Mededeling

Collapse
No announcement yet.

logs van 1e clean-up

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • logs van 1e clean-up

    ik gebruik deze laptop ondertussen enkele jaren en begint meer er meer raar te doen ,
    oa een springende cursor en sommige functies die niet meer werken.

    het is de 1e keer dat ik de antivirus en malware tools heb laten draaien

    hieronder de logs

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 29/02/2016
    Scantijd: 22:15
    Logboekbestand: log1.txt
    Beheerder: Ja

    Versie: 2.2.0.1024
    Malware-database: v2016.02.29.04
    Rootkit-database: v2016.02.27.01
    Licentie: Gratis
    Malware-bescherming: Uitgeschakeld
    Bescherming tegen kwaadaardige websites: Uitgeschakeld
    Zelfbescherming: Uitgeschakeld

    Besturingssysteem: Windows 7 Service Pack 1
    Processor: x86
    Bestandssysteem: NTFS
    Gebruiker: Steven

    Scantype: Aangepaste scan
    Resultaat: Voltooid
    Objecten gescand: 595526
    Verstreken tijd: 2 u., 34 min, 55 sec

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Ingeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 0
    (Geen kwaadaardige items gedetecteerd)

    Modules: 0
    (Geen kwaadaardige items gedetecteerd)

    Registersleutels: 5
    PUP.Optional.Babylon, HKU\S-1-5-21-1138451155-3206360325-2793735367-1143\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In quarantaine, [75037aec96035bdbb2a10a9faa588d73],
    PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\DataMngr, In quarantaine, [3840d591f4a551e5c7a160fead57f907],
    PUP.Optional.AdLyrics, HKU\S-1-5-21-1138451155-3206360325-2793735367-1143\SOFTWARE\APPDATALOW\SOFTWARE\XingHaoLyrics, In quarantaine, [98e0382e9405ad89ae9ba53cec1735cb],
    PUP.Optional.ASK, HKU\S-1-5-21-1138451155-3206360325-2793735367-1143\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F3D95C1B-1BBD-4C54-B2CA-E7B5B76A3DF0}, In quarantaine, [a5d39ec8b1e8ee48e4fa0968ab5925db],
    PUP.Optional.AdLyrics, HKU\S-1-5-21-1240767513-1395239067-947070365-1000\SOFTWARE\APPDATALOW\SOFTWARE\XingHaoLyrics, In quarantaine, [c1b750167128b28489c006db57acf808],

    Registerwaarden: 4
    PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-1138451155-3206360325-2793735367-1143\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=D6F9183DA20E1D00, In quarantaine, [7bfd56101d7c5ed8f34c8651e71c04fc]
    PUP.Optional.Babylon, HKU\S-1-5-21-1138451155-3206360325-2793735367-1143\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FaviconURL, search.babylon.com/favicon.ico, In quarantaine, [6f09f96d9efbf2449aff2db6669d748c]
    PUP.Optional.ASK, HKU\S-1-5-21-1138451155-3206360325-2793735367-1143\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F3D95C1B-1BBD-4C54-B2CA-E7B5B76A3DF0}|URL, http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYBE&apn_uid =1EE2CED9-62DF-4819-9476-141493ECD8BC&apn_sauid=055CD752-D6F5-4F9E-9AE6-8F31320A9BB5, In quarantaine, [a5d39ec8b1e8ee48e4fa0968ab5925db]
    PUP.Optional.AdLyrics, HKU\S-1-5-21-1240767513-1395239067-947070365-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|[email protected], C:\Program Files\XingHaoLyrics\FF\, In quarantaine, [b7c1bcaa2c6d2c0a352161809f647090]

    Registerdata: 0
    (Geen kwaadaardige items gedetecteerd)

    Mappen: 10
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected], In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\components, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\mnRadio, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\defaults, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\defaults\preferences, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Users\Nadine\AppData\LocalLow\BabylonToolbar, In quarantaine, [bdbb4e184f4a56e0ff442da6ee1434cc],
    PUP.Optional.Babylon, C:\Users\Nadine\AppData\LocalLow\BabylonToolbar\BabylonToolbar, In quarantaine, [bdbb4e184f4a56e0ff442da6ee1434cc],

    Bestanden: 69
    RiskWare.FilePatcher, C:\Nero 2\Patch\nero.15.platinum.build.16.0.02900-patch.exe, In quarantaine, [ea8ed591d3c6251195f22856eb165ea2],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\chrome.manifest, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\install.rdf, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\acplus-autocomplete.js, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\components\FFHst.xpt, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\babylon.css, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\babylon.xul, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\mtstart.js, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\server.js, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\tmplt.js, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\09.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\arwDwn.gif, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\bbyln.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\buy.gif, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\games.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\greenCard.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\help_16.gif, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\home.gif, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\icons.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\languages.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\logo.PNG, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\lottery.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\mj.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\privecy_16_hot.gif, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\radio.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\search.PNG, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\stat.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\tellafriend.gif, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\toolbarIcons_casino.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\toolbar_icons_games.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\translate.PNG, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\vssver.scc, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\ae.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\bg.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\ch.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\cn.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\cz.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\de.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\eg.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\en.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\es.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\fr.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\gr.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\he.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\il.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\it.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\ja.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\jp.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\nl.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\no.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\pl.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\pt.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\ro.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\ru.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\sa.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\se.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\sv.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\Thumbs.db, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\tr.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\ua.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\flgs\us.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\mnRadio\bg.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\mnRadio\chooseStation.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\mnRadio\lines.gif, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\mnRadio\pauseBtn.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\mnRadio\playBtn.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\mnRadio\rd_strp.png, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\content\imgs\mnRadio\Thumbs.db, In quarantaine, [46322e38306947efb78b00d3748e659b],
    PUP.Optional.Babylon, C:\Program Files\Mozilla Firefox\extensions\[email protected]\defaults\preferences\instlPref.js, In quarantaine, [46322e38306947efb78b00d3748e659b],

    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)


    (end)

    # AdwCleaner v5.037 - Logfile created 01/03/2016 at 14:21:44
    # Updated 28/02/2016 by Xplode
    # Database : 2016-02-28.2 [Local]
    # Operating system : Windows 7 Professional Service Pack 1 (x86)
    # Username : Steven - BAUNAT-008
    # Running from : C:\Users\steven\Downloads\adwcleaner_5.037.exe
    # Option : Clean
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****

    [-] Folder Deleted : C:\ProgramData\Ask
    [-] Folder Deleted : C:\ProgramData\Babylon
    [-] Folder Deleted : C:\ProgramData\Premium
    [-] Folder Deleted : C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

    ***** [ Files ] *****


    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****

    [-] Key Deleted : HKCU\Software\f088d0b36aef47
    [-] Key Deleted : HKLM\SOFTWARE\f088d0b36aef47
    [-] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64d9b05-48e1-4ceb-bf58-e0643994e900}]
    [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}]
    [-] Key Deleted : HKCU\Software\BI
    [-] Key Deleted : HKCU\Software\Softonic
    [-] Key Deleted : HKLM\SOFTWARE\Babylon
    [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\winamp.com
    [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.winamp.com

    ***** [ Web browsers ] *****


    *************************

    :: "Tracing" keys removed
    :: Winsock settings cleared

    *************************

    C:\AdwCleaner\AdwCleaner[C1].txt - [1872 bytes] - [01/03/2016 14:21:44]
    C:\AdwCleaner\AdwCleaner[S1].txt - [1839 bytes] - [01/03/2016 14:16:58]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2018 bytes] ##########

  • #2
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 11.0.9600.18205 BrowserJavaVersion: 10.71.2
    Run by Steven at 14:38:19 on 2016-03-01
    Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1033.18.2868.1599 [GMT 1:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
    C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\system32\lexbces.exe
    C:\Windows\system32\LEXPPS.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe
    C:\Windows\system32\dlbkcoms.exe
    C:\Program Files\Launch Manager\dsiwmis.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
    C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\Acer\Acer VCM\RS_Service.exe
    C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
    C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
    C:\Program Files\AVAST Software\Avast\avastui.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\prevhost.exe
    C:\Windows\system32\prevhost.exe
    C:\Users\steven\AppData\Local\FluxSoftware\Flux\flux.exe
    C:\Program Files\Acer\Acer VCM\AcerVCM.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k utcsvc
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\Windows\system32\svchost.exe -k HsfXAudioService
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\svchost.exe -k HPService
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k secsvcs
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxps://www.google.be/
    uDefault_Page_URL = hxxp://acer.msn.com
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    uRun: [VoipCheapCom] "c:\program files\voipcheapcom.com\voipcheapcom\voipcheapcom.exe" -nosplash -minimized
    uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
    uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
    uRun: [LogitechSoftwareUpdate] "c:\program files\logitech\video\ManifestEngine.exe" boot
    uRun: [f.lux] "c:\users\steven\appdata\local\fluxsoftware\flux\flux.exe" /noshow
    mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
    mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe
    mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [Acer ePower Management] c:\program files\acer\acer epower management\ePowerTray.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe
    mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe
    dRunOnce: [SPReview] "c:\windows\system32\spreview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
    mPolicies-Explorer: NoWelcomeScreen = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: SoftwareSASGeneration = dword:1
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\program files\common files\dvdvideosoft\plugins\freeytvdownloader.htm
    IE: Free YouTube to MP3 Converter - c:\program files\common files\dvdvideosoft\plugins\freeytmp3downloader.htm
    IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
    Trusted Zone: //about.htm/
    Trusted Zone: //Exclude.htm/
    Trusted Zone: //LanguageSelection.htm/
    Trusted Zone: //Message.htm/
    Trusted Zone: //MyAgttryCmd.htm/
    Trusted Zone: //MyAgttryNag.htm/
    Trusted Zone: //MyNotification.htm/
    Trusted Zone: //NOCLessUpdate.htm/
    Trusted Zone: //quarantine.htm/
    Trusted Zone: //ScanNow.htm/
    Trusted Zone: //strings.vbs/
    Trusted Zone: //Template.htm/
    Trusted Zone: //Update.htm/
    Trusted Zone: //VirFound.htm/
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{C2FF45C2-E616-4C80-AC29-57B9E77E7142} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{C2FF45C2-E616-4C80-AC29-57B9E77E7142}\241455E41445 : DHCPNameServer = 192.168.200.5
    TCP: Interfaces\{C2FF45C2-E616-4C80-AC29-57B9E77E7142}\374726 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{C2FF45C2-E616-4C80-AC29-57B9E77E7142}\C4149514 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{C2FF45C2-E616-4C80-AC29-57B9E77E7142}\C45425F43425F495F513 : DHCPNameServer = 10.59.1.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
    Handler: bw+0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw+0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw-0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw-0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw00 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw00s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw10 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw10s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw20 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw20s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw30 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw30s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw40 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw40s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw50 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw50s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw60 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw60s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw70 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw70s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw80 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw80s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw90 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bw90s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwa0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwa0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwb0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwb0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwc0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwc0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwd0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwd0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwe0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwe0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwf0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwf0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
    Handler: bwg0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwg0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwh0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwh0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwi0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwi0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwj0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwj0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwk0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwk0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwl0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwl0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwm0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwm0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwn0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwn0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwo0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwo0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwp0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwp0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwq0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwq0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwr0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwr0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bws0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bws0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwt0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwt0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwu0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwu0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwv0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwv0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bww0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bww0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwx0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwx0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwy0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwy0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwz0 - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: bwz0s - {9b81d9cd-71c3-46c7-8412-4eb74bb56f0e} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: offline-8876480 - {9B81D9CD-71C3-46C7-8412-4EB74BB56F0E} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WebCheck - <orphaned>
    LSA: Notification Packages = Error!
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\steven\appdata\roaming\mozilla\firefox\profiles\oyjq6idb.default-1452925057410\
    FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.3.29.5\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.41212.0\npctrlui.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_20_0_0_235.dll
    FF - plugin: c:\windows\system32\wat\npWatWeb.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-7-10 49776]
    R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-7-10 208664]
    R0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [2014-1-10 15664]
    R0 ngvss;ngvss;c:\windows\system32\drivers\ngvss.sys [2015-7-29 95112]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2014-7-10 794952]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-7-10 435464]
    R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2012-2-22 64912]
    R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-7-10 24016]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-7-10 76000]
    R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-7-10 113592]
    R2 avast! Antivirus;Avast Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2015-7-29 146600]
    R2 DeviceManager;DeviceManager;c:\program files\common files\devicehelper\devicemanager.exe -start --> c:\program files\common files\devicehelper\DeviceManager.exe -start [?]
    R2 DiagTrack;Diagnostics Tracking Service;c:\windows\system32\svchost.exe -k utcsvc [2009-7-14 20992]
    R2 DisplayLinkService;DisplayLinkManager;c:\program files\displaylink core software\DisplayLinkManager.exe [2013-10-7 7676720]
    R2 dlbk_device;dlbk_device;c:\windows\system32\dlbkcoms.exe -service --> c:\windows\system32\dlbkcoms.exe -service [?]
    R2 DsiWMIService;Dritek WMI Service;c:\program files\launch manager\dsiwmis.exe [2011-3-4 321104]
    R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer epower management\ePowerSvc.exe [2011-4-15 735776]
    R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2011-3-4 13336]
    R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2010-4-17 144640]
    R2 ODDPwrSvc;Acer ODD Power Service;c:\program files\acer\optical drive power management\ODDPWRSvc.exe [2011-3-4 129568]
    R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
    R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2011-3-4 260640]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2011-4-15 2533400]
    R2 Updater Service;Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2011-3-4 243232]
    R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\avast software\avast\ng\vbox\VBoxAswDrv.sys [2015-7-29 220752]
    R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\avast software\avast\ng\vbox\AvastVBoxSVC.exe [2015-7-29 3218624]
    R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2010-2-9 325672]
    R3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [2014-1-10 337200]
    R3 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\drivers\FPSensor.sys [2011-9-15 30000]
    R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2011-3-4 132480]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2016-2-29 23256]
    R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2011-3-4 6758912]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
    S2 EgisTec Ticket Service;EgisTec Ticket Service;"c:\program files\common files\egistec\services\egisticketservice.exe" --> c:\program files\common files\egistec\services\EgisTicketService.exe [?]
    S2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2016-2-29 1135416]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2014-12-11 315496]
    S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.sys [2010-6-10 25600]
    S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2011-4-15 294952]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2011-4-15 33320]
    S3 DisplayLinkUsbIo;DisplayLinkUsbIo;c:\windows\system32\drivers\DisplayLinkUsbIo_7.4.51572.0.sys [2013-10-8 38192]
    S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2016-2-10 102912]
    S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2011-12-23 105344]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-4-25 170200]
    S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2016-2-29 51928]
    S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2010-4-17 50432]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-4-25 14848]
    S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
    S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
    S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
    S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2015-4-25 49152]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-6-22 1343400]
    .
    =============== File Associations ===============
    .
    ShellExec: QSync.exe: Open="c:\program files\logitech\video\QSync.exe"
    .
    =============== Created Last 30 ================
    .
    2016-03-01 13:16:00 -------- d-----w- C:\AdwCleaner
    2016-02-29 21:10:18 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2016-02-29 21:10:18 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
    2016-02-29 21:10:18 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
    2016-02-29 21:10:18 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
    2016-02-28 15:40:09 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0b76e23c-da90-4d93-9414-f5d609b04e43}\offreg.3052.dll
    2016-02-26 11:17:08 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0b76e23c-da90-4d93-9414-f5d609b04e43}\offreg.3480.dll
    2016-02-26 10:16:24 9014120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0b76e23c-da90-4d93-9414-f5d609b04e43}\mpengine.dll
    2016-02-12 08:39:20 1413632 ----a-w- c:\windows\system32\ole32.dll
    2016-02-10 10:30:36 949760 ----a-w- c:\windows\system32\aeinv.dll
    2016-02-10 10:28:58 93696 ----a-w- c:\windows\system32\wudriver.dll
    2016-02-10 10:28:58 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
    2016-02-10 10:28:58 2956288 ----a-w- c:\windows\system32\wucltux.dll
    2016-02-10 10:28:58 174080 ----a-w- c:\windows\system32\wuwebv.dll
    2016-02-10 10:28:58 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
    2016-02-10 10:28:57 35328 ----a-w- c:\windows\system32\wuapp.exe
    .
    ==================== Find3M ====================
    .
    2016-03-01 13:02:11 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2016-02-06 09:54:50 2724864 ----a-w- c:\windows\system32\mshtml.tlb
    2016-01-22 06:14:07 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
    2016-01-22 06:13:15 3993536 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2016-01-22 06:13:15 3938752 ----a-w- c:\windows\system32\ntoskrnl.exe
    2016-01-22 06:13:13 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2016-01-22 06:13:13 138176 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
    2016-01-22 06:09:40 1310232 ----a-w- c:\windows\system32\ntdll.dll
    2016-01-22 06:06:34 169984 ----a-w- c:\windows\system32\winsrv.dll
    2016-01-22 06:06:30 171520 ----a-w- c:\windows\system32\wdigest.dll
    2016-01-22 06:06:19 65536 ----a-w- c:\windows\system32\TSpkg.dll
    2016-01-22 06:06:13 99840 ----a-w- c:\windows\system32\sspicli.dll
    2016-01-22 06:06:11 43008 ----a-w- c:\windows\system32\srclient.dll
    2016-01-22 06:06:11 400896 ----a-w- c:\windows\system32\srcore.dll
    2016-01-22 06:05:27 22016 ----a-w- c:\windows\system32\secur32.dll
    2016-01-22 06:05:20 251392 ----a-w- c:\windows\system32\schannel.dll
    2016-01-22 06:05:18 654336 ----a-w- c:\windows\system32\rpcrt4.dll
    2016-01-22 06:04:36 642048 ----a-w- c:\windows\system32\CPFilters.dll
    2016-01-22 06:04:36 535040 ----a-w- c:\windows\system32\EncDec.dll
    2016-01-22 06:02:58 223232 ----a-w- c:\windows\system32\ncrypt.dll
    2016-01-22 06:02:56 114176 ----a-w- c:\windows\system32\mtxoci.dll
    2016-01-22 06:02:55 259584 ----a-w- c:\windows\system32\msv1_0.dll
    2016-01-22 06:02:52 176128 ----a-w- c:\windows\system32\msorcl32.dll
    2016-01-22 06:02:49 60416 ----a-w- c:\windows\system32\msobjs.dll
    2016-01-22 06:02:26 146432 ----a-w- c:\windows\system32\msaudite.dll
    2016-01-22 06:02:07 1060864 ----a-w- c:\windows\system32\lsasrv.dll
    2016-01-22 06:02:01 62464 ----a-w- c:\windows\system32\iesetup.dll
    2016-01-22 06:02:01 496640 ----a-w- c:\windows\system32\vbscript.dll
    2016-01-22 06:02:00 553472 ----a-w- c:\windows\system32\kerberos.dll
    2016-01-22 06:02:00 293888 ----a-w- c:\windows\system32\KernelBase.dll
    2016-01-22 06:01:26 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
    2016-01-22 06:01:17 341504 ----a-w- c:\windows\system32\html.iec
    2016-01-22 06:00:45 1498624 ----a-w- c:\windows\system32\ExplorerFrame.dll
    2016-01-22 06:00:26 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
    2016-01-22 05:52:03 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
    2016-01-22 05:51:56 115712 ----a-w- c:\windows\system32\ieUnatt.exe
    2016-01-22 05:51:37 620032 ----a-w- c:\windows\system32\jscript9diag.dll
    2016-01-22 05:46:58 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
    2016-01-22 05:39:38 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
    2016-01-22 05:35:15 4611072 ----a-w- c:\windows\system32\jscript9.dll
    2016-01-22 05:24:59 2050560 ----a-w- c:\windows\system32\inetcpl.cpl
    2016-01-22 05:24:40 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
    2016-01-22 05:12:59 2973184 ----a-w- c:\windows\explorer.exe
    2016-01-22 05:07:28 2120704 ----a-w- c:\windows\system32\wininet.dll
    2016-01-22 05:07:09 50176 ----a-w- c:\windows\system32\auditpol.exe
    2016-01-22 05:01:48 271360 ----a-w- c:\windows\system32\conhost.exe
    2016-01-22 05:00:13 262656 ----a-w- c:\windows\system32\rstrui.exe
    2016-01-22 04:53:37 225792 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2016-01-22 04:53:33 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2016-01-22 04:53:23 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2016-01-22 04:51:55 36352 ----a-w- c:\windows\system32\cryptbase.dll
    2016-01-22 04:51:52 22016 ----a-w- c:\windows\system32\lsass.exe
    2016-01-22 04:51:52 15872 ----a-w- c:\windows\system32\sspisrv.dll
    2016-01-22 04:51:47 69632 ----a-w- c:\windows\system32\smss.exe
    2016-01-22 04:51:40 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2016-01-22 04:51:40 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2016-01-22 04:51:40 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2016-01-22 04:51:40 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2016-01-16 18:42:01 22464 ----a-w- c:\windows\system32\CompatTelRunner.exe
    2016-01-11 14:07:51 65536 ----a-w- c:\windows\system32\acmigration.dll
    2016-01-11 14:07:51 591360 ----a-w- c:\windows\system32\invagent.dll
    2016-01-11 14:07:51 544768 ----a-w- c:\windows\system32\generaltel.dll
    2016-01-11 14:07:51 424960 ----a-w- c:\windows\system32\devinv.dll
    2016-01-11 14:07:51 1198080 ----a-w- c:\windows\system32\appraiser.dll
    2016-01-07 17:47:26 2386944 ----a-w- c:\windows\system32\win32k.sys
    2016-01-07 17:35:11 116224 ----a-w- c:\windows\system32\drivers\mrxdav.sys
    2016-01-06 18:41:10 216064 ----a-w- c:\windows\system32\InkEd.dll
    2016-01-06 17:56:06 19968 ----a-w- c:\windows\system32\jnwmon.dll
    2016-01-06 17:56:02 22528 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\jnwppr.dll
    2015-12-20 18:45:21 2745856 ----a-w- c:\windows\system32\rdpcorets.dll
    2015-12-20 18:45:21 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
    2015-12-20 16:16:43 221184 ----a-w- c:\windows\system32\rdpudd.dll
    2015-12-10 03:06:23 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2015-12-10 03:06:23 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2015-12-09 21:39:00 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
    2015-12-08 21:54:13 902144 ----a-w- c:\windows\system32\WMADMOD.DLL
    2015-12-08 21:54:13 815616 ----a-w- c:\windows\system32\WMADMOE.DLL
    2015-12-08 21:54:13 739328 ----a-w- c:\windows\system32\WMSPDMOD.DLL
    2015-12-08 21:54:13 665088 ----a-w- c:\windows\system32\WMVXENCD.DLL
    2015-12-08 21:54:13 541184 ----a-w- c:\windows\system32\WMVSDECD.DLL
    2015-12-08 21:54:13 358400 ----a-w- c:\windows\system32\WMVSENCD.DLL
    2015-12-08 21:54:13 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
    2015-12-08 21:54:13 1568768 ----a-w- c:\windows\system32\WMVENCOD.DLL
    2015-12-08 21:54:13 1325056 ----a-w- c:\windows\system32\WMSPDMOE.DLL
    2015-12-08 21:54:13 1202688 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
    2015-12-08 21:54:04 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
    2015-12-08 21:54:00 154112 ----a-w- c:\windows\system32\VIDRESZR.DLL
    2015-12-08 21:50:41 2048 ----a-w- c:\windows\system32\mferror.dll
    2015-12-08 21:43:23 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
    2015-12-08 21:11:33 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
    2015-12-08 21:11:16 5120 ----a-w- c:\windows\system32\drivers\drmkaud.sys
    .
    ============= FINISH: 14:39:33,34 ===============

    Comment


    • #3
      GMER 2.1.19357 - http://www.gmer.net
      Rootkit scan 2016-03-01 15:07:27
      Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST500LM0 rev.SM11 465,76GB
      Running: 5vfelot3.exe; Driver: C:\Users\steven\AppData\Local\Temp\kwdiapog.sys


      ---- System - GMER 2.1 ----

      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwAddBootEntry [0x8B8943D4]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwAllocateVirtualMemory [0x8B9519F4]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwAssignProcessToJobObject [0x8B894EB2]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateEvent [0x8B8A128A]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateEventPair [0x8B8A12D6]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateIoCompletion [0x8B8A1470]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateMutant [0x8B8A11F8]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateSection [0x8B951DCE]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateSemaphore [0x8B8A1240]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateThread [0x8B95205E]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateThreadEx [0x8B952148]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateTimer [0x8B8A142A]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDebugActiveProcess [0x8B895CA0]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDeleteBootEntry [0x8B89443A]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwDuplicateObject [0x8B95224C]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwFreeVirtualMemory [0x8B951ACC]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwLoadDriver [0x8B94EC5C]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwMapViewOfSection [0x8B951EAE]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwModifyBootEntry [0x8B8944A0]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwNotifyChangeKey [0x8B899228]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwNotifyChangeMultipleKeys [0x8B8967E4]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenEvent [0x8B8A12B4]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenEventPair [0x8B8A12F8]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenIoCompletion [0x8B8A1494]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenMutant [0x8B8A121E]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenProcess [0x8B89872A]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenSection [0x8B8A13A8]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenSemaphore [0x8B8A1268]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenThread [0x8B898B16]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenTimer [0x8B8A144E]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwProtectVirtualMemory [0x8B951C4C]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueryObject [0x8B8965FC]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueueApcThreadEx [0x8B89630A]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetBootEntryOrder [0x8B894506]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetBootOptions [0x8B89456C]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwSetContextThread [0x8B951FAA]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetSystemInformation [0x8B8940C0]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetSystemPowerState [0x8B894292]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwShutdownSystem [0x8B894220]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSuspendProcess [0x8B895E6A]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSuspendThread [0x8B895FCC]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSystemDebugControl [0x8B89431A]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwTerminateProcess [0x8B951D1A]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwTerminateThread [0x8B895AFA]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwUnloadDriver [0x8B94EC8C]
      SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwVdmControl [0x8B8945D2]
      SSDT \SystemRoot\system32\drivers\aswSP.sys ZwWriteVirtualMemory [0x8B951B7E]

      ---- Kernel code sections - GMER 2.1 ----

      .text ntkrnlpa.exe!ZwReplaceKey + 1525 83050B55 1 Byte [06]
      .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 8308ABF2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
      .text ntkrnlpa.exe!KeRemoveQueueEx + 10CB 83091FA0 4 Bytes [D4, 43, 89, 8B]
      .text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 83091FC8 4 Bytes [F4, 19, 95, 8B]
      .text ntkrnlpa.exe!KeRemoveQueueEx + 1153 83092028 4 Bytes [B2, 4E, 89, 8B]
      .text ntkrnlpa.exe!KeRemoveQueueEx + 11A7 8309207C 8 Bytes [8A, 12, 8A, 8B, D6, 12, 8A, ...] {MOV DL, [EDX]; MOV CL, [EBX-0x7475ed2a]}
      .text ntkrnlpa.exe!KeRemoveQueueEx + 11B3 83092088 4 Bytes [70, 14, 8A, 8B]
      .text ...
      PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 114 8324FE61 4 Bytes CALL 8B896E73 \SystemRoot\system32\drivers\aswSnx.sys
      PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 132 83269D41 4 Bytes CALL 8B896E89 \SystemRoot\system32\drivers\aswSnx.sys
      ? C:\Users\steven\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

      ---- User code sections - GMER 2.1 ----

      .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1428] kernel32.dll!SetUnhandledExceptionFilter 77A9F6AB 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
      .text C:\Program Files\Mozilla Firefox\firefox.exe[3552] ntdll.dll!LdrUnloadDll 7795CC26 5 Bytes JMP 000703FC
      .text C:\Program Files\Mozilla Firefox\firefox.exe[3552] ntdll.dll!LdrLoadDll 77962611 5 Bytes JMP 6703A784 C:\Program Files\Mozilla Firefox\mozglue.dll
      .text C:\Program Files\Mozilla Firefox\firefox.exe[3552] KERNEL32.dll!K32GetDeviceDriverBaseNameW + 5D 77A995DE 7 Bytes JMP 548B50C2 C:\Program Files\Mozilla Firefox\xul.dll
      .text C:\Program Files\Mozilla Firefox\firefox.exe[3552] KERNEL32.dll!QueryPerformanceCounter + 13 77A9C5E5 7 Bytes JMP 548B5ABC C:\Program Files\Mozilla Firefox\xul.dll
      .text C:\Program Files\Mozilla Firefox\firefox.exe[3552] KERNEL32.dll!LoadAppInitDlls + 355 77A9F6A6 7 Bytes JMP 54625747 C:\Program Files\Mozilla Firefox\xul.dll
      .text C:\Program Files\Mozilla Firefox\firefox.exe[3552] USER32.dll!CreateWindowExA 7725BF48 5 Bytes JMP 5499B40F C:\Program Files\Mozilla Firefox\xul.dll
      .text C:\Program Files\Mozilla Firefox\firefox.exe[3552] USER32.dll!CreateWindowExW 7725EC84 5 Bytes JMP 546032C7 C:\Program Files\Mozilla Firefox\xul.dll
      .text C:\Program Files\Mozilla Firefox\firefox.exe[3552] USER32.dll!GetWindowInfo 77264B66 5 Bytes JMP 553C3F44 C:\Program Files\Mozilla Firefox\xul.dll
      .text C:\Program Files\Mozilla Firefox\firefox.exe[3552] GDI32.dll!GetViewportOrgEx + 26C 778B87DB 7 Bytes JMP 548B49EB C:\Program Files\Mozilla Firefox\xul.dll
      .text C:\Program Files\AVAST Software\Avast\avastui.exe[4572] kernel32.dll!SetUnhandledExceptionFilter 77A9F6AB 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }

      ---- User IAT/EAT - GMER 2.1 ----

      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73BF5635] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73BF56F3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73C124A2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73C1251D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73C08581] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73C04D35] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73C050DC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73C051B1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73C066DE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73C082D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73C08827] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73C09088] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73C0E22B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[3668] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73C04C67] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d8664970 9\gdiplus.dll

      ---- Devices - GMER 2.1 ----

      AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 ngvss.sys
      AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 ngvss.sys
      AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 ngvss.sys
      AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 ngvss.sys
      AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys

      ---- Registry - GMER 2.1 ----

      Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ec55f9d40a9e
      Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ec55f9d40a9e (not active ControlSet)
      Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active
      Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\[email protected] 441

      ---- EOF - GMER 2.1 ----

      Comment


      • #4
        Niet zo heel gek dat je pc raar doet.

        Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
        Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
        (hier en hier) kan je lezen hoe je dat doet.

        en download Zoek.exe naar het bureaublad.
        klik hier voor meer informatie over hoe zoek.exe te gebruiken)
        • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
        • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
        • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
        • Kopieer nu onderstaande code en plak die in het grote invulvenster:
        • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
          Code:
          emptyfolderscheck;delete
          firefoxlook; 
          Chromelook; 
          autoclean; 
          iedefaults;
        • Klik nu op de knop "Run script".
        • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
        • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
        • Post het geopende logje in het volgende bericht als bijlage.

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          vlot verlopen, ongeveer 15' dus ik veronderstel dat het best meevalt, of is het echt erg gesteld met m'n laptop?


          Zoek.exe v5.0.0.1 Updated 31-December-2015
          Tool run by Steven on wo 02/03/2016 at 14:31:44,55.
          Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
          Running in: Normal Mode Internet Access Detected
          Launched: C:\Users\steven\Downloads\zoek.exe [Scan all users] [Script inserted]

          ==== System Restore Info ======================

          2/03/2016 14:33:42 Zoek.exe System Restore Point Created Successfully.

          ==== Empty Folders Check ======================

          C:\Program Files\Common Files\McAfee deleted successfully
          C:\PROGRA~2\Oracle deleted successfully
          C:\Users\Nadine\AppData\Local\VirtualStore deleted successfully
          C:\Users\SETUP\AppData\Local\EgisTec deleted successfully
          C:\Users\SETUP\AppData\Local\VirtualStore deleted successfully
          C:\Users\steven\AppData\Local\EmieBrowserModeList deleted successfully
          C:\Users\steven\AppData\Local\EmieSiteList deleted successfully
          C:\Users\steven\AppData\Local\EmieUserList deleted successfully
          C:\Users\steven\AppData\Local\Logitech-LS deleted successfully

          ==== Deleting CLSID Registry Keys ======================

          HKEY_USERS\S-1-5-21-1138451155-3206360325-2793735367-1143\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully
          HKEY_USERS\S-1-5-21-1138451155-3206360325-2793735367-1143\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully

          ==== Deleting CLSID Registry Values ======================


          ==== Deleting Services ======================

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EgisTec Ticket Service deleted successfully
          HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\EgisTec Ticket Service deleted successfully

          ==== Deleting Files \ Folders ======================

          C:\Program Files\Common Files\DVDVideoSoft\bin deleted
          C:\PROGRA~2\InstallMate deleted
          C:\PROGRA~2\{429CAD59-35B1-4DBC-BB6D-1DB246563521} deleted
          C:\PROGRA~2\Package Cache deleted
          C:\Windows\wininit.ini deleted
          C:\Windows\system32\GroupPolicy\Machine deleted
          C:\Windows\system32\GroupPolicy\User deleted
          C:\Windows\system32\GroupPolicy\gpt.ini deleted
          "C:\Program Files\software" deleted

          ==== Orphaned Tasks deleted from Registry ======================

          avast Emergency Update deleted

          ==== Firefox Extensions Registry ======================

          [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
          "[email protected]"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10/12/2015 14:20]

          ==== Firefox Extensions ======================

          ProfilePath: C:\Users\steven\AppData\Roaming\Mozilla\Firefox\Profiles\oyjq6idb.default-1452925057410
          - YouTube Video and Audio Downloader - %ProfilePath%\extensions\[email protected]
          - Undetermined - %ProfilePath%\extensions\[email protected]
          - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

          AppDir: C:\Program Files\Mozilla Firefox
          - Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
          - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

          ==== Firefox Plugins ======================

          Profilepath: C:\Users\steven\AppData\Roaming\Mozilla\Firefox\Profiles\oyjq6idb.default-1452925057410
          DE268F7665C44D2F35C82FB40E0F24E5 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.8
          3A88A94AF4E545482A5961AD57464883 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.8
          8BC3C037F3090BC9DA2C43A085CBE23F - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.8
          40688F92FAA4228212A48522AC3468E1 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.8
          38955C4736DF9B50FE355818A27C6967 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.8
          AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
          AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
          52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
          AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update
          AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
          1B743D5B6FD001660FAB17DD7C347A38 - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In
          87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
          BBF0479C2D30519A2E746D12CAE54B43 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U71
          1ED046D972B98E0ADEC4D4D61BF37695 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.710.14
          5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
          2F9659F4DA0042875FC33AF930925DAE - C:\Program Files\DivX\DivX Web Player\npdivx32.dll - DivX Plus Web Player
          79039398587F475ADA606D1A3B740A63 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in
          5DF56521E8985BFD8F21A3D97A4D4574 - C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll - Shockwave Flash
          4F3F6B17B4A5BDB68B3CB0367A2C214E - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight


          ==== Chromium Look ======================

          HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
          gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[01/07/2015 15:54]
          jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found
          lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14/05/2013 12:27]

          ==== Set IE to Default ======================

          Old Values:
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
          "Start Page"="https://www.google.be/"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
          "Tabs"="res://ieframe.dll/tabswelcome.htm"

          New Values:
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
          "Start Page"="https://www.google.be/"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
          "Tabs"="about:newtab"

          ==== All HKLM and HKCU SearchScopes ======================

          HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
          HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
          HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7
          HKCU\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
          HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
          HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
          HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - https://www.google.com/search?q={searchTerms}

          ==== Deleting CLSID Registry Keys ======================


          ==== Deleting CLSID Registry Values ======================

          HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{D19CA586-DD6C-4a0a-96F8-14644F340D60} deleted successfully

          ==== Deleting Registry Keys ======================

          HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{35BC13F6-6714-37D3-D790-0163AA55F844} deleted successfully
          HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{398DB124-6979-E130-69DC-0F8CB334589E} deleted successfully
          HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9085F7C8-44D7-B293-9788-A1FB5D9FF868} deleted successfully
          HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B7EBDB1F-B291-1CF6-AB6D-0F0FA7575BED} deleted successfully
          HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D638D8C0-BC83-F678-C36E-08E5A03E8DB0} deleted successfully
          HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
          HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader deleted successfully
          HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe deleted successfully

          ==== Empty IE Cache ======================

          C:\Users\Nadine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Nadine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
          C:\Users\SETUP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\SETUP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
          C:\Users\steven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\steven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
          C:\Users\steven\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

          ==== Empty FireFox Cache ======================

          C:\Users\SETUP\AppData\Local\Mozilla\Firefox\Profiles\8hhyamzz.default\Cache will be emptied at reboot
          C:\Users\steven\AppData\Local\Mozilla\Firefox\Profiles\oyjq6idb.default-1452925057410\cache2 emptied successfully

          ==== Empty Chrome Cache ======================

          No Chrome User Data found

          ==== Empty All Flash Cache ======================

          Flash Cache is not empty, a reboot is needed

          ==== Empty All Java Cache ======================

          Java Cache cleared successfully

          ==== C:\zoek_backup content ======================

          C:\zoek_backup (files=3653 folders=371 591988009 bytes)

          ==== Empty Temp Folders ======================

          C:\Users\Default\AppData\Local\Temp emptied successfully
          C:\Users\Default User\AppData\Local\Temp emptied successfully
          C:\Users\Nadine\AppData\Local\Temp emptied successfully
          C:\Users\SETUP\AppData\Local\Temp emptied successfully
          C:\Users\steven\AppData\Local\Temp will be emptied at reboot
          C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
          C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
          C:\Windows\Temp will be emptied at reboot

          ==== After Reboot ======================

          ==== Empty Temp Folders ======================

          C:\Windows\Temp successfully emptied
          C:\Users\steven\AppData\Local\Temp successfully emptied

          ==== Empty Recycle Bin ======================

          C:\$RECYCLE.BIN successfully emptied

          ==== Deleting Files / Folders ======================

          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\admin.brightcove.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\canstatic.cbs.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\cdn.trylive.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\cdn1.static.youporn.phncdn.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\cdnapi.kaltura.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\cdnbakmi.kaltura.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\cdns.gigya.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\d38zt8ehae1tnt.cloudfront.net" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\emp.bbci.co.uk" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\fbstatic-a.akamaihd.net" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\files.muzu.tv" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\g-ecx.images-amazon.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\pdk.theplatform.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\pics.pornburst.xxx" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\player.canalplus.fr" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\ss.phncdn.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\static.issuu.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\static1.syndication.vmma.be" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\static1.vtm.vmmacdn.be" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\streekvertelsels.be" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\webcdn.earthtv.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.cinenews.be" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.colruyt.be" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.katestube.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.mim.be" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.nuvid.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.oprah.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.pornoid.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.reggaecollector.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.rfi.fr" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.springboardplatform.com" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\www.whitecat.be" not found
          "C:\Users\steven\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BKDN7PYC\z.cdn.turner.com" not found

          ==== EOF on wo 02/03/2016 at 14:58:57,25 ======================

          Comment


          • #6
            enige verbetering merkbaar?

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              nou, ik weet het nog niet. cursor springt soms nog en deze middag gebeurde opnieuw iets raar: ik kopieerde een titel en toen ik die in een ander venster plakte werd niet de titel geplakt maar de ganse log van zoek.exe, dus uren en vele copy/pastes later werd opeens de log gepaste.

              ook bij de reboot na zoek.exe was de windows welkomst-tune vervormd, dat was ook raar

              in ieder geval bedankt voor de hulp.

              Comment


              • #8
                Er is ook flink geruimd.

                Laat Malwarebytes nog eens een scan doen aub.

                Windows 10 opstarten in Veilige Modus

                Comment


                • #9
                  ik moet zeggen dat het spijtig genoeg nauwelijks verbeterd is.

                  ik zit nog met 2 heel vervelende dingen die in de loop van vorig jaar opgedoken zijn:
                  -om de paar seconden schokt het beeld tijdens afspelen van youtube videos , ook in HD
                  - mails beanwtoorden met yahoo lukt niet meer https://answers.yahoo.com/question/i...AAGVf23&page=1

                  oplossing???

                  Comment


                  • #10
                    Download MiniToolBox en plaats deze tool op je bureaublad.

                    Let op: Sluit nu eerst alle openstaande programma's en browsers!
                    Start MiniToolBox
                    - Rechtsklik op "MiniToolBox.exe" en klik op "Als Administrator uitvoeren".
                    Bevestig de opstartmelding "Are you sure you want to continue?" met Ja.

                    Vink de volgende onderdelen aan:
                    • Flush DNS
                    • Report IE Proxy Settings
                    • Reset IE Proxy Settings
                    • Report FF Proxy Settings
                    • Reset FF Proxy Settings
                    • List content of Hosts
                    • List IP configuration
                    • List Winsock Entries
                    • List last 10 Event Viewer Errors
                    • List Installed Programs
                    • List Devices (Only Problems)
                    • List Users, Partitions and Memory size
                    • List Minidump Files
                    • List Restore Points


                    Klik op de knop "Go".
                    Na het scannen zal een logje verschijnen op je bureaublad, "MTB.txt".
                    Post het logbestand als bijlage in je volgend bericht.

                    Windows 10 opstarten in Veilige Modus

                    Comment


                    • #11
                      MiniToolBox by Farbar Version: 07-02-2016 01
                      Ran by Steven (administrator) on 30-03-2016 at 19:14:02
                      Running from "C:\Users\steven\Downloads"
                      Microsoft Windows 7 Professional Service Pack 1 (X86)
                      Model: TravelMate 8572T Manufacturer: Acer
                      Boot Mode: Normal
                      ***************************************************************************

                      ========================= Flush DNS: ===================================

                      Windows IP Configuration

                      Successfully flushed the DNS Resolver Cache.

                      ========================= IE Proxy Settings: ==============================

                      Proxy is not enabled.
                      No Proxy Server is set.

                      "Reset IE Proxy Settings": IE Proxy Settings were reset.

                      ========================= FF Proxy Settings: ==============================


                      "Reset FF Proxy Settings": Firefox Proxy settings were reset.

                      ========================= Hosts content: =================================
                      ========================= IP Configuration: ================================

                      Intel(R) Centrino(R) Advanced-N 6200 AGN = Wireless Network Connection (Connected)
                      Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Media disconnected)
                      Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


                      # ----------------------------------
                      # IPv4 Configuration
                      # ----------------------------------
                      pushd interface ipv4

                      reset
                      set global icmpredirects=enabled
                      set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
                      set interface interface="Bluetooth Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
                      set subinterface interface=? subinterface=ethernet_13 mtu=1477


                      popd
                      # End of IPv4 configuration



                      Windows IP Configuration

                      Host Name . . . . . . . . . . . . : BAUNAT-008
                      Primary Dns Suffix . . . . . . . : baunat.lan
                      Node Type . . . . . . . . . . . . : Broadcast
                      IP Routing Enabled. . . . . . . . : No
                      WINS Proxy Enabled. . . . . . . . : No
                      DNS Suffix Search List. . . . . . : baunat.lan
                      telenet.be

                      Wireless LAN adapter Wireless Network Connection 2:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
                      Physical Address. . . . . . . . . : 18-3D-A2-0E-1D-01
                      DHCP Enabled. . . . . . . . . . . : Yes
                      Autoconfiguration Enabled . . . . : Yes

                      Wireless LAN adapter Wireless Network Connection:

                      Connection-specific DNS Suffix . : home
                      Description . . . . . . . . . . . : Intel(R) Centrino(R) Advanced-N 6200 AGN
                      Physical Address. . . . . . . . . : 18-3D-A2-0E-1D-00
                      DHCP Enabled. . . . . . . . . . . : Yes
                      Autoconfiguration Enabled . . . . : Yes
                      Link-local IPv6 Address . . . . . : fe80::5dbe:b79:db39:d47c%12(Preferred)
                      IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
                      Subnet Mask . . . . . . . . . . . : 255.255.255.0
                      Lease Obtained. . . . . . . . . . : woensdag 30 maart 2016 14:25:57
                      Lease Expires . . . . . . . . . . : donderdag 31 maart 2016 19:14:18
                      Default Gateway . . . . . . . . . : 192.168.1.1
                      DHCP Server . . . . . . . . . . . : 192.168.1.1
                      DHCPv6 IAID . . . . . . . . . . . : 421019042
                      DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-39-BE-E2-60-EB-69-FF-C6-57
                      DNS Servers . . . . . . . . . . . : 2a02:1800:100::42:1
                      2a02:1800:100::42:2
                      192.168.1.1
                      NetBIOS over Tcpip. . . . . . . . : Enabled
                      Connection-specific DNS Suffix Search List :
                      telenet.be

                      Ethernet adapter Local Area Connection:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
                      Physical Address. . . . . . . . . : 60-EB-69-FF-C6-57
                      DHCP Enabled. . . . . . . . . . . : Yes
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter Local Area Connection* 12:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter 6TO4 Adapter:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Microsoft 6to4 Adapter
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter Reusable Microsoft 6To4 Adapter:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter Local Area Connection* 11:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter Local Area Connection* 18:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter Teredo Tunneling Pseudo-Interface:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter Local Area Connection* 19:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Microsoft 6to4 Adapter #6
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter Local Area Connection* 22:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Microsoft 6to4 Adapter #9
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter Local Area Connection* 21:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Microsoft 6to4 Adapter #8
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter Local Area Connection* 20:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . :
                      Description . . . . . . . . . . . : Microsoft 6to4 Adapter #7
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes

                      Tunnel adapter isatap.home:

                      Media State . . . . . . . . . . . : Media disconnected
                      Connection-specific DNS Suffix . : home
                      Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
                      Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                      DHCP Enabled. . . . . . . . . . . : No
                      Autoconfiguration Enabled . . . . : Yes
                      Server: UnKnown
                      Address: 2a02:1800:100::42:1


                      Pinging google.com [216.58.211.78] with 32 bytes of data:
                      Reply from 216.58.211.78: bytes=32 time=21ms TTL=53
                      Reply from 216.58.211.78: bytes=32 time=19ms TTL=53

                      Ping statistics for 216.58.211.78:
                      Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
                      Approximate round trip times in milli-seconds:
                      Minimum = 19ms, Maximum = 21ms, Average = 20ms
                      Server: UnKnown
                      Address: 2a02:1800:100::42:1


                      Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
                      Reply from 98.139.183.24: bytes=32 time=122ms TTL=48
                      Reply from 98.139.183.24: bytes=32 time=102ms TTL=48

                      Ping statistics for 98.139.183.24:
                      Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
                      Approximate round trip times in milli-seconds:
                      Minimum = 102ms, Maximum = 122ms, Average = 112ms

                      Pinging 127.0.0.1 with 32 bytes of data:
                      Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
                      Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

                      Ping statistics for 127.0.0.1:
                      Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
                      Approximate round trip times in milli-seconds:
                      Minimum = 0ms, Maximum = 0ms, Average = 0ms
                      ===========================================================================
                      Interface List
                      26...18 3d a2 0e 1d 01 ......Microsoft Virtual WiFi Miniport Adapter
                      12...18 3d a2 0e 1d 00 ......Intel(R) Centrino(R) Advanced-N 6200 AGN
                      10...60 eb 69 ff c6 57 ......Broadcom NetXtreme Gigabit Ethernet
                      1...........................Software Loopback Interface 1
                      17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
                      11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
                      15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
                      16...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
                      18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #5
                      25...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
                      19...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #6
                      22...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #9
                      21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #8
                      20...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #7
                      28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
                      ===========================================================================

                      IPv4 Route Table
                      ===========================================================================
                      Active Routes:
                      Network Destination Netmask Gateway Interface Metric
                      0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10 25
                      127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
                      127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
                      127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
                      192.168.1.0 255.255.255.0 On-link 192.168.1.10 281
                      192.168.1.10 255.255.255.255 On-link 192.168.1.10 281
                      192.168.1.255 255.255.255.255 On-link 192.168.1.10 281
                      224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
                      224.0.0.0 240.0.0.0 On-link 192.168.1.10 281
                      255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
                      255.255.255.255 255.255.255.255 On-link 192.168.1.10 281
                      ===========================================================================
                      Persistent Routes:
                      None

                      IPv6 Route Table
                      ===========================================================================
                      Active Routes:
                      If Metric Network Destination Gateway
                      1 306 ::1/128 On-link
                      12 281 fe80::/64 On-link
                      12 281 fe80::5dbe:b79:db39:d47c/128
                      On-link
                      1 306 ff00::/8 On-link
                      12 281 ff00::/8 On-link
                      ===========================================================================
                      Persistent Routes:
                      None
                      ========================= Winsock entries =====================================

                      Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
                      Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
                      Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
                      Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
                      Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
                      Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
                      Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
                      Catalog5 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog5 09 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
                      Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
                      Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 35 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 36 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 37 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 38 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 39 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 40 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 41 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 42 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 43 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 44 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 45 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 46 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 47 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 48 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 49 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 50 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 51 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 52 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 53 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 54 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
                      Catalog9 55 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

                      ========================= Event log errors: ===============================

                      Application errors:
                      ==================
                      Error: (03/29/2016 03:28:06 AM) (Source: Bonjour Service) (User: )
                      Description: Task Scheduling Error: m->NextScheduledSPRetry 2121

                      Error: (03/29/2016 03:28:06 AM) (Source: Bonjour Service) (User: )
                      Description: Task Scheduling Error: m->NextScheduledEvent 2121

                      Error: (03/29/2016 03:28:06 AM) (Source: Bonjour Service) (User: )
                      Description: Task Scheduling Error: Continuously busy for more than a second

                      Error: (03/29/2016 03:28:05 AM) (Source: Bonjour Service) (User: )
                      Description: Task Scheduling Error: m->NextScheduledSPRetry 1107

                      Error: (03/29/2016 03:28:05 AM) (Source: Bonjour Service) (User: )
                      Description: Task Scheduling Error: m->NextScheduledEvent 1107

                      Error: (03/29/2016 03:28:05 AM) (Source: Bonjour Service) (User: )
                      Description: Task Scheduling Error: Continuously busy for more than a second

                      Error: (03/26/2016 10:59:43 PM) (Source: Bonjour Service) (User: )
                      Description: Task Scheduling Error: m->NextScheduledSPRetry 4087

                      Error: (03/26/2016 10:59:43 PM) (Source: Bonjour Service) (User: )
                      Description: Task Scheduling Error: m->NextScheduledEvent 4087

                      Error: (03/26/2016 10:59:43 PM) (Source: Bonjour Service) (User: )
                      Description: Task Scheduling Error: Continuously busy for more than a second

                      Error: (03/26/2016 10:59:42 PM) (Source: Bonjour Service) (User: )
                      Description: Task Scheduling Error: m->NextScheduledSPRetry 3073


                      System errors:
                      =============
                      Error: (03/30/2016 06:27:07 PM) (Source: NETLOGON) (User: )
                      Description: This computer was not able to set up a secure session with a domain
                      controller in domain BAUNAT due to the following:
                      %%1311

                      This may lead to authentication problems. Make sure that this
                      computer is connected to the network. If the problem persists,
                      please contact your domain administrator.



                      ADDITIONAL INFO

                      If this computer is a domain controller for the specified domain, it
                      sets up the secure session to the primary domain controller emulator in the specified
                      domain. Otherwise, this computer sets up the secure session to any domain controller
                      in the specified domain.

                      Error: (03/30/2016 02:39:25 PM) (Source: Microsoft-Windows-GroupPolicy) (User: BAUNAT)
                      Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

                      Error: (03/30/2016 02:26:10 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
                      Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

                      Error: (03/30/2016 02:25:56 PM) (Source: NETLOGON) (User: )
                      Description: This computer was not able to set up a secure session with a domain
                      controller in domain BAUNAT due to the following:
                      %%1311

                      This may lead to authentication problems. Make sure that this
                      computer is connected to the network. If the problem persists,
                      please contact your domain administrator.



                      ADDITIONAL INFO

                      If this computer is a domain controller for the specified domain, it
                      sets up the secure session to the primary domain controller emulator in the specified
                      domain. Otherwise, this computer sets up the secure session to any domain controller
                      in the specified domain.

                      Error: (03/30/2016 01:17:36 PM) (Source: NETLOGON) (User: )
                      Description: This computer was not able to set up a secure session with a domain
                      controller in domain BAUNAT due to the following:
                      %%1311

                      This may lead to authentication problems. Make sure that this
                      computer is connected to the network. If the problem persists,
                      please contact your domain administrator.



                      ADDITIONAL INFO

                      If this computer is a domain controller for the specified domain, it
                      sets up the secure session to the primary domain controller emulator in the specified
                      domain. Otherwise, this computer sets up the secure session to any domain controller
                      in the specified domain.

                      Error: (03/30/2016 02:03:32 AM) (Source: NETLOGON) (User: )
                      Description: This computer was not able to set up a secure session with a domain
                      controller in domain BAUNAT due to the following:
                      %%1311

                      This may lead to authentication problems. Make sure that this
                      computer is connected to the network. If the problem persists,
                      please contact your domain administrator.



                      ADDITIONAL INFO

                      If this computer is a domain controller for the specified domain, it
                      sets up the secure session to the primary domain controller emulator in the specified
                      domain. Otherwise, this computer sets up the secure session to any domain controller
                      in the specified domain.

                      Error: (03/29/2016 10:00:40 PM) (Source: NETLOGON) (User: )
                      Description: This computer was not able to set up a secure session with a domain
                      controller in domain BAUNAT due to the following:
                      %%1311

                      This may lead to authentication problems. Make sure that this
                      computer is connected to the network. If the problem persists,
                      please contact your domain administrator.



                      ADDITIONAL INFO

                      If this computer is a domain controller for the specified domain, it
                      sets up the secure session to the primary domain controller emulator in the specified
                      domain. Otherwise, this computer sets up the secure session to any domain controller
                      in the specified domain.

                      Error: (03/29/2016 08:29:50 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
                      Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

                      Error: (03/29/2016 08:29:45 PM) (Source: Microsoft-Windows-GroupPolicy) (User: BAUNAT)
                      Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

                      Error: (03/29/2016 05:46:47 PM) (Source: NETLOGON) (User: )
                      Description: This computer was not able to set up a secure session with a domain
                      controller in domain BAUNAT due to the following:
                      %%1311

                      This may lead to authentication problems. Make sure that this
                      computer is connected to the network. If the problem persists,
                      please contact your domain administrator.



                      ADDITIONAL INFO

                      If this computer is a domain controller for the specified domain, it
                      sets up the secure session to the primary domain controller emulator in the specified
                      domain. Otherwise, this computer sets up the secure session to any domain controller
                      in the specified domain.


                      Microsoft Office Sessions:
                      =========================
                      Error: (03/29/2016 03:28:06 AM) (Source: Bonjour Service)(User: )
                      Description: Task Scheduling Error: m->NextScheduledSPRetry 2121

                      Error: (03/29/2016 03:28:06 AM) (Source: Bonjour Service)(User: )
                      Description: Task Scheduling Error: m->NextScheduledEvent 2121

                      Error: (03/29/2016 03:28:06 AM) (Source: Bonjour Service)(User: )
                      Description: Task Scheduling Error: Continuously busy for more than a second

                      Error: (03/29/2016 03:28:05 AM) (Source: Bonjour Service)(User: )
                      Description: Task Scheduling Error: m->NextScheduledSPRetry 1107

                      Error: (03/29/2016 03:28:05 AM) (Source: Bonjour Service)(User: )
                      Description: Task Scheduling Error: m->NextScheduledEvent 1107

                      Error: (03/29/2016 03:28:05 AM) (Source: Bonjour Service)(User: )
                      Description: Task Scheduling Error: Continuously busy for more than a second

                      Error: (03/26/2016 10:59:43 PM) (Source: Bonjour Service)(User: )
                      Description: Task Scheduling Error: m->NextScheduledSPRetry 4087

                      Error: (03/26/2016 10:59:43 PM) (Source: Bonjour Service)(User: )
                      Description: Task Scheduling Error: m->NextScheduledEvent 4087

                      Error: (03/26/2016 10:59:43 PM) (Source: Bonjour Service)(User: )
                      Description: Task Scheduling Error: Continuously busy for more than a second

                      Error: (03/26/2016 10:59:42 PM) (Source: Bonjour Service)(User: )
                      Description: Task Scheduling Error: m->NextScheduledSPRetry 3073


                      CodeIntegrity Errors:
                      ===================================
                      Date: 2015-08-11 09:56:40.329
                      Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

                      Date: 2015-08-11 09:56:40.317
                      Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

                      Date: 2015-08-11 09:56:40.303
                      Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

                      Date: 2015-08-11 09:56:40.287
                      Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

                      Date: 2015-08-11 09:56:40.180
                      Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

                      Date: 2015-08-11 09:56:40.170
                      Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

                      Date: 2015-08-11 09:56:40.159
                      Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

                      Date: 2015-08-11 09:56:40.148
                      Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

                      Date: 2014-04-02 10:30:48.096
                      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\Managed VirusScan\Agent\TPSTool.exe because the set of per-page image hashes could not be found on the system.

                      Date: 2014-04-02 10:30:47.961
                      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\Managed VirusScan\Agent\TPSTool.exe because the set of per-page image hashes could not be found on the system.


                      =========================== Installed Programs ============================

                      Adobe Acrobat Reader DC - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
                      Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
                      Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824166751}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
                      Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
                      Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software)
                      Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
                      CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.70.5.2014 - Georgy Berdyshev)
                      DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
                      f.lux (HKCU\...\Flux) (Version: - )
                      Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
                      Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
                      iCloud (HKLM\...\{9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}) (Version: 4.1.1.53 - Apple Inc.)
                      Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
                      LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
                      Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.30.04 - Logitech, Inc.)
                      Logitech QuickCam Software (HKLM\...\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}) (Version: 8.47.0000 - Logitech, Inc.)
                      Malwarebytes Anti-Malware versie 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
                      Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
                      Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
                      Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
                      Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
                      Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
                      Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
                      Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
                      Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
                      Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
                      Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
                      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
                      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
                      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
                      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
                      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
                      Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
                      Mozilla Firefox 45.0.1 (x86 nl) (HKLM\...\Mozilla Firefox 45.0.1 (x86 nl)) (Version: 45.0.1 - Mozilla)
                      MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: - )
                      Nero Prerequisite Installer 3.0 (HKLM\...\{E9ED7BE7-B6E6-46FA-AE9E-81E9FD1E0152}) (Version: 15.0.00400 - Nero AG)
                      Popcorn Time (HKCU\...\Popcorn Time) (Version: - Popcorn Official)
                      Prerequisite installer (HKLM\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0007 - Nero AG) Hidden
                      QuickTime 7 (HKLM\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
                      Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
                      Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
                      Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
                      VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
                      VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
                      WinAVI All in One Converter (HKLM\...\WinAVI All in One Converter) (Version: 1.2.1.3952 - ZJMedia Digital Technology Ltd.)
                      Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

                      ========================= Devices: ================================

                      Name: HP LaserJet P2015 Series
                      Description: HP LaserJet P2015 Series
                      Class Guid:
                      Manufacturer:
                      Service:
                      Device ID: ROOT\MULTIFUNCTION\0000
                      Problem: : The drivers for this device are not installed. (Code 28)
                      Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

                      Name: HP LaserJet P2015 Series
                      Description: HP LaserJet P2015 Series
                      Class Guid:
                      Manufacturer:
                      Service:
                      Device ID: ROOT\MULTIFUNCTION\0003
                      Problem: : The drivers for this device are not installed. (Code 28)
                      Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

                      Name: HP LaserJet P2015 Series
                      Description: HP LaserJet P2015 Series
                      Class Guid:
                      Manufacturer:
                      Service:
                      Device ID: ROOT\MULTIFUNCTION\0004
                      Problem: : The drivers for this device are not installed. (Code 28)
                      Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

                      Name: MpKsl5ca3071d
                      Description: MpKsl5ca3071d
                      Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
                      Manufacturer:
                      Service: MpKsl5ca3071d
                      Device ID: ROOT\LEGACY_MPKSL5CA3071D\0000
                      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
                      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
                      Devices stay in this state if they have been prepared for removal.
                      After you remove the device, this error disappears.Remove the device, and this error should be resolved.

                      Name: MpKsl6c80bca7
                      Description: MpKsl6c80bca7
                      Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
                      Manufacturer:
                      Service: MpKsl6c80bca7
                      Device ID: ROOT\LEGACY_MPKSL6C80BCA7\0000
                      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
                      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
                      Devices stay in this state if they have been prepared for removal.
                      After you remove the device, this error disappears.Remove the device, and this error should be resolved.

                      Name: MpKsl80b39422
                      Description: MpKsl80b39422
                      Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
                      Manufacturer:
                      Service: MpKsl80b39422
                      Device ID: ROOT\LEGACY_MPKSL80B39422\0000
                      Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
                      Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
                      Devices stay in this state if they have been prepared for removal.
                      After you remove the device, this error disappears.Remove the device, and this error should be resolved.


                      ========================= Memory info: ===================================

                      Percentage of memory in use: 40%
                      Total physical RAM: 2868.48 MB
                      Available physical RAM: 1706.62 MB
                      Total Virtual: 5735.29 MB
                      Available Virtual: 4382.81 MB

                      ========================= Partitions: =====================================

                      1 Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:170.98 GB) NTFS

                      ========================= Users: ========================================

                      User accounts for \\BAUNAT-008

                      Administrator Guest SETUP

                      ========================= Minidump Files ==================================

                      No minidump file found

                      ========================= Restore Points ==================================

                      15-03-2016 09:29:40 Windows Update
                      19-03-2016 12:18:25 Windows Update
                      24-03-2016 11:41:58 Windows Update
                      25-03-2016 11:06:27 Windows Update
                      29-03-2016 12:30:56 Windows Update

                      **** End of log ****

                      Comment


                      • #12
                        Errors with bonjour service? Geen idee of ik zelf geinstalleerd heb of al aanwezig was en waarvoor ik dit gebruik.

                        Comment


                        • #13
                          Download ComboFix van één van deze locaties:

                          Link 1
                          Link 2


                          * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.

                          >>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.






                          1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

                          * (hier of hier

                          2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
                          3. Dubbelklik op "Combofix.exe" om de tool te starten.
                          4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

                          * Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

                          5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

                          Windows 10 opstarten in Veilige Modus

                          Comment


                          • #14
                            ComboFix 16-03-28.01 - Steven 31/03/2016 18:38:07.1.4 - x86
                            Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1033.18.2868.1759 [GMT 2:00]
                            Gestart vanuit: c:\users\steven\Downloads\ComboFix.exe
                            AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
                            SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
                            SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                            * Nieuw herstelpunt werd aangemaakt
                            .
                            .
                            (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            .
                            c:\users\SETUP\AppData\Roaming\Skype
                            c:\users\SETUP\AppData\Roaming\Skype\shared.lck
                            c:\users\SETUP\AppData\Roaming\Skype\shared.xml
                            c:\windows\unin0413.exe
                            .
                            .
                            (((((((((((((((((((( Bestanden Gemaakt van 2016-02-28 to 2016-03-31 ))))))))))))))))))))))))))))))
                            .
                            .
                            2016-03-31 16:45 . 2016-03-31 16:45 -------- d-----w- c:\users\SETUP\AppData\Local\temp
                            2016-03-31 16:45 . 2016-03-31 16:45 -------- d-----w- c:\users\Nadine\AppData\Local\temp
                            2016-03-31 12:43 . 2016-03-31 12:43 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A76B577C-5FE9-4AA1-8C19-5649BA2280E3}\offreg.2952.dll
                            2016-03-30 01:32 . 2016-03-30 01:32 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A76B577C-5FE9-4AA1-8C19-5649BA2280E3}\offreg.3988.dll
                            2016-03-29 12:31 . 2016-03-17 01:50 9302992 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A76B577C-5FE9-4AA1-8C19-5649BA2280E3}\mpengine.dll
                            2016-03-10 04:39 . 2016-03-10 04:39 -------- d-----w- c:\windows\system32\config\systemprofile\.oracle_jre_usage
                            2016-03-09 13:30 . 2016-02-19 18:50 34240 ----a-w- c:\windows\system32\CompatTelRunner.exe
                            2016-03-08 12:41 . 2016-03-08 12:41 -------- d-----w- c:\users\steven\.oracle_jre_usage
                            2016-03-08 12:40 . 2016-03-08 12:43 -------- d-----w- c:\programdata\Oracle
                            2016-03-02 13:59 . 2016-03-02 13:59 -------- d-----w- c:\users\steven\AppData\Local\Logitech-LS
                            2016-03-02 13:53 . 2016-03-02 13:31 24064 ----a-w- c:\windows\zoek-delete.exe
                            2016-03-02 13:53 . 2016-03-31 16:51 -------- d-----w- c:\users\steven\AppData\Local\Temp
                            .
                            .
                            .
                            ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            2016-03-12 08:02 . 2012-08-17 08:39 797376 ----a-w- c:\windows\system32\FlashPlayerApp.exe
                            2016-03-12 08:02 . 2011-06-22 18:12 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
                            2016-03-08 12:40 . 2014-10-25 21:26 95840 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
                            2016-03-04 09:40 . 2014-04-25 17:55 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                            2016-01-22 06:06 . 2016-02-10 10:30 169984 ----a-w- c:\windows\system32\winsrv.dll
                            2016-01-22 06:04 . 2016-02-10 10:30 642048 ----a-w- c:\windows\system32\CPFilters.dll
                            2016-01-22 06:04 . 2016-02-10 10:30 535040 ----a-w- c:\windows\system32\EncDec.dll
                            2016-01-22 06:02 . 2016-02-10 10:30 114176 ----a-w- c:\windows\system32\mtxoci.dll
                            2016-01-22 06:02 . 2016-02-10 10:30 176128 ----a-w- c:\windows\system32\msorcl32.dll
                            2016-01-22 06:02 . 2016-02-10 10:30 293888 ----a-w- c:\windows\system32\KernelBase.dll
                            2016-01-22 06:00 . 2016-02-10 10:30 1498624 ----a-w- c:\windows\system32\ExplorerFrame.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 1805824 ----a-w- c:\windows\system32\authui.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
                            2016-01-22 05:59 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
                            2016-01-22 05:12 . 2016-02-10 10:30 2973184 ----a-w- c:\windows\explorer.exe
                            2016-01-22 05:01 . 2016-02-10 10:30 271360 ----a-w- c:\windows\system32\conhost.exe
                            2016-01-22 04:51 . 2016-02-10 10:30 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
                            2016-01-22 04:51 . 2016-02-10 10:30 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
                            2016-01-22 04:51 . 2016-02-10 10:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
                            2016-01-22 04:51 . 2016-02-10 10:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
                            2016-01-16 18:36 . 2016-02-12 08:39 1413632 ----a-w- c:\windows\system32\ole32.dll
                            2016-01-07 17:35 . 2016-02-10 10:30 116224 ----a-w- c:\windows\system32\drivers\mrxdav.sys
                            2016-01-06 18:41 . 2016-02-12 08:39 216064 ----a-w- c:\windows\system32\InkEd.dll
                            2016-01-06 17:56 . 2016-02-12 08:39 19968 ----a-w- c:\windows\system32\jnwmon.dll
                            2016-01-06 17:56 . 2016-02-12 08:39 22528 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
                            .
                            .
                            ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            .
                            *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                            REGEDIT4
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00 avast]
                            @="{472083B0-C522-11CF-8763-00608CC02F24}"
                            [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
                            2015-07-29 01:07 695096 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
                            .
                            [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                            "ApplePhotoStreams"="c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2015-04-26 43816]
                            "LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2015-10-10 36864]
                            "LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
                            "f.lux"="c:\users\steven\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                            "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
                            "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2010-03-04 496184]
                            "AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2010-06-10 233472]
                            "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
                            "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-08 136216]
                            "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-08 171032]
                            "Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-08 169496]
                            "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 715296]
                            "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-11-06 6111312]
                            "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
                            "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2015-08-06 421888]
                            "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
                            "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
                            "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
                            .
                            [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
                            "SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-12-17 280576]
                            .
                            c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
                            Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2011-3-4 704032]
                            Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe /start [2015-10-10 196608]
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                            "ConsentPromptBehaviorAdmin"= 5 (0x5)
                            "ConsentPromptBehaviorUser"= 3 (0x3)
                            "EnableUIADesktopToggle"= 0 (0x0)
                            "SoftwareSASGeneration"= 1 (0x1)
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
                            "NoWelcomeScreen"= 1 (0x1)
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
                            @=""
                            .
                            [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
                            path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
                            backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
                            backupExtension=.CommonStartup
                            .
                            [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
                            path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
                            backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
                            backupExtension=.CommonStartup
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
                            2014-07-31 10:15 43816 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemListener]
                            2010-07-02 18:34 98304 ----a-w- c:\program files\HSPA USB MODEM\ModemListener.exe
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ODDPwr]
                            2010-04-22 18:38 186912 ----a-w- c:\program files\Acer\Optical Drive Power Management\ODDPWR.exe
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
                            2015-08-06 09:43 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
                            .
                            R1 MpKsl5ca3071d;MpKsl5ca3071d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B1EEAD2B-F49E-45AF-B415-AC0A6E7BCC54}\MpKsl5ca3071d.sys [x]
                            R1 MpKsl6c80bca7;MpKsl6c80bca7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E5CE86B2-07B6-4968-BC97-5A72D8B1B229}\MpKsl6c80bca7.sys [x]
                            R1 MpKsl80b39422;MpKsl80b39422;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B4A29183-CB7B-443A-96CF-32BEDEF966BC}\MpKsl80b39422.sys [x]
                            R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
                            R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-12-11 315496]
                            R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-06-10 25600]
                            R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-25 294952]
                            R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-25 33320]
                            R3 DisplayLinkUsbIo;DisplayLinkUsbIo;c:\windows\system32\DRIVERS\DisplayLinkUsbIo_7.4.51572.0.sys [2013-10-08 38192]
                            R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_6.3.40660.0.sys [x]
                            R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
                            R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-02-08 102912]
                            R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys [2010-06-17 105344]
                            R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-10-05 51928]
                            R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
                            R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
                            R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
                            R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
                            R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
                            R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
                            R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-06-22 1343400]
                            S0 aswRvrt;avast! Revert; [x]
                            S0 aswVmm;avast! VM Monitor; [x]
                            S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [2013-10-07 15664]
                            S0 ngvss;ngvss; [x]
                            S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-11-06 794952]
                            S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-11-06 435464]
                            S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 64912]
                            S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-07-29 24016]
                            S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-07-29 76000]
                            S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-07-29 113592]
                            S2 DeviceManager;DeviceManager;c:\program files\Common Files\DeviceHelper\DeviceManager.exe [2010-06-17 40960]
                            S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
                            S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2013-10-07 7676720]
                            S2 dlbk_device;dlbk_device;c:\windows\system32\dlbkcoms.exe [2007-06-25 537840]
                            S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2010-08-10 321104]
                            S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 735776]
                            S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
                            S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
                            S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
                            S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 129568]
                            S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
                            S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
                            S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400]
                            S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
                            S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-29 220752]
                            S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-29 3218624]
                            S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [2013-10-07 337200]
                            S3 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [2011-09-15 30000]
                            S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480]
                            S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-10-05 23256]
                            S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-03-17 6758912]
                            .
                            .
                            --- Andere Services/Drivers In Geheugen ---
                            .
                            *NewlyCreated* - WS2IFSL
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
                            LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
                            HsfXAudioService REG_MULTI_SZ HsfXAudioService
                            HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
                            HPService REG_MULTI_SZ HPSLPSVC
                            hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
                            utcsvc REG_MULTI_SZ DiagTrack
                            .
                            Inhoud van de 'Gedeelde Taken' map
                            .
                            2016-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job
                            - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-17 08:02]
                            .
                            2016-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                            - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-09 22:44]
                            .
                            2016-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8afa4a887cc9.job
                            - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-09 22:44]
                            .
                            .
                            ------- Bijkomende Scan -------
                            .
                            uStart Page = https://www.google.be/
                            uInternet Settings,ProxyOverride = *.local
                            IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
                            IE: Free YouTube Download - c:\program files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
                            IE: Free YouTube to MP3 Converter - c:\program files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
                            IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
                            Trusted Zone: //about.htm/
                            Trusted Zone: //Exclude.htm/
                            Trusted Zone: //LanguageSelection.htm/
                            Trusted Zone: //Message.htm/
                            Trusted Zone: //MyAgttryCmd.htm/
                            Trusted Zone: //MyAgttryNag.htm/
                            Trusted Zone: //MyNotification.htm/
                            Trusted Zone: //NOCLessUpdate.htm/
                            Trusted Zone: //quarantine.htm/
                            Trusted Zone: //ScanNow.htm/
                            Trusted Zone: //strings.vbs/
                            Trusted Zone: //Template.htm/
                            Trusted Zone: //Update.htm/
                            Trusted Zone: //VirFound.htm/
                            Trusted Zone: mcafee.com\*
                            Trusted Zone: mcafeeasap.com\betavscan
                            Trusted Zone: mcafeeasap.com\vs
                            Trusted Zone: mcafeeasap.com\www
                            TCP: DhcpNameServer = 192.168.1.1
                            Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
                            FF - ProfilePath - c:\users\steven\AppData\Roaming\Mozilla\Firefox\Profiles\oyjq6idb.default-1452925057410\
                            .
                            - - - - ORPHANS VERWIJDERD - - - -
                            .
                            Toolbar-Locked - (no file)
                            HKCU-Run-VoipCheapCom - c:\program files\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe
                            AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
                            AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
                            .
                            .
                            .
                            --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
                            @Denied: (A) (Users)
                            @Denied: (A) (Everyone)
                            @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                            "BlindDial"=dword:00000000
                            .
                            [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                            @Denied: (Full) (Everyone)
                            .
                            --------------------- DLLs Geladen Onder Lopende Processen ---------------------
                            .
                            - - - - - - - > 'Explorer.exe'(5488)
                            c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
                            .
                            ------------------------ Andere Aktieve Processen ------------------------
                            .
                            c:\program files\DisplayLink Core Software\DisplayLinkUserAgent.exe
                            c:\program files\AVAST Software\Avast\AvastSvc.exe
                            c:\windows\system32\lexbces.exe
                            c:\windows\system32\LEXPPS.EXE
                            c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
                            c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                            c:\program files\Bonjour\mDNSResponder.exe
                            c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
                            c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
                            c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
                            c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                            c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                            c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                            c:\windows\system32\sppsvc.exe
                            c:\windows\system32\taskhost.exe
                            c:\program files\DisplayLink Core Software\DisplayLinkUI.exe
                            c:\windows\system32\conhost.exe
                            c:\windows\system32\igfxsrvc.exe
                            c:\windows\system32\igfxext.exe
                            c:\windows\system32\wbem\unsecapp.exe
                            c:\windows\system32\wbem\unsecapp.exe
                            c:\program files\Logitech\Video\FxSvr2.exe
                            c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
                            .
                            **************************************************************************
                            .
                            Voltooingstijd: 2016-03-31 18:53:06 - machine werd herstart
                            ComboFix-quarantined-files.txt 2016-03-31 16:53
                            .
                            Pre-Run: 182.755.938.304 bytes free
                            Post-Run: 183.368.798.208 bytes free
                            .
                            - - End Of File - - 73B96D839BA47CD5E791BC9B2698793D
                            A36C5E4F47E84449FF07ED3517B43A31

                            Comment


                            • #15
                              Vertel even hoe het nu gaat aub.

                              Windows 10 opstarten in Veilige Modus

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X