . 2015-05-02 17:32 -------- d-----w- c:\program files\devcon
                            2015-05-02 16:25 . 2015-05-02 16:25 -------- d-----w- c:\program files (x86)\ConEmu
                            2015-05-02 15:38 . 2015-05-02 15:38 -------- d-----w- c:\program files (x86)\NirSoft
                            2015-05-02 09:21 . 2015-05-02 09:21 -------- d-----w- C:\Nieuwe map (2)
                            2015-05-01 21:55 . 2015-05-01 21:55 -------- d-----w- c:\users\Paul\AppData\Roaming\Greenshot
                            2015-05-01 21:55 . 2015-05-01 21:55 -------- d-----w- c:\users\Paul\AppData\Local\Greenshot
                            2015-05-01 21:54 . 2015-05-01 21:54 -------- d-----w- c:\program files\Greenshot
                            2015-04-30 09:11 . 2015-05-10 07:56 -------- d-----w- c:\users\Paul\AppData\Roaming\PhotoScape
                            2015-04-30 09:11 . 2015-04-30 09:11 -------- d-----w- c:\program files (x86)\PhotoScape
                            2015-04-27 09:46 . 2015-03-26 09:06 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{01457E98-DDEA-4341-964C-9EE6CC82AE22}\gapaengine.dll
                            2015-04-15 09:12 . 2015-03-23 03:25 726528 ----a-w- c:\windows\system32\generaltel.dll
                            .
                            .
                            .
                            ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            2015-05-11 09:17 . 2014-06-18 23:18 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                            2015-04-16 08:27 . 2012-03-13 14:55 128913832 ----a-w- c:\windows\system32\MRT.exe
                            2015-04-15 14:39 . 2012-10-16 22:07 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                            2015-04-15 14:39 . 2012-03-13 15:07 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                            2015-03-26 09:06 . 2015-02-24 10:27 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
                            2015-03-16 14:55 . 2013-04-01 21:35 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
                            2015-03-16 13:55 . 2013-04-01 21:35 704136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
                            2015-03-06 05:56 . 2015-03-11 09:22 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
                            2015-03-06 05:56 . 2015-03-11 09:22 155576 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
                            2015-03-06 05:42 . 2015-03-11 09:22 210944 ----a-w- c:\windows\system32\wdigest.dll
                            2015-03-06 05:42 . 2015-03-11 09:22 86528 ----a-w- c:\windows\system32\TSpkg.dll
                            2015-03-06 05:42 . 2015-03-11 09:22 29184 ----a-w- c:\windows\system32\sspisrv.dll
                            2015-03-06 05:42 . 2015-03-11 09:22 136192 ----a-w- c:\windows\system32\sspicli.dll
                            2015-03-06 05:42 . 2015-03-11 09:22 341504 ----a-w- c:\windows\system32\schannel.dll
                            2015-03-06 05:42 . 2015-03-11 09:22 28160 ----a-w- c:\windows\system32\secur32.dll
                            2015-03-06 05:42 . 2015-03-11 09:22 314880 ----a-w- c:\windows\system32\msv1_0.dll
                            2015-03-06 05:42 . 2015-03-11 09:22 309760 ----a-w- c:\windows\system32\ncrypt.dll
                            2015-03-06 05:42 . 2015-03-11 09:22 728064 ----a-w- c:\windows\system32\kerberos.dll
                            2015-03-06 05:42 . 2015-03-11 09:22 1461760 ----a-w- c:\windows\system32\lsasrv.dll
                            2015-03-06 05:42 . 2015-03-11 09:22 22016 ----a-w- c:\windows\system32\credssp.dll
                            2015-03-06 05:41 . 2015-03-11 09:22 31232 ----a-w- c:\windows\system32\lsass.exe
                            2015-03-06 05:41 . 2015-03-11 09:22 64000 ----a-w- c:\windows\system32\auditpol.exe
                            2015-03-06 05:39 . 2015-03-11 09:22 60416 ----a-w- c:\windows\system32\msobjs.dll
                            2015-03-06 05:38 . 2015-03-11 09:22 146432 ----a-w- c:\windows\system32\msaudite.dll
                            2015-03-06 05:36 . 2015-03-11 09:22 686080 ----a-w- c:\windows\system32\adtschema.dll
                            2015-03-06 05:10 . 2015-03-11 09:22 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
                            2015-03-06 05:10 . 2015-03-11 09:22 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
                            2015-03-06 05:10 . 2015-03-11 09:22 248832 ----a-w- c:\windows\SysWow64\schannel.dll
                            2015-03-06 05:10 . 2015-03-11 09:22 22016 ----a-w- c:\windows\SysWow64\secur32.dll
                            2015-03-06 05:10 . 2015-03-11 09:22 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
                            2015-03-06 05:10 . 2015-03-11 09:22 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
                            2015-03-06 05:10 . 2015-03-11 09:22 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
                            2015-03-06 05:10 . 2015-03-11 09:22 17408 ----a-w- c:\windows\SysWow64\credssp.dll
                            2015-03-06 05:09 . 2015-03-11 09:22 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
                            2015-03-06 05:09 . 2015-03-11 09:22 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
                            2015-03-06 05:07 . 2015-03-11 09:22 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
                            2015-03-06 05:07 . 2015-03-11 09:22 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
                            2015-03-06 05:06 . 2015-03-11 09:22 686080 ----a-w- c:\windows\SysWow64\adtschema.dll
                            2015-03-03 13:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
                            2015-02-26 03:25 . 2015-03-11 09:21 3204096 ----a-w- c:\windows\system32\win32k.sys
                            2015-02-20 04:41 . 2015-03-11 09:25 41984 ----a-w- c:\windows\system32\lpk.dll
                            2015-02-20 04:40 . 2015-03-11 09:25 100864 ----a-w- c:\windows\system32\fontsub.dll
                            2015-02-20 04:40 . 2015-03-11 09:25 14336 ----a-w- c:\windows\system32\dciman32.dll
                            2015-02-20 04:40 . 2015-03-11 09:25 46080 ----a-w- c:\windows\system32\atmlib.dll
                            2015-02-20 04:13 . 2015-03-11 09:25 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
                            2015-02-20 04:13 . 2015-03-11 09:25 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
                            2015-02-20 04:13 . 2015-03-11 09:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
                            2015-02-20 04:12 . 2015-03-11 09:25 25600 ----a-w- c:\windows\SysWow64\lpk.dll
                            2015-02-20 03:29 . 2015-03-11 09:25 372224 ----a-w- c:\windows\system32\atmfd.dll
                            2015-02-20 03:09 . 2015-03-11 09:25 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
                            2015-02-17 15:04 . 2015-02-17 15:04 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
                            2015-02-17 14:19 . 2015-02-17 14:19 1614496 ----a-w- c:\windows\system32\FM20.DLL
                            2015-02-17 12:39 . 2015-02-17 12:39 101872 ----a-w- c:\windows\system32\drivers\mfedisk.sys
                            2015-02-17 12:38 . 2015-02-17 12:38 401736 ----a-w- c:\windows\system32\drivers\mfeaack.sys
                            2015-02-17 12:38 . 2013-11-04 15:51 68784 ----a-w- c:\windows\system32\drivers\cfwids.sys
                            2015-02-17 12:36 . 2015-02-17 12:36 340448 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
                            2015-02-17 12:36 . 2013-12-13 03:12 250672 ----a-w- c:\windows\system32\mfevtps.exe
                            2015-02-17 12:34 . 2013-09-24 19:22 864072 ----a-w- c:\windows\system32\drivers\mfehidk.sys
                            2015-02-17 12:33 . 2013-11-04 15:41 488000 ----a-w- c:\windows\system32\drivers\mfefirek.sys
                            2015-02-17 12:33 . 2013-11-04 15:40 337888 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
                            2015-02-13 05:22 . 2015-03-11 09:22 14177280 ----a-w- c:\windows\system32\shell32.dll
                            .
                            .
                            ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            .
                            *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                            REGEDIT4
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt1"]
                            @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 152544 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt2"]
                            @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 152544 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt3"]
                            @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 152544 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt4"]
                            @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 152544 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt5"]
                            @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 152544 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt6"]
                            @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 152544 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt7"]
                            @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 152544 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\"DropboxExt8"]
                            @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 152544 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
                            .
                            [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                            "OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2014-10-14 911032]
                            "HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2012-12-19 393216]
                            "Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
                            "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-04-23 8204056]
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                            "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
                            "mcpltui_exe"="c:\program files\Common~1\McAfee\Platform\mcuicnt.exe" [2015-02-11 718248]
                            .
                            c:\users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                            Dropbox.lnk - c:\users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 43374104]
                            OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 246472]
                            .
                            c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
                            HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                            "ConsentPromptBehaviorAdmin"= 5 (0x5)
                            "ConsentPromptBehaviorUser"= 3 (0x3)
                            "EnableUIADesktopToggle"= 0 (0x0)
                            "EnableLinkedConnections"= 1 (0x1)
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
                            "LoadAppInit_DLLs"=1 (0x1)
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
                            @=""
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
                            @=""
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
                            @="Service"
                            .
                            2;2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
                            R1 azscrhra;azscrhra;c:\windows\system32\drivers\azscrhra.sys;c:\windows\SYSNATIVE\drivers\azscrhra.sys [x]
                            R1 elsipdeo;elsipdeo;c:\windows\system32\drivers\elsipdeo.sys;c:\windows\SYSNATIVE\drivers\elsipdeo.sys [x]
                            R1 fnialbwj;fnialbwj;c:\windows\system32\drivers\fnialbwj.sys;c:\windows\SYSNATIVE\drivers\fnialbwj.sys [x]
                            R1 ftqbilrn;ftqbilrn;c:\windows\system32\drivers\ftqbilrn.sys;c:\windows\SYSNATIVE\drivers\ftqbilrn.sys [x]
                            R1 hlrewoem;hlrewoem;c:\windows\system32\drivers\hlrewoem.sys;c:\windows\SYSNATIVE\drivers\hlrewoem.sys [x]
                            R1 hwjbvbey;hwjbvbey;c:\windows\system32\drivers\hwjbvbey.sys;c:\windows\SYSNATIVE\drivers\hwjbvbey.sys [x]
                            R1 hynginti;hynginti;c:\windows\system32\drivers\hynginti.sys;c:\windows\SYSNATIVE\drivers\hynginti.sys [x]
                            R1 ifrdlsks;ifrdlsks;c:\windows\system32\drivers\ifrdlsks.sys;c:\windows\SYSNATIVE\drivers\ifrdlsks.sys [x]
                            R1 ijfgtzjh;ijfgtzjh;c:\windows\system32\drivers\ijfgtzjh.sys;c:\windows\SYSNATIVE\drivers\ijfgtzjh.sys [x]
                            R1 iwcyfsrf;iwcyfsrf;c:\windows\system32\drivers\iwcyfsrf.sys;c:\windows\SYSNATIVE\drivers\iwcyfsrf.sys [x]
                            R1 khcvfygi;khcvfygi;c:\windows\system32\drivers\khcvfygi.sys;c:\windows\SYSNATIVE\drivers\khcvfygi.sys [x]
                            R1 ofirmpxl;ofirmpxl;c:\windows\system32\drivers\ofirmpxl.sys;c:\windows\SYSNATIVE\drivers\ofirmpxl.sys [x]
                            R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                            R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
                            R3 2310_00;2310_00;c:\windows\system32\drivers\2310_00.sys;c:\windows\SYSNATIVE\drivers\2310_00.sys [x]
                            R3 ahcix64;ahcix64;c:\windows\system32\drivers\ahcix64.sys;c:\windows\SYSNATIVE\drivers\ahcix64.sys [x]
                            R3 ahcix64s;ahcix64s;c:\windows\system32\drivers\ahcix64s.sys;c:\windows\SYSNATIVE\drivers\ahcix64s.sys [x]
                            R3 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
                            R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
                            R3 arcm_a64;arcm_a64;c:\windows\system32\drivers\arcm_a64.sys;c:\windows\SYSNATIVE\drivers\arcm_a64.sys [x]
                            R3 asahci64;asahci64;c:\windows\system32\drivers\asahci64.sys;c:\windows\SYSNATIVE\drivers\asahci64.sys [x]
                            R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
                            R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
                            R3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiaga.sys;c:\windows\SYSNATIVE\drivers\bxdiaga.sys [x]
                            R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
                            R3 BFN7x64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x64.sys;c:\windows\SYSNATIVE\drivers\Xeno7x64.sys [x]
                            R3 BFNVis64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\XenoVa64.sys;c:\windows\SYSNATIVE\drivers\XenoVa64.sys [x]
                            R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
                            R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
                            R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
                            R3 BXOIS;BXOIS;c:\windows\system32\drivers\bxois.sys;c:\windows\SYSNATIVE\drivers\bxois.sys [x]
                            R3 cbaf;UWB Cable Based Association Framework Driver;c:\windows\System32\Drivers\cbaf.sys;c:\windows\SYSNATIVE\Drivers\cbaf.sys [x]
                            R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
                            R3 DC133;DC133;c:\windows\system32\drivers\DC133.sys;c:\windows\SYSNATIVE\drivers\DC133.sys [x]
                            R3 DC150;DC150;c:\windows\system32\drivers\DC150.sys;c:\windows\SYSNATIVE\drivers\DC150.sys [x]
                            R3 DC154;DC154;c:\windows\system32\drivers\DC154.sys;c:\windows\SYSNATIVE\drivers\DC154.sys [x]
                            R3 DC300e;DC300e;c:\windows\system32\drivers\DC300e.sys;c:\windows\SYSNATIVE\drivers\DC300e.sys [x]
                            R3 DC4300;DC4300;c:\windows\system32\drivers\DC4300.sys;c:\windows\SYSNATIVE\drivers\DC4300.sys [x]
                            R3 DC600e;DC600e;c:\windows\system32\drivers\DC600e.sys;c:\windows\SYSNATIVE\drivers\DC600e.sys [x]
                            R3 dfuuwb;Intel Wireless UWB Link 1480M Device Firmware Utility;c:\windows\System32\Drivers\DfuUWB.sys;c:\windows\SYSNATIVE\Drivers\DfuUWB.sys [x]
                            R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys;c:\windows\SYSNATIVE\drivers\enecir.sys [x]
                            R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\drivers\enecirhid.sys;c:\windows\SYSNATIVE\drivers\enecirhid.sys [x]
                            R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\drivers\enecirhidma.sys;c:\windows\SYSNATIVE\drivers\enecirhidma.sys [x]
                            R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
                            R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
                            R3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
                            R3 hptiop;hptiop;c:\windows\system32\drivers\hptiop.sys;c:\windows\SYSNATIVE\drivers\hptiop.sys [x]
                            R3 hptmv;hptmv;c:\windows\system32\drivers\hptmv.sys;c:\windows\SYSNATIVE\drivers\hptmv.sys [x]
                            R3 hptmv6;hptmv6;c:\windows\system32\drivers\hptmv6.sys;c:\windows\SYSNATIVE\drivers\hptmv6.sys [x]
                            R3 HWA;Intel(R) Wireless USB Host Adapter;c:\windows\System32\Drivers\HWA.sys;c:\windows\SYSNATIVE\Drivers\HWA.sys [x]
                            R3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTVE.sys;c:\windows\SYSNATIVE\drivers\IAMTVE.sys [x]
                            R3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;c:\windows\system32\drivers\IAMTXPE.sys;c:\windows\SYSNATIVE\drivers\IAMTXPE.sys [x]
                            R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
                            R3 IFCoEMP;IFCoEMP;c:\windows\system32\drivers\ifM60x64.sys;c:\windows\SYSNATIVE\drivers\ifM60x64.sys [x]
                            R3 IFCoEVB;IFCoEVB;c:\windows\system32\drivers\ifP60X64.sys;c:\windows\SYSNATIVE\drivers\ifP60X64.sys [x]
                            R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
                            R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys;c:\windows\SYSNATIVE\Drivers\qd162x64.sys [x]
                            R3 ioatdma2;Intel(R) QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys;c:\windows\SYSNATIVE\Drivers\qd262x64.sys [x]
                            R3 johci;JMicron 1394 Filter Driver;c:\windows\system32\drivers\johci.sys;c:\windows\SYSNATIVE\drivers\johci.sys [x]
                            R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
                            R3 LVUVC64;Logitech Webcam 200(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
                            R3 MegaSR1;MegaSR1;c:\windows\system32\drivers\MegaSR1.sys;c:\windows\SYSNATIVE\drivers\MegaSR1.sys [x]
                            R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
                            R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
                            R3 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys;c:\windows\SYSNATIVE\drivers\mv61xx.sys [x]
                            R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
                            R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
                            R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
                            R3 nvamacpi;nvamacpi;c:\windows\system32\drivers\NVAMACPI.sys;c:\windows\SYSNATIVE\drivers\NVAMACPI.sys [x]
                            R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2mdx64.sys;c:\windows\SYSNATIVE\drivers\o2mdx64.sys [x]
                            R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sdx64.sys;c:\windows\SYSNATIVE\drivers\o2sdx64.sys [x]
                            R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
                            R3 Pnp680;Pnp680;c:\windows\system32\drivers\pnp680.sys;c:\windows\SYSNATIVE\drivers\pnp680.sys [x]
                            R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
                            R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
                            R3 qcusbser;ACER Android USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbser.sys;c:\windows\SYSNATIVE\DRIVERS\qcusbser.sys [x]
                            S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
                            S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
                            S0 DC324e;DC324e;c:\windows\system32\drivers\DC324e.sys;c:\windows\SYSNATIVE\drivers\DC324e.sys [x]
                            S0 DC3410;DC3410;c:\windows\system32\drivers\DC3410.sys;c:\windows\SYSNATIVE\drivers\DC3410.sys [x]
                            S0 mfedisk;McAfee AAC Disk Filter Driver;c:\windows\system32\DRIVERS\mfedisk.sys;c:\windows\SYSNATIVE\DRIVERS\mfedisk.sys [x]
                            S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
                            S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\drivers\mv91cons.sys;c:\windows\SYSNATIVE\drivers\mv91cons.sys [x]
                            S0 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys;c:\windows\SYSNATIVE\drivers\mv91xx.sys [x]
                            S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
                            S1 bdfwfpf;bdfwfpf;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys;c:\program files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [x]
                            S1 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
                            S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO64\HWiNFO64A.SYS;c:\program files\HWiNFO64\HWiNFO64A.SYS [x]
                            S2 AcerSyncSystemService;AcerSyncSystemService;c:\program files\Acer\AcerSync\AcerSyncSystemService.exe;c:\program files\Acer\AcerSync\AcerSyncSystemService.exe [x]
                            S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
                            S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
                            S2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe;c:\program files\Bitdefender\Antivirus Free Edition\gzserv.exe [x]
                            S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
                            S2 MakerBot Conveyor Service;MakerBot Conveyor Service;c:\program files\MakerBot\MakerWare\conveyor-svc.exe;c:\program files\MakerBot\MakerWare\conveyor-svc.exe [x]
                            S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
                            S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
                            S2 mfemms;McAfee Service Controller;c:\program files\Common Files\McAfee\SystemCore\\mfemms.exe;c:\program files\Common Files\McAfee\SystemCore\\mfemms.exe [x]
                            S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
                            S2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe;c:\program files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [x]
                            S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
                            S2 PasswordBox;PasswordBox;c:\program files (x86)\PasswordBox\pbbtnService.exe;c:\program files (x86)\PasswordBox\pbbtnService.exe [x]
                            S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
                            S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys;c:\windows\SYSNATIVE\DRIVERS\a38usb.sys [x]
                            S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
                            S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
                            S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
                            S3 mfeaack;McAfee Inc. mfeaack;c:\windows\system32\drivers\mfeaack.sys;c:\windows\SYSNATIVE\drivers\mfeaack.sys [x]
                            S3 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
                            S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
                            S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
                            S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
                            S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
                            .
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
                            hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
                            2013-01-16 10:46 454176 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                            2015-04-28 22:32 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
                            .
                            Inhoud van de 'Gedeelde Taken' map
                            .
                            2015-05-12 c:\windows\Tasks\Adobe Flash Player Updater.job
                            - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-16 14:39]
                            .
                            2015-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                            - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-29 08:16]
                            .
                            2015-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                            - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-29 08:16]
                            .
                            .
                            --------- X64 Entries -----------
                            .
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt1"]
                            @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 185824 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt2"]
                            @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 185824 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt3"]
                            @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 185824 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt4"]
                            @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 185824 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt5"]
                            @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 185824 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt6"]
                            @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 185824 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt7"]
                            @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 185824 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"D ropboxExt8"]
                            @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
                            2015-02-11 01:12 185824 ----a-w- c:\users\Paul\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                            "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-06-27 7191768]
                            "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
                            "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
                            "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
                            "Greenshot"="c:\program files\Greenshot\Greenshot.exe" [2015-04-19 540672]
                            .
                            ------- Bijkomende Scan -------
                            .
                            uLocal Page = c:\windows\system32\blank.htm
                            uStart Page = hxxp://www.standaard.be/
                            mLocal Page = c:\windows\SysWOW64\blank.htm
                            IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
                            IE: Klant openen op monitor &1 - c:\windows\web\AOpenClient.htm
                            IE: Klant openen op monitor &2 - c:\windows\web\AOpenClient.htm
                            Trusted Zone: fgov.be\ccff02.minfin
                            Trusted Zone: microsoft.com\oas.support
                            Trusted Zone: microsoft.com\support
                            TCP: DhcpNameServer = 192.168.1.1
                            .
                            .
                            ------- Bestandsassociaties -------
                            .
                            inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
                            txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
                            .
                            - - - - ORPHANS VERWIJDERD - - - -
                            .
                            Toolbar-10 - (no file)
                            Wow6432Node-HKLM-Run-<NO NAME> - (no file)
                            HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
                            Toolbar-10 - (no file)
                            AddRemove-{605540BB-36B3-49F0-96D8-B760CBD6E0E8}_is1 - c:\users\Paul\AppData\Roaming\Microsoft\Office\unins000.exe
                            .
                            .
                            .
                            --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                            .
                            [HKEY_USERS\S-1-5-21-466036565-2607195388-149588532-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
                            @Denied: (2) (S-1-5-21-466036565-2607195388-149588532-1000)
                            @Denied: (2) (LocalSystem)
                            "Progid"="Outlook.File.eml.14"
                            .
                            [HKEY_USERS\S-1-5-21-466036565-2607195388-149588532-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
                            @Denied: (2) (S-1-5-21-466036565-2607195388-149588532-1000)
                            @Denied: (2) (LocalSystem)
                            "Progid"="Outlook.File.vcf.14"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
                            @Denied: (A 2) (Everyone)
                            @="FlashBroker"
                            "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
                            "Enabled"=dword:00000001
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
                            @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
                            @Denied: (A 2) (Everyone)
                            @="IFlashBroker6"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
                            @="{00020424-0000-0000-C000-000000000046}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            "Version"="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
                            @Denied: (A 2) (Everyone)
                            @="FlashBroker"
                            "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
                            "Enabled"=dword:00000001
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                            @Denied: (A 2) (Everyone)
                            @="Shockwave Flash Object"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
                            "ThreadingModel"="Apartment"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                            @="0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                            @="ShockwaveFlash.ShockwaveFlash.17"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                            @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                            @="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                            @="ShockwaveFlash.ShockwaveFlash"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                            @Denied: (A 2) (Everyone)
                            @="Macromedia Flash Factory Object"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
                            "ThreadingModel"="Apartment"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                            @="FlashFactory.FlashFactory.1"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                            @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                            @="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                            @="FlashFactory.FlashFactory"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
                            @Denied: (A 2) (Everyone)
                            @="IFlashBroker6"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
                            @="{00020424-0000-0000-C000-000000000046}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            "Version"="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\McAfee]
                            "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
                            00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
                            @Denied: (Full) (Everyone)
                            .
                            Voltooingstijd: 2015-05-12 16:17:57
                            ComboFix-quarantined-files.txt 2015-05-12 14:17
                            .
                            Pre-Run: 437.421.633.536 bytes beschikbaar
                            Post-Run: 436.414.668.800 bytes beschikbaar
                            .
                            - - End Of File - - AB7638A1DBB6501A663B368BA5AC830B
                            A36C5E4F47E84449FF07ED3517B43A31



                            Logfile

                            4. DDS-logfile
                            201501512_DDS.txt

                            5. Bedenkingen / vragen
                            - hoe krijg ik de restanten van McAfee volledig weg => lukt niet via verwijderen in configuratiescherm
                            - ter info voor zover belangrijk in deze context : bitdefender is mijns inziens zeer actief (niet nieuw - was reeds een tijdje voor het begin van deze 'opkuisoperatie') o.a. bij de opstart van de PC - wel 3 of 4 keer verschijnt een boodschap dat er ingegrepen is, eventueel met 'restart required' - Security Essentials komt zich dan ook nog 'in dit debat mengen' ... (er zijn toch geen virussen e/o ander tuig meer aanwezig ... ?) - tenzij ik mij vergis heb ik de indruk dat dit telkens ook 'vertraging' veroorzaakt bij opstart van progs - Kan uiteraard ook maar een indruk zijn ... ?

                            Dank - Leifoet
                            Last edited by Emphyrio; 12-05-15, 16:25.

                            Comment


                            • #15
                              Je kan Ccleaner zo instellen dat je bepaalde items (cookies) kan "excluden" bespaart je werk.
                              De meeste cookies zijn niet nodig (tenzij aanmeldingen).

                              Doe het volgende:

                              Start Ccleaner > Opties > Cookies.

                              In dit scherm, zie je links de cookies die op het moment aanwezig zijn en worden klaargezet om te verwijderen.
                              Indien je nu een bepaald cookie NIET wil verwijderen, dan selecteer je deze en klik je op de pijl "->".
                              Deze cookie zal in het rechtse scherm getoond worden en vanaf nu niet worden verwijderdt.

                              Om bepaalde bestanden (tools) uit te sluiten doe je dit:

                              Opties > Uitsluiten > Toevoegen


                              Hier kan je aangeven wat je wil uitsluiten (excluden).

                              Als je dat hebt gedaan, laat dan Ccleaner runnen volgens de eerder aangegeven procedure.
                              Op die manier kunnen we het één en ander reeds opruimen


                              De restanten van McAfee gaan we terzijne tijd aanpakken. Alles ineens zou te verwarrend kunnen werken

                              Dat BitDefender actief is bij het opstarten is normaal (is ook zijn taak).
                              Of dit gewenst is, gaan we later na de "opkuis" bekijken.


                              Ik heb ook een paar vragen, kan je dit identificiëren:
                              .
                              • MakerBot
                              • c:\windows\system32\cc_20150512_145505.reg
                              • c:\windows\system32\cc_20150512_145421.reg
                              • c:\windows\system32\cc_20150512_145330.reg
                              • c:\windows\system32\cc_20150512_145228.reg
                              • c:\windows\system32\cc_20150512_145149.reg
                              • c:\windows\system32\cc_20150512_145025.reg

                              .



                              COMBOFIX:

                              Schakel je beveiligingssoftware uit.

                              Note: Dit script is speciaal bedoeld voor deze PC,
                              gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.


                              Open een kladblokbestand.
                              Kopieer het onderstaande en plak dit in het kladblokbestand.
                              Sla het kladblokbestand op als CFScript.txt
                              Code:
                              KillAll::
                              ClearJavaCache::
                              AtJob::
                              DirLook::
                              C:\Users\Paul\AppData\Local\Google\Chrome\User Data
                              File::
                              c:\windows\system32\DRIVERS\mfedisk.sys
                              c:\windows\system32\drivers\mfewfpk.sys
                              c:\windows\system32\mfevtps.exe
                              c:\windows\system32\drivers\mfefirek.sys
                              c:\windows\system32\DRIVERS\mfencbdc.sys
                              Folder::
                              c:\program files (x86)\McAfee.com
                              c:\program files\McAfee
                              c:\program files\Common~1\McAfee
                              Driver::
                              mfedisk
                              mfewfpk
                              HomeNetSvc
                              McAPExe
                              mcpltsvc
                              mfemms
                              mfeaack
                              mfefire
                              mfefirek
                              mfencbdc
                              Registry::
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                              "mcpltui_exe"=-
                              Sleep nu het bestand CFScript.txt in het bestand ComboFix.exe



                              ComboFix zal opnieuw starten.
                              Als Combofix vraagt om een update, dan staat je dit toe.

                              Wanneer ComboFix klaar is, dit kan na een herstart zijn, opent er een logfile. Post de inhoud van de logfile.

                              Maak een nieuwe DDS log en post deze ook.
                              Last edited by Emphyrio; 13-05-15, 01:44.
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X