Mededeling

Collapse
No announcement yet.

Trage PC

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Trage PC

    Graag hulp bij de zeer trage PC (opstarten = 1 uur) van mijn ma.

    Malwarebytes

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 3/10/2015
    Scantijd: 9:39
    Logboekbestand:
    Beheerder: Ja

    Versie: 2.1.8.1057
    Malware-database: v2015.10.02.08
    Rootkit-database: v2015.10.02.01
    Licentie: Gratis
    Malware-bescherming: Uitgeschakeld
    Bescherming tegen kwaadaardige websites: Uitgeschakeld
    Zelfbescherming: Uitgeschakeld

    Besturingssysteem: Windows 8.1
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Anita

    Scantype: Aangepaste scan
    Resultaat: Voltooid
    Objecten gescand: 577508
    Verstreken tijd: 1 u., 10 min, 27 sec

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Ingeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 1
    RiskWare.Tool.CK, C:\Windows\KMService.exe, 1608, Verwijder-bij-herstart, [63cd3f134348989e50d0fd27f30f4ab6]

    Modules: 0
    (Geen kwaadaardige items gedetecteerd)

    Registersleutels: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerwaarden: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerdata: 0
    (Geen kwaadaardige items gedetecteerd)

    Mappen: 0
    (Geen kwaadaardige items gedetecteerd)

    Bestanden: 5
    RiskWare.Tool.CK, C:\Windows\KMService.exe, Verwijder-bij-herstart, [63cd3f134348989e50d0fd27f30f4ab6],
    PUP.Optional.Somoto, C:\Users\Anita\AppData\Local\TempDIR\BetterInstaller.exe, In quarantaine, [032dfe542f5c72c44608d6ec28d939c7],
    PUP.Optional.Somoto, C:\Users\Anita\Downloads\Install-Chess-Free.exe, In quarantaine, [8ea2b39f04873df981ce1ea4b1506898],
    RiskWare.Keygen, C:\Windows\AutoKMS.exe, In quarantaine, [b977510192f9c472bc28d3daa45d9a66],
    RiskWare.Tool.CK, C:\Windows\KMSEmulator.exe, In quarantaine, [61cf73df3d4e4cea36f780bff909d62a],

    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)


    (end)

    AdwCleaner

    # AdwCleaner v5.009 - Logbestand aangemaakt 03/10/2015 op 11:37:06
    # Laatste update 27/09/2015 door Xplode
    # Database : 2015-09-30.1 [Server]
    # Besturingssysteem : Windows 8.1 (x64)
    # Gebruikersnaam : Anita - THUIS
    # Gestart vanuit : C:\Users\Anita\Downloads\adwcleaner_5.009.exe
    # Optie : Scannen
    # Ondersteuning : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Mappen ] *****


    ***** [ Bestanden ] *****


    ***** [ Snelkoppelingen ] *****


    ***** [ geplande taken ] *****


    ***** [ Register ] *****


    ***** [ Internetbrowsers ] *****


    ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [581 bytes] ##########

    E-Peek

    E-Peek v 1.9.9.0 ENHANCED 4 © Emphyrio/Onsia Patrick 2013-2015
    E Dev
    Run at za 3 okt 2015 11:35
    .
    Windows 8.1 (64 bits)
    C:\WINDOWS [NTFS - Fixed]
    Default Browser: Google Chrome
    Boot mode: Normal boot
    User logged in: Anita
    .
    Java x86: n/a
    Java x64: n/a
    .
    AV : Windows Defender [Updated - Not Running]
    AV : avast! Antivirus [Updated - Running]
    AS : Windows Defender [Updated - Not Running]
    AS : avast! Antivirus [Updated - Running]
    FW : Windows firewall
    .
    ==================== Files and Folders history =================================

    Folders Created Last 7 days :

    03/10/2015 ##### r-h-s-d+a- C:\Users\Anita\AppData\Roaming\E Dev
    03/10/2015 ##### r-h-s-d+a- C:\Users\Anita\AppData\Local\Programs
    03/10/2015 ##### r-h-s-d+a- C:\ProgramData\Malwarebytes
    03/10/2015 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware
    03/10/2015 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev
    03/10/2015 ##### r-h-s-d+a- C:\AdwCleaner

    Files Modified Last 7 days :

    03/10/2015 01826596 r-h-s-d-a+ C:\WINDOWS\system32\PerfStringBackup.INI
    03/10/2015 00806500 r-h-s-d-a+ C:\WINDOWS\system32\perfh013.dat
    03/10/2015 00723316 r-h-s-d-a+ C:\WINDOWS\system32\perfh009.dat
    03/10/2015 00162500 r-h-s-d-a+ C:\WINDOWS\system32\perfc013.dat
    03/10/2015 00135930 r-h-s-d-a+ C:\WINDOWS\system32\perfc009.dat
    03/10/2015 00000018 r-h-s-d-a+ C:\WINDOWS\SysWOW64\log.txt

    Files Created Last 7 days :


    ==================== RUNNING PROCESSES =========================================

    [armsvc] -SYSTEM- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated)
    [audiodg] -LOCAL SERVICE- C:\Windows\System32\audiodg.exe - (audiodg.exe)
    [AvastSvc] -SYSTEM- C:\Program Files\AVAST Software\Avast\AvastSvc.exe - (Avast Software s.r.o.)
    [avastui] -Anita- C:\Program Files\AVAST Software\Avast\avastui.exe - (Avast Software s.r.o.)
    [CCleaner64] -Anita- C:\Program Files\CCleaner\CCleaner64.exe - (Piriform Ltd)
    [chrome] -Anita- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
    [chrome] -Anita- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
    [chrome] -Anita- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
    [ClassicStartMenu] -Anita- C:\Program Files\Classic Shell\ClassicStartMenu.exe - (IvoSoft)
    [CLMLSvc_P2G8] -Anita- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe - (CyberLink)
    [CLMSMonitorService] -SYSTEM- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe - (CyberLink)
    [CLMSServer] -SYSTEM- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe - (CyberLink)
    [conhost] -SYSTEM- C:\WINDOWS\system32\conhost.exe - (Microsoft Corporation)
    [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
    [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
    [dwm] -DWM-1- C:\WINDOWS\system32\dwm.exe - (Microsoft Corporation)
    [E-Peek 1.9.9.0] -Anita- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.9.9.0.exe - (E Dev)
    [explorer] -Anita- C:\WINDOWS\Explorer.EXE - (Microsoft Corporation)
    [GWX] -Anita- C:\WINDOWS\system32\GWX\GWX.exe - (Microsoft Corporation)
    [HeciServer] -SYSTEM- C:\Program Files\Intel\iCLS Client\HeciServer.exe - (Intel(R) Corporation)
    [hkcmd] -Anita- C:\Windows\System32\hkcmd.exe - (Intel Corporation)
    [IAStorDataMgrSvc] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe - (Intel Corporation)
    [IAStorIcon] -Anita- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe - (Intel Corporation)
    [igfxpers] -Anita- C:\Windows\System32\igfxpers.exe - (Intel Corporation)
    [igfxtray] -Anita- C:\Windows\System32\igfxtray.exe - (Intel Corporation)
    [Jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe - (Intel Corporation)
    [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation)
    [lsass] -SYSTEM- C:\WINDOWS\system32\lsass.exe - (Microsoft Corporation)
    [mbam] -Anita- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe - (Malwarebytes Corporation)
    [msiexec] -SYSTEM- C:\WINDOWS\system32\msiexec.exe - (Microsoft Corporation)
    [notepad] -Anita- C:\WINDOWS\system32\NOTEPAD.EXE - (Microsoft Corporation)
    [PDVD10Serv] -Anita- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe - (CyberLink Corp.)
    [RAVCpl64] -Anita- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor)
    [SearchFilterHost] -SYSTEM- C:\WINDOWS\system32\SearchFilterHost.exe - (Microsoft Corporation)
    [SearchIndexer] -SYSTEM- C:\WINDOWS\system32\SearchIndexer.exe - (Microsoft Corporation)
    [SearchProtocolHost] -SYSTEM- C:\WINDOWS\system32\SearchProtocolHost.exe - (Microsoft Corporation)
    [services] -SYSTEM- C:\Windows\System32\services.exe - (services.exe)
    [smss] -SYSTEM- C:\Windows\System32\smss.exe - (smss.exe)
    [spoolsv] -SYSTEM- C:\WINDOWS\System32\spoolsv.exe - (Microsoft Corporation)
    [SrTasks] -SYSTEM- C:\WINDOWS\system32\srtasks.exe - (Microsoft Corporation)
    [System] -N/A- - (System)
    [taskeng] -SYSTEM- C:\WINDOWS\system32\taskeng.exe - (Microsoft Corporation)
    [taskhostex] -Anita- C:\WINDOWS\system32\taskhostex.exe - (Microsoft Corporation)
    [TiWorker] -SYSTEM- C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe - (Microsoft Corporation)
    [TrustedInstaller] -SYSTEM- C:\WINDOWS\servicing\TrustedInstaller.exe - (Microsoft Corporation)
    [UNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe - (Intel Corporation)
    [unsecapp] -Anita- C:\WINDOWS\system32\wbem\unsecapp.exe - (Microsoft Corporation)
    [VSSVC] -SYSTEM- C:\WINDOWS\system32\vssvc.exe - (Microsoft Corporation)
    [WG111v3] -Anita- C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe - ()
    [wininit] -SYSTEM- C:\WINDOWS\system32\wininit.exe - (Microsoft Corporation)
    [winlogon] -SYSTEM- C:\WINDOWS\system32\winlogon.exe - (Microsoft Corporation)
    [WmiPrvSE] -NETWORK SERVICE- C:\WINDOWS\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
    [WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation)

    ==================== IE PAGES ==================================================

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main
    Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    Local Page = C:\Windows\SysWOW64\blank.htm
    Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes
    DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    DisplayName = @ieframe.dll,-12512
    URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    DisplayName = Google
    URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar
    {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    => HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\InProcServer32 DefaultC:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    {553891B7-A0D5-4526-BE18-D3CE461D6310}
    => HKCR\CLSID\{553891B7-A0D5-4526-BE18-D3CE461D6310}\InProcServer32 DefaultC:\Program Files\Classic Shell\ClassicExplorer32.dll

    ==================== IE PAGES x64 ==============================================

    HKLM\Software\Microsoft\Internet Explorer\Main
    Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    Local Page = C:\Windows\System32\blank.htm
    Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

    HKLM\Software\Microsoft\Internet Explorer\SearchScopes
    DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

    HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    DisplayName = @ieframe.dll,-12512
    URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    DisplayName = Google
    URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7

    HKLM\Software\Microsoft\Internet Explorer\Toolbar
    {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    => HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\InProcServer32 DefaultC:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    {553891B7-A0D5-4526-BE18-D3CE461D6310}
    => HKCR\CLSID\{553891B7-A0D5-4526-BE18-D3CE461D6310}\InProcServer32 DefaultC:\Program Files\Classic Shell\ClassicExplorer32.dll

    ==================== Auto Load =================================================

    HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon
    Userinit = userinit.exe,
    Shell = explorer.exe

    ==================== Auto Load x64 =============================================

    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
    Userinit = C:\Windows\system32\userinit.exe,
    Shell = explorer.exe

    ==================== Browsers present ==========================================

    Google Chrome
    IEXPLORE.EXE

    ==================== Google Chrome =============================================

    GC - Local State Path: C:\Users\Anita\AppData\Local\Google\Chrome\User Data\Local State

    GC - Profile: [Default] Name: Persoon 1 - Shortcut name: - Username:

    ==================== Google Chrome Profile: Default ============================

    GC - Prefpath: C:\Users\Anita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

    GC - Homepage: ["hxxp://www.google.com/"]

    GC - Ext: [ Winkel ] version: 0.2
    Description: Chrome Web Store
    Path: C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\resources\web_store

    GC - Ext: [ Bookmark Manager ] version: 0.1
    Description: Bookmark Manager
    Path: C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\resources\bookmark_manager

    GC - Ext: [ Settings ] version: 0.2
    Description: Settings
    Path: C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\resources\settings_app

    GC - Ext: [ Feedback ] version: 1.0
    Description: User feedback extension
    Path: C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\resources\feedback

    GC - Ext: [ Avast Online Security ] version: 10.2.0.190
    Description: Avast Browser Security and Web Reputation Plugin.
    Path: gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0

    GC - Ext: [ CryptoTokenExtension ] version: 0.9.22
    Description: CryptoToken Component Extension
    Path: C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\resources\cryptotoken

    GC - Ext: [ Cloud Print ] version: 0.1
    Description: Cloud Print
    Path: C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\resources\cloud_print

    GC - Ext: [ GaiaAuthExtension ] version: 0.0.1
    Description: GAIA Component Extension
    Path: C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\resources\gaia_auth

    GC - Ext: [ Chrome ] version: 0.1
    Description: Chrome as an app
    Path: C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\resources\chrome_app

    GC - Ext: [ Chrome PDF Viewer ] version: 1
    Description:
    Path: C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\resources\pdf

    GC - Ext: [ Google Network Speech ] version: 1.0
    Description: Component extension providing speech via the Google network text-to-speech service.
    Path: C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\resources\network_speech_synthesis

    GC - Ext: [ Google+ Hangouts ] version: 1.1
    Description:
    Path: C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\resources\hangout_services

    GC - Ext: [ Google Now ] version: 1.2.0.1
    Description: Integrates Google Now into Chrome.
    Path: C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\resources\google_now

    ==================== Windows Host File =========================================


    ==================== BHO =======================================================

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
    {449D0D6E-2412-4E61-B68F-1CB625CD9E52}
    HKCR\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52} Default = ExplorerBHO Class
    => HKCR\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}\InProcServer32 Default = C:\Program Files\Classic Shell\ClassicExplorer32.dll

    {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
    HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} Default = Groove GFS Browser Helper
    => HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32 Default = C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL

    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Default = avast! Online Security
    => HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\InProcServer32 Default = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    {AA58ED58-01DD-4d91-8333-CF10577473F7}
    HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} Default = Google Toolbar Helper
    => HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\InProcServer32 Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    {B4F3A835-0E21-4959-BA22-42B3008E02FF}
    HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler
    => HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL

    {EA801577-E6AD-4BD5-8F71-4BE0154331A4}
    HKCR\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4} Default = ClassicIEBHO Class
    => HKCR\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}\InProcServer32 Default = C:\Program Files\Classic Shell\ClassicIEDLL_32.dll

    ==================== BHO x64 ===================================================

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
    {449D0D6E-2412-4E61-B68F-1CB625CD9E52}
    HKCR\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52} Default = ExplorerBHO Class
    => HKCR\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}\InProcServer32 Default = C:\Program Files\Classic Shell\ClassicExplorer64.dll

    {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
    HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} Default = Groove GFS Browser Helper
    => HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32 Default = C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL

    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Default = avast! Online Security
    => HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\InProcServer32 Default = C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

    {AA58ED58-01DD-4d91-8333-CF10577473F7}
    HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} Default = Google Toolbar Helper
    => HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\InProcServer32 Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

    {EA801577-E6AD-4BD5-8F71-4BE0154331A4}
    HKCR\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4} Default = ClassicIEBHO Class
    => HKCR\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}\InProcServer32 Default = C:\Program Files\Classic Shell\ClassicIEDLL_64.dll

    ==================== Auto Start Programs =======================================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    AvastUI.exe = "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    BCSSync = "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    CLMLServer_For_P2G8 = "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
    CLVirtualDrive = "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
    IAStorIcon = C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    RemoteControl10 = "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

    HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

    ==================== Auto Start Programs x64 ===================================

    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    Classic Start Menu = "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
    HotKeysCmds = "C:\WINDOWS\system32\hkcmd.exe"
    IgfxTray = "C:\WINDOWS\system32\igfxtray.exe"
    Persistence = "C:\WINDOWS\system32\igfxpers.exe"
    RTHDVCPL = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved [2 = enabled 3= disabled]
    CanonSolutionMenu = 2
    HotKeysCmds = 6
    IgfxTray = 6
    Persistence = 6
    RTHDVCPL = 6
    Adobe ARM = 2
    AVP = 2
    BCSSync = 2
    CLMLServer_For_P2G8 = 6
    CLVirtualDrive = 6
    IAStorIcon = 6
    RemoteControl10 = 6
    NETGEAR WG111v3 Smart Wizard.lnk = 2

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

    CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk
    ==================== Extra Items IE ============================================

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

    HKCU\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}\InProcServer32
    => HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\InProcServer32 {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    => HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\InProcServer32 {2318C2B1-4965-11D4-9B18-009027A5CD4F} = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    => HKCR\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\InProcServer32 {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} = C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
    => HKCR\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}\InProcServer32 {449D0D6E-2412-4E61-B68F-1CB625CD9E52} = C:\Program Files\Classic Shell\ClassicExplorer32.dll
    => HKCR\CLSID\{553891B7-A0D5-4526-BE18-D3CE461D6310}\InProcServer32 {553891B7-A0D5-4526-BE18-D3CE461D6310} = C:\Program Files\Classic Shell\ClassicExplorer32.dll
    => HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32 {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
    => HKCR\CLSID\{AA58ED58-01DD-4D91-8333-CF10577473F7}\InProcServer32 {AA58ED58-01DD-4D91-8333-CF10577473F7} = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    => HKCR\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}\InProcServer32 {EA801577-E6AD-4BD5-8F71-4BE0154331A4} = C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
    ==================== Extra Items IE x64 ========================================

    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

    ==================== Internet Default Prefix ===================================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    Default = http://

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes
    WWW = http://

    ==================== Internet Default Prefix x64 ===============================

    HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    Default = http://

    HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes
    WWW = http://

    ==================== Protocol Hijackers ========================================

    HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\wlpg
    CLSID = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}
    => SOFTWARE\Classes\\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\InProcServer32 @ Default = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [4cf29c44e072c377b6866c399947e99a]


    HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\text/xml
    CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
    => SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown


    ==================== Protocol Hijackers x64 ====================================

    HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml
    CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
    => SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown


    ==================== ShellServiceObjectDelayLoad ===============================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
    => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]


    ==================== ShellServiceObjectDelayLoad x64 =========================

    HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
    => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]


    ==================== Extra (Torpig/ConduitSearch) ==============================

    HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ Default = {217FC9C0-3AEA-1069-A2DB-08002B30309D}
    => HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32 @ Default = C:\WINDOWS\system32\shell32.dll

    HKCR\Directory\shellex\CopyHookHandlers\Sharing @ Default = {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
    => HKCR\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32 @ Default = C:\WINDOWS\system32\ntshrui.dll


    ==================== DRIVERS and SERVICES ======================================

    *** Win32OwnProcess ***

    SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
    SERV - R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files (x86)\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
    SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
    SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
    SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
    SERV - R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
    SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
    SERV - R3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
    SERV - R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
    SERV - R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
    SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
    SERV - S2 - [KMService] - KMService - c:\windows\system32\srvany.exe [x]
    SERV - S2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
    SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
    SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
    SERV - S3 - [AvastVBoxSvc] - AvastVBox COM Service - c:\program files\avast software\avast\ng\vbox\avastvboxsvc.exe [x]
    SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
    SERV - S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
    SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
    SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
    SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
    SERV - S3 - [gusvc] - Google Software Updater - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
    SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
    SERV - S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files (x86)\microsoft office\office14\groove.exe
    SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
    SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
    SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
    SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
    SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
    SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
    SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
    SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
    SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
    SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
    SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
    SERV - S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe

    *** Win32ShareProcess ***

    SERV - R2 - [avast! Antivirus] - Avast Antivirus - c:\program files\avast software\avast\avastsvc.exe
    SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
    SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
    SERV - S3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
    SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
    SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
    SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

    *** Others ***

    SERV - R2 - [CyberLink PowerDVD 10 MS Monitor Service] - CyberLink PowerDVD 10 MS Monitor Service - c:\program files (x86)\cyberlink\powerdvd10\device\mediaserver\clmsmonitorservice.exe
    SERV - R2 - [CyberLink PowerDVD 10 MS Service] - CyberLink PowerDVD 10 MS Service - c:\program files (x86)\cyberlink\powerdvd10\device\mediaserver\clmsserver.exe
    SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
    SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

    *** File System Driver ***

    DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys
    DRV - R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys
    DRV - R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys
    DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys
    DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys
    DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\WINDOWS\system32\Drivers\srv.sys
    DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\WINDOWS\system32\Drivers\srv2.sys

    *** Kernel Driver ***

    DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\WINDOWS\system32\Drivers\ACPI.sys
    DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys
    DRV - R0 - [aswRvrt] - avast! Revert - C:\WINDOWS\system32\Drivers\aswRvrt.sys
    DRV - R0 - [aswVmm] - avast! VM Monitor - C:\WINDOWS\system32\Drivers\aswVmm.sys
    DRV - R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys
    DRV - R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys
    DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\WINDOWS\system32\Drivers\disk.sys
    DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\WINDOWS\system32\Drivers\fvevol.sys
    DRV - R0 - [iaStorA] - iaStorA - C:\WINDOWS\system32\Drivers\iaStorA.sys
    DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\WINDOWS\system32\Drivers\intelpep.sys
    DRV - R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys
    DRV - R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys
    DRV - R0 - [mountmgr] - Mount Point Manager - C:\WINDOWS\system32\Drivers\mountmgr.sys
    DRV - R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys
    DRV - R0 - [NDIS] - NDIS System Driver - C:\WINDOWS\system32\Drivers\NDIS.sys
    DRV - R0 - [partmgr] - Partition Manager - C:\WINDOWS\system32\Drivers\partmgr.sys
    DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\WINDOWS\system32\Drivers\pci.sys
    DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys
    DRV - R0 - [pdc] - pdc - C:\WINDOWS\system32\Drivers\pdc.sys
    DRV - R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys
    DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\WINDOWS\system32\Drivers\spaceport.sys
    DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\WINDOWS\system32\Drivers\Tcpip.sys
    DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\WINDOWS\system32\Drivers\vdrvroot.sys
    DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\WINDOWS\system32\Drivers\volmgr.sys
    DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\WINDOWS\system32\Drivers\volmgrx.sys
    DRV - R0 - [volsnap] - Opslagvolumes - C:\WINDOWS\system32\Drivers\volsnap.sys
    DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\WINDOWS\system32\Drivers\Wdf01000.sys
    DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\WINDOWS\system32\Drivers\WFPLWFS.sys
    DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\WINDOWS\system32\Drivers\AFD.sys
    DRV - R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys
    DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\WINDOWS\system32\Drivers\tdx.sys
    DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys
    DRV - S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys
    DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys
    DRV - S3 - [atapi] - IDE-kanaal - C:\WINDOWS\system32\Drivers\atapi.sys

    ==================== SvcHost - White Listed ====================================

    WOW x64 - All Ok

    ==================== SvcHost x64 - White Listed ================================

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
    BthHFSrv = ServiceDll = C:\WINDOWS\System32\BthHFSrv.dll [9307a4b743d277c499cda8e19e5687ac]

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
    DiagTrack = ServiceDll = C:\WINDOWS\system32\diagtrack.dll [21edad8188372c912b7bb9b1c6cb0d38]



    ==================== SigCheck x86 Fast =========================================

    Fast Scan All ok

    ==================== SigCheck x64 Fast =========================================

    Fast Scan All ok

    ==================== Job tasks at C:\WINDOWS\Tasks =============================

    C:\WINDOWS\Tasks\AutoKMS.job 212 bytes [ 19/05/2015 18:52:25 ]

    C:\WINDOWS\Tasks\AutoKMSDaily.job 222 bytes [ 19/07/2015 17:13:57 ]

    C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 1072 bytes [ 2/08/2014 12:58:38 ]

    C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 1076 bytes [ 2/08/2014 12:58:40 ]

    C:\WINDOWS\Tasks\SA.DAT 6 bytes [ 22/08/2013 16:45:54 ]


    ==================== Job tasks at C:\WINDOWS\system32\Tasks ====================

    C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 3886 bytes [ 25/12/2014 10:50:10 ]
    => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\WINDOWS\system32\Tasks\AutoKMS 2424 bytes [ 19/05/2015 18:52:25 ]
    => C:\WINDOWS\AutoKMS.exe

    C:\WINDOWS\system32\Tasks\AutoKMSDaily 2740 bytes [ 19/07/2015 17:13:57 ]
    => C:\WINDOWS\AutoKMS.exe

    C:\WINDOWS\system32\Tasks\avast! Emergency Update 4182 bytes [ 20/04/2013 14:13:48 ]
    => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

    C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2784 bytes [ 19/05/2015 18:49:22 ]
    => "C:\Program Files\CCleaner\CCleaner.exe"

    C:\WINDOWS\system32\Tasks\CreateChoiceProcessTask 3544 bytes [ 14/01/2013 16:16:29 ]
    => C:\Windows\BrowserChoice\browserchoice.exe

    C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 3812 bytes [ 2/08/2014 12:58:38 ]
    => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 4048 bytes [ 2/08/2014 12:58:40 ]
    => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    C:\WINDOWS\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-207727438-1972492117-3694965551-1001 3090 bytes [ 14/05/2015 12:59:38 ]
    => %localappdata%\Microsoft\OneDrive\OneDrive.exe

    C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-207727438-1972492117-3694965551-1001 3598 bytes [ 6/01/2013 14:00:11 ]

    C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-207727438-1972492117-3694965551-500 2324 bytes [ 11/12/2012 8:01:51 ]

    C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4169180880-1709517006-4049283359-500 3596 bytes [ 2/10/2012 9:41:18 ]

    C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8953C87C-6ABE-4A6A-9B57-88BF29CB1FB9} 3946 bytes [ 13/01/2013 14:33:51 ]
    => C:\Windows\system32\msfeedssync.exe


    ==================== Job tasks at C:\WINDOWS\SysWOW64\Tasks ====================

    There are no .job files found.

    ==================== End scanning at za 3 okt 2015 11:35 (0 Min 19 Sec ) =======

  • #2
    Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
    (hier en hier) kan je lezen hoe je dat doet.

    Download Zoek.exe naar het bureaublad (klik hier voor meer informatie over hoe zoek.exe te gebruiken)
    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
      Code:
       
      emptyfolderscheck;delete
      firefoxlook; 
      Chromelook; 
      CHRdefaults;
      autoclean; 
      iedefaults;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      zoek-results.txt

      Aub

      Comment


      • #4
        al enige verbetering ?

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Ja al een pak beter. Heb gemerkt dat het scherm (of de kabel ervan) kapot was of begon te haperen of zo, en dat was de reden van het zeer traag opstarten. En ondertussen ook de malware en bescherming eens aangepakt, dus al een stuk beter bedankt.

          Comment


          • #6
            Bescherming tegen ongewenste software.

            Unchecky voorkomt installatie van ongewenste software

            Dubbelklik op het installatiebestand unchecky_setup.exe om de installatie te starten.
            In het scherm wat nu verschijnt kunt u voor meer opties kiezen, op deze manier kunt u zelf de locatie instellen waar Unchecky geïnstalleerd dien te worden.
            Klik vervolgens op de knop Install om Unchecky te installeren.
            Wanneer de installatie van Unchecky gereed is klikt u op Finish.
            Start na de installatie wel even de computer opnieuw op, dit om de wijzigingen in het hostsbestand van Windows door te voeren.
            Download Delfix by Xplode naar het bureaublad.

            KLIK HIER voor een vergroting!
            (Klik bovenstaande afbeelding aan voor een vergroting!)

            Dubbelklik op Delfix.exe om de tool te starten.
            Zet nu vinkjes voor de volgende items:
            • Remove disinfection tools
            • Purge System Restore
            • Reset system settings

            Klik nu op "Run" en wacht geduldig tot de tool gereed is.
            Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.




            Misschien ook beter om Hitmanproalert te installeren. Alert
            Uitleg hieronder.
            Uitleg

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              unchecky en hitman pro geinstalleerd.

              Delfix laten lopen.

              Alles loopt hier vlot bedankt!

              Comment


              • #8
                Dat is mooi.

                Windows 10 opstarten in Veilige Modus

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X