Mededeling

Collapse
No announcement yet.

nukkige pc

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • nukkige pc

    Ik heb last van traag inladende pagina's (vooral wanneer er veel afbeeldingen getoond worden zoals op nieuwsites) Soms springt een pagina op en neer zonder dat ik iets onderneem.
    De logjes post ik hierbij doch bij het lopen van GMER scan kreeg ik een melding dat er een fout was opgetreden en dat de pc opnieuw ging opstarten. Daarna scande ik opnieuw en deze maal zonder foutmelding.

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 14/01/2017
    Scantijd: 12:14
    Logboekbestand: mbam.txt
    Beheerder: Ja

    Versie: 2.2.1.1043
    Malware-database: v2017.01.14.02
    Rootkit-database: v2016.11.20.01
    Licentie: Gratis
    Malware-bescherming: Uitgeschakeld
    Bescherming tegen kwaadaardige websites: Uitgeschakeld
    Zelfbescherming: Uitgeschakeld

    Besturingssysteem: Windows 10
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Leo

    Scantype: Aangepaste scan
    Resultaat: Voltooid
    Objecten gescand: 654903
    Verstreken tijd: 5 u., 16 min, 56 sec

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Ingeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 0
    (Geen kwaadaardige items gedetecteerd)

    Modules: 0
    (Geen kwaadaardige items gedetecteerd)

    Registersleutels: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerwaarden: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerdata: 0
    (Geen kwaadaardige items gedetecteerd)

    Mappen: 0
    (Geen kwaadaardige items gedetecteerd)

    Bestanden: 0
    (Geen kwaadaardige items gedetecteerd)

    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)


    (end)

  • #2
    nukkige pc 2

    # AdwCleaner v6.042 - Logbestand aangemaakt 14/01/2017 op 17:40:12
    # Bijgewerkt op 06/01/2017 door Malwarebytes
    # Database : 2017-01-11.1 [Server]
    # Besturingssysteem : Windows 10 Home (X64)
    # Gebruikersnaam : Leo - DESKTOP-H2G7JK4
    # Gestart vanuit : C:\Users\Leo\Desktop\AdwCleaner.exe
    # Mode: Verwijderen
    # Ondersteuning : https://www.malwarebytes.com/support



    ***** [ Services ] *****



    ***** [ Mappen ] *****

    [-] Map verwijderd: C:\Users\Leo\AppData\Local\PackageAware


    ***** [ Bestanden ] *****



    ***** [ DLL ] *****



    ***** [ WMI ] *****



    ***** [ Snelkoppelingen ] *****



    ***** [ Geplande Taken ] *****



    ***** [ Register ] *****



    ***** [ Browsers ] *****



    *************************

    :: "Tracing" sleutels verwijderd
    :: Winsock instellingen gereset

    *************************

    C:\AdwCleaner\AdwCleaner[C0].txt - [855 bytes] - [14/01/2017 17:40:12]
    C:\AdwCleaner\AdwCleaner[S0].txt - [1311 bytes] - [14/01/2017 17:39:52]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1000 bytes] ##########

    Comment


    • #3
      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 11.0.14393.0
      Run by Leo at 17:49:06 on 2017-01-14
      Microsoft Windows 10 Home 10.0.14393.0.1252.32.1043.18.12245.9103 [GMT 1:00]
      .
      AV: Kaspersky Total Security *Enabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
      AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      SP: Kaspersky Total Security *Enabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      FW: Kaspersky Total Security *Enabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
      .
      ============== Running Processes ===============
      .
      C:\WINDOWS\system32\svchost.exe -k DcomLaunch
      C:\WINDOWS\system32\svchost.exe -k RPCSS
      C:\WINDOWS\system32\dwm.exe
      C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\WINDOWS\system32\svchost.exe -k netsvcs
      C:\WINDOWS\system32\atiesrxx.exe
      C:\WINDOWS\system32\svchost.exe -k LocalService
      C:\WINDOWS\System32\svchost.exe -k NetworkService
      C:\WINDOWS\system32\atieclxx.exe
      C:\Windows\System32\WUDFHost.exe
      C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
      C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
      C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
      C:\Program Files\HitmanPro\hmpsched.exe
      C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
      C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
      C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\WINDOWS\System32\spoolsv.exe
      C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
      C:\WINDOWS\System32\svchost.exe -k utcsvc
      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
      C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
      C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\ksm.exe
      C:\WINDOWS\system32\dashost.exe
      C:\Users\Leo\AppData\Roaming\PT\updater.exe
      C:\WINDOWS\system32\svchost.exe -k imgsvc
      C:\WINDOWS\system32\svchost.exe -k appmodel
      C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
      C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
      C:\Program Files\HitmanPro\HitmanPro.exe
      C:\WINDOWS\system32\sihost.exe
      C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
      C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
      C:\WINDOWS\system32\taskhostw.exe
      C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
      C:\Program Files\Tablet\Wacom\WacomHost.exe
      C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
      C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
      C:\Windows\System32\RuntimeBroker.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
      C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
      C:\WINDOWS\system32\SearchIndexer.exe
      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\smui.exe
      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
      svchost.exe
      C:\WINDOWS\system32\backgroundTaskHost.exe
      C:\WINDOWS\system32\SettingSyncHost.exe
      C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\kpm.exe
      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
      C:\WINDOWS\system32\RunDll32.exe
      C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
      C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
      C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
      C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
      C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
      C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
      C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
      C:\PROGRAM FILES (X86)\WESTERN DIGITAL\WD APP MANAGER\PLUGINS\WD BACKUP\App\WDBackupService.exe
      C:\WINDOWS\system32\fontdrvhost.exe
      C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
      C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
      C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
      C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
      C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
      C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
      C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      C:\WINDOWS\system32\AUDIODG.EXE
      C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
      C:\WINDOWS\system32\backgroundTaskHost.exe
      C:\WINDOWS\system32\backgroundTaskHost.exe
      C:\WINDOWS\system32\SearchProtocolHost.exe
      C:\WINDOWS\system32\SearchFilterHost.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
      C:\WINDOWS\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://www.standaard.be/
      uLocal Page = %11%\blank.htm
      BHO: Kaspersky Protection: {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll
      BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
      BHO: Virtual Keyboard Plugin: {6E11DD15-E054-4F89-840D-CD04499407A3} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\IEExt\ie_plugin.dll
      BHO: Safe Money Plugin: {CE5452FA-F4B3-4422-BE64-D4B1093F6DFF} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\IEExt\ie_plugin.dll
      BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL
      BHO: Content Blocker Plugin: {D48EC204-5CFE-43FD-8CC9-B4BC8645CD46} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\IEExt\ie_plugin.dll
      BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
      BHO: Kaspersky Password Manager: {F710F7E5-A520-471D-989C-F653AC328FB2} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\ie_engine.dll
      TB: Kaspersky Protection Toolbar: {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll
      uRun: [Spotify Web Helper] "C:\Users\Leo\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
      uRun: [Spotify] "C:\Users\Leo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
      uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      uRun: [AdobeBridge] <no file>
      mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
      mRun: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
      mRun: [WDAppManager] C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe
      mRun: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
      mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
      mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
      StartupFolder: C:\Users\Leo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INKTWA~1.LNK - C:\WINDOWS\System32\RunDll32.exe
      StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\KASPER~1.LNK - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
      StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\LOGOCA~1.LNK - C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
      StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\PROFIL~1.LNK - C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
      mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
      mPolicies-System: DSCAutomationHostEnabled = dword:2
      mPolicies-Windows\System: EnableSmartScreen = dword:0
      IE: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr/200
      IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
      IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
      IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
      IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
      IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
      IE: {40AE684B-A1EA-4FF4-8E05-5BCADC4D4DB2} - {270F8CD9-C976-42FD-8F73-608C4A532638} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\ie_toolbar_button.dll
      IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      TCP: NameServer = 195.130.131.5 195.130.130.5
      TCP: Interfaces\{6e7498c5-e31e-46ad-ba34-0e38fb70c6d0} : DHCPNameServer = 195.130.131.133 195.130.130.5
      TCP: Interfaces\{9baca6b7-3204-469b-ac24-9ff09734e086} : DHCPNameServer = 195.130.131.5 195.130.130.5
      TCP: Interfaces\{ce096b84-6f7a-49cf-9a8e-3133359ce9b3} : DHCPNameServer = 195.130.131.134 195.130.130.134
      TCP: Interfaces\{e0a51f1b-3216-429b-834d-ca444e8d10f2} : DHCPNameServer = 8.8.8.8 8.8.4.4
      Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
      Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
      Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
      Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      SSODL: WebCheck - <orphaned>
      LSA: Security Packages = ""
      mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
      x64-BHO: Kaspersky Protection: {2E38825B-8815-42CF-9126-C58BC28D4591} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll
      x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
      x64-BHO: Virtual Keyboard Plugin: {6E11DD15-E054-4F89-840D-CD04499407A3} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\x64\IEExt\ie_plugin.dll
      x64-BHO: Safe Money Plugin: {CE5452FA-F4B3-4422-BE64-D4B1093F6DFF} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\x64\IEExt\ie_plugin.dll
      x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL
      x64-BHO: Content Blocker Plugin: {D48EC204-5CFE-43FD-8CC9-B4BC8645CD46} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\x64\IEExt\ie_plugin.dll
      x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
      x64-BHO: Kaspersky Password Manager: {F710F7E5-A520-471D-989C-F653AC328FB2} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\x64\ie_engine.dll
      x64-TB: Kaspersky Protection Toolbar: {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll
      x64-Run: [RtHDVBg_SOUNDEDGE] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SOUNDEDGE
      x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
      x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
      x64-Run: [StartCN] "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
      x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
      x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
      x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
      x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
      x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll
      x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
      x64-IE: {40AE684B-A1EA-4FF4-8E05-5BCADC4D4DB2} - {270F8CD9-C976-42FD-8F73-608C4A532638} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.5\x64\ie_toolbar_button.dll
      x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
      x64-Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
      x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
      x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
      x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
      x64-SSODL: WebCheck - <orphaned>
      x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
      x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
      x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\3txact8e.default-1476091533538\
      FF - prefs.js: browser.startup.homepage - www.destandaard.be
      FF - plugin: C:\PROGRA~2\MIF5BA~1\Office16\NPSPWRAP.DLL
      FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
      FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
      FF - plugin: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
      FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
      FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
      FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\[email protected]\npContentBlocker.dll
      FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\[email protected]\npOnlineBanking.dll
      FF - plugin: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\FFExt\[email protected]\npVKPlugin.dll
      FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrlui.dll
      FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
      FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
      FF - plugin: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll
      .
      ---- FIREFOX POLICIES ----
      .
      FF - user.js: plugin.state.npcontentblocker - 2
      .
      FF - user.js: plugin.state.nponlinebanking - 2
      .
      FF - user.js: plugin.state.npvkplugin - 2
      .
      FF - user.js: plugin.state.npcontentblocker - 2
      .
      FF - user.js: plugin.state.nponlinebanking - 2
      .
      FF - user.js: plugin.state.npvkplugin - 2
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit);C:\WINDOWS\System32\drivers\cm_km.sys [2016-6-10 238936]
      R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2015-7-29 1462720]
      R0 intelpep;Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing ;C:\WINDOWS\System32\drivers\intelpep.sys [2016-7-16 48152]
      R0 iorate;iorate;C:\WINDOWS\System32\drivers\iorate.sys [2016-11-9 48992]
      R0 kl1sm;kl1sm;C:\WINDOWS\System32\drivers\kl1sm.sys [2015-10-8 478392]
      R0 klbackupdisk;Kaspersky Lab klbackupdisk;C:\WINDOWS\System32\drivers\klbackupdisk.sys [2016-6-7 63920]
      R0 klupd_klif_arkmon;klupd_klif_arkmon;C:\WINDOWS\System32\drivers\klupd_klif_arkmon.sys [2016-12-8 218920]
      R0 klupd_klif_klbg;klupd_klif_klbg;C:\WINDOWS\System32\drivers\klupd_klif_klbg.sys [2016-12-8 104720]
      R0 volume;Volumestuurprogramma;C:\WINDOWS\System32\drivers\volume.sys [2016-7-16 16224]
      R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
      R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
      R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2016-8-24 199008]
      R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-10-28 227328]
      R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-7-16 88576]
      R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
      R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-5-20 27552]
      R1 klbackupflt;Kaspersky Lab klbackupflt;C:\WINDOWS\System32\drivers\klbackupflt.sys [2015-6-27 86352]
      R1 klhk;Kaspersky Lab service driver;C:\WINDOWS\System32\drivers\klhk.sys [2015-11-16 435032]
      R1 KLIFSM;Kaspersky Lab SafeMoney Driver;C:\WINDOWS\System32\drivers\klifsm.sys [2015-12-13 809384]
      R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\WINDOWS\System32\drivers\klim6.sys [2016-6-20 57424]
      R1 klpd;Kaspersky Lab format recognizer driver;C:\WINDOWS\System32\drivers\klpd.sys [2015-6-8 45488]
      R1 klwfp;klwfp;C:\WINDOWS\System32\drivers\klwfp.sys [2015-6-26 85320]
      R1 Klwtp;KLwtp - WFP callout traffic inspector;C:\WINDOWS\System32\drivers\klwtp.sys [2015-6-16 134880]
      R1 Klwtpsm;Klwtpsm;C:\WINDOWS\System32\drivers\klwtpsm.sys [2015-10-8 99720]
      R1 kneps;kneps;C:\WINDOWS\System32\drivers\kneps.sys [2015-6-23 194480]
      R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-10-25 744640]
      R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015-8-20 2207960]
      R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2016-3-31 298520]
      R2 AVP17.0.0;Kaspersky Anti-Virus-service 17.0.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [2016-6-28 241544]
      R2 CDPSvc;Service Platform voor verbonden apparaten;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
      R2 CDPUserSvc_3e508;CDPUserSvc_3e508;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
      R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2016-7-16 70144]
      R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
      R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2016-7-16 44496]
      R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2016-9-28 135496]
      R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-9-28 31776]
      R2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
      R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-7-10 223520]
      R2 kldisk;kldisk;C:\WINDOWS\System32\drivers\kldisk.sys [2015-6-6 78216]
      R2 KSDE1.0.0;Kaspersky Secure Connection Service 1.0.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [2016-6-28 241544]
      R2 KSM3.5.0;Kaspersky Fraud Prevention for Endpoint Service 3.5.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Fraud Prevention for Endpoint 3.5\ksm.exe [2015-10-8 194000]
      R2 OneSyncSvc_3e508;Host synchroniseren_3e508;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
      R2 PornTime Updater;PornTime Updater;C:\Users\Leo\AppData\Roaming\PT\updater.exe [2016-9-17 165888]
      R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-5-20 310016]
      R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2016-7-16 78336]
      R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
      R2 Unchecky;Unchecky;C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [2016-4-30 254232]
      R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2016-9-30 119648]
      R2 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2016-7-16 66560]
      R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2016-1-14 308088]
      R2 WpnService;Systeemservice voor Windows Push Notifications;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2015-11-20 730304]
      R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2016-3-1 101376]
      R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
      R3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\WINDOWS\System32\drivers\hitmanpro37.sys [2017-1-14 41080]
      R3 klflt;Kaspersky Lab Kernel DLL;C:\WINDOWS\System32\drivers\klflt.sys [2015-11-16 191312]
      R3 klfltsm;Kaspersky Lab SafeMoney Kernel DLL;C:\WINDOWS\System32\drivers\klfltsm.sys [2015-12-13 159960]
      R3 klids;klids;C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [2016-11-14 182360]
      R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\WINDOWS\System32\drivers\klkbdflt.sys [2015-6-6 52136]
      R3 klkbdfltsm;Kaspersky Lab KLKBDFLTSM;C:\WINDOWS\System32\drivers\klkbdfltsm.sys [2015-10-8 40304]
      R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\System32\drivers\klmouflt.sys [2015-6-7 41656]
      R3 kltap;Kaspersky Security Data Escort Adapter;C:\WINDOWS\System32\drivers\kltap.sys [2016-6-7 52152]
      R3 klupd_klif_mark;klupd_klif_mark;C:\WINDOWS\System32\drivers\klupd_klif_mark.sys [2016-12-8 164888]
      R3 LicenseManager;Service voor Windows-licentiebeheer ;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
      R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
      R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
      R3 PimIndexMaintenanceSvc_3e508;Contact Data_3e508;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
      R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2016-5-20 936192]
      R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E-netwerkadapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2016-7-16 5144064]
      R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
      R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
      R3 UEFI;Microsoft UEFI-stuurprogramma;C:\WINDOWS\System32\drivers\uefi.sys [2016-7-16 28512]
      R3 UnistoreSvc_3e508;User Data Storage_3e508;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
      R3 UserDataSvc_3e508;User Data Access_3e508;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
      R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-9-30 719360]
      R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2016-7-16 216064]
      S0 klelam;klelam;C:\WINDOWS\System32\drivers\klelam.sys [2016-3-31 28792]
      S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2016-7-16 44496]
      S3 AcpiDev;Stuurprogramma voor ACPI-apparaten;C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-7-16 18432]
      S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2016-7-16 1135456]
      S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
      S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2016-8-18 49448]
      S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2016-7-16 15360]
      S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
      S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
      S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2016-7-16 9728]
      S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2016-7-16 9728]
      S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
      S3 buttonconverter;Service voor Portable Device Control-apparaten;C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-7-16 38912]
      S3 CapImg;HID-stuurprogramma voor CapImg-touchscreen;C:\WINDOWS\System32\drivers\capimg.sys [2016-10-28 118272]
      S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-7-16 346976]
      S3 cht4vbd;Chelsio virtuele-busstuurprogramma;C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
      S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      S3 diagnosticshub.standardcollector.service;Microsoft(R) Diagnostics Hub Standard Collector-service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
      S3 DmEnrollmentSvc;Registratieservice voor Apparaatbeheer;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      S3 embeddedmode;Ingesloten modus;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
      S3 EyeOneDisplay;EyeOneDisplay;C:\WINDOWS\System32\drivers\i1display_x64.sys [2016-4-11 7808]
      S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2016-7-16 44496]
      S3 genericusbfn;Algemene USB-functieklasse;C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-7-16 20480]
      S3 hidinterrupt;Algemeen stuurprogramma voor HID-knoppen waarvoor interrupts zijn geïmplementeerd;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
      S3 hidkmdf;KMDF Driver;C:\WINDOWS\System32\drivers\hidkmdf.sys [2015-11-20 14016]
      S3 HvHost;HV-hostservice;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2016-7-16 33280]
      S3 iai2c;Intel(R) Serial IO I2C-hostcontroller;C:\WINDOWS\System32\drivers\iai2c.sys [2016-7-16 81408]
      S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
      S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C-stuurprogramma v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
      S3 iaLPSSi_GPIO;Stuurprogramma van Intel(R) Serial IO GPIO-controller;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
      S3 iaLPSSi_I2C;Stuurprogramma voor Intel(R) Serial IO I2C-controller;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
      S3 iaStorAV;Intel(R) SATA RAID-controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2016-7-16 673120]
      S3 ibbus;Mellanox InfiniBand Bus/AL (filterstuurprogramma);C:\WINDOWS\System32\drivers\ibbus.sys [2016-7-16 526176]
      S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
      S3 IndirectKmd;Indirecte weergave kernelmodusstuurprogramma;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
      S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
      S3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
      S3 klupd_klif_klark;klupd_klif_klark;C:\WINDOWS\System32\drivers\klupd_klif_klark.sys [2016-12-8 245512]
      S3 klvssbrigde64;klvssbrigde64;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [2016-6-28 77328]
      S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
      S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
      S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-11 64352]
      S3 MessagingService_3e508;MessagingService_3e508;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
      S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
      S3 ndfltr;NetworkDirect-service;C:\WINDOWS\System32\drivers\ndfltr.sys [2016-7-16 108896]
      S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
      S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2015-7-31 242864]
      S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2016-7-16 58720]
      S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2016-7-16 61792]
      S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
      S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2016-7-16 928608]
      S3 RetailDemo;Retaildemoservice;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 Revoflt;Revoflt;C:\WINDOWS\System32\drivers\revoflt.sys [2016-5-15 40240]
      S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUStor.sys [2015-1-7 263896]
      S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      S3 scmbus;Microsoft-stuurprogramma voor geheugenbus opslagklasse;C:\WINDOWS\System32\drivers\scmbus.sys [2016-7-16 88416]
      S3 scmdisk0101;Microsoft-stuurprogramma voor NVDIMM-N-schijven;C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-7-16 123904]
      S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2016-9-21 1312768]
      S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2016-7-16 151904]
      S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2016-7-16 44496]
      S3 SmsRouter;Microsoft Windows SMS Router-service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2016-9-30 81760]
      S3 storufs;Microsoft Universal Flash Storage (UFS)-stuurprogramma;C:\WINDOWS\System32\drivers\storufs.sys [2016-7-16 32096]
      S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2016-7-16 287744]
      S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-7-16 95744]
      S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
      S3 UcmUcsi;UCSI-client van USB-connectorbeheer;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
      S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2016-7-16 45568]
      S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-16 263008]
      S3 UfxChipidea;Chipidea USB-controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
      S3 ufxsynopsys;Synopsys USB-controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
      S3 UrsChipidea;Stuurprogramma voor Chipidea USB Role-Switch;C:\WINDOWS\System32\drivers\urschipidea.sys [2016-7-16 28512]
      S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2016-7-16 57696]
      S3 UrsSynopsys;Stuurprogramma voor Synopsys USB Role-Switch;C:\WINDOWS\System32\drivers\urssynopsys.sys [2016-7-16 27488]
      S3 UsoSvc;Update Orchestrator Service for Windows Update;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 vhf;Virtual HID Framework (VHF)-stuurprogramma;C:\WINDOWS\System32\drivers\vhf.sys [2016-7-16 32256]
      S3 vmgid;Microsoft Hyper-V-stuurprogramma voor de gastinfrastructuur;C:\WINDOWS\System32\drivers\vmgid.sys [2016-7-16 10240]
      S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
      S3 WacHidRouter;Wacom Hid Router;C:\WINDOWS\System32\drivers\wachidrouter.sys [2015-11-20 103616]
      S3 wacomrouterfilter;Wacom Router Filter Driver;C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [2015-11-20 15040]
      S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
      S3 WD Backup Drive Helper;WD Backup Drive Helper;C:\Windows\SysWOW64\dllhost.exe [2016-7-16 19808]
      S3 WD Backup Snapshot;WD Backup Snapshot;C:\Windows\SysWOW64\dllhost.exe [2016-7-16 19808]
      S3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\System32\drivers\wdcsam64.sys [2015-11-12 26880]
      S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
      S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2016-7-16 347328]
      S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]
      S3 WinMad;WinMad-service;C:\WINDOWS\System32\drivers\winmad.sys [2016-7-16 32096]
      S3 WinVerbs;WinVerbs-service;C:\WINDOWS\System32\drivers\winverbs.sys [2016-7-16 64864]
      S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
      S3 WpnUserService_3e508;Windows Push Notification-gebruikersservice_3e508;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
      S3 XblAuthManager;Xbox Live-verificatiebeheer;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 XblGameSave;Games opslaan op Xbox Live;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-12-9 258560]
      S3 XboxNetApiSvc;Netwerkservice van Xbox Live;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-9-1 43520]
      S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
      S4 tzautoupdate;Updater van automatische tijdzone;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
      .
      =============== Created

      Comment


      • #4
        nukkige pc 3

        .
        2017-01-14 16:45:04 41080 ----a-w- C:\WINDOWS\System32\drivers\hitmanpro37.sys
        2017-01-14 16:39:00 -------- d-----w- C:\AdwCleaner
        2017-01-14 10:53:48 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigne6f02836a295d203
        2017-01-14 10:52:14 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign53c20a2c0202c849
        2017-01-14 10:48:16 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign5c8e22711cfa921f
        2017-01-14 10:44:48 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign74414a9d62352d3e
        2017-01-14 10:41:46 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign5c33d588052af42f
        2017-01-13 19:16:09 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignc37a2702f44b9df6
        2017-01-13 19:15:17 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignad2577c4658dd5c7
        2017-01-13 14:51:59 -------- d-----w- C:\Users\Leo\AppData\Roaming\Daminion Software
        2017-01-13 14:51:52 -------- d-----w- C:\Program Files (x86)\Daminion Software
        2017-01-12 19:36:01 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignd393294f2cabb386
        2017-01-12 19:31:27 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignc09e9efae7b3e89c
        2017-01-11 19:15:06 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign19c075bdc0684f36
        2017-01-11 19:13:56 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign5cd1f03f9ccedc91
        2017-01-11 16:07:12 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignb9ce831b4f938638
        2017-01-11 16:06:16 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigne5c8a9ea4f43c1c1
        2017-01-10 22:50:26 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigneb83794f18c3cf2f
        2017-01-10 22:47:37 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign90b32b3f7d1ff871
        2017-01-10 22:44:04 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignbbc482392e559e30
        2017-01-10 22:06:59 2275840 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
        2017-01-09 21:12:22 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignc70f9593bbf827d2
        2017-01-09 21:10:58 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign4de6a79df5736a50
        2017-01-09 20:22:30 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigne4717b21fed24849
        2017-01-09 20:21:26 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign0b963d50b24edcbf
        2017-01-09 19:48:42 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign6c78af1165941eee
        2017-01-09 19:24:42 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigne946f02c3ed87c52
        2017-01-09 19:15:23 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign20a8d08d32646b66
        2017-01-09 15:11:49 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign06c6023aee96ff57
        2017-01-09 15:11:39 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign4b11c872838661f2
        2017-01-09 15:11:29 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign60ac6138eed873dc
        2017-01-09 15:11:16 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign5efe800247253cc8
        2017-01-09 15:08:12 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign3e6627bfdd64dff0
        2017-01-09 15:05:27 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignc95184374b7654be
        2017-01-09 15:03:53 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign7b0cf2acbfcdd056
        2017-01-09 14:29:41 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign0fa381400ca9677d
        2017-01-09 14:21:58 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign9a5a210883189f5a
        2017-01-09 13:35:04 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign98cf07a2de629888
        2017-01-09 13:10:38 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign5212f56d6fde435d
        2017-01-09 13:04:44 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigne470c5395b610168
        2017-01-08 21:21:12 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign0e2af0423083653e
        2017-01-08 20:48:43 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigne905cab927a65229
        2017-01-08 20:21:56 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignfe596d7f763364f3
        2017-01-08 20:01:22 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignb50850d752bff1c2
        2017-01-08 19:54:55 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignbb8b2f3e30a253e4
        2017-01-08 19:54:22 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign8b9422ac7acca763
        2017-01-08 19:46:20 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignd0b42595597942da
        2017-01-08 19:31:53 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigna31629968f160a79
        2017-01-08 19:31:25 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign4896bf6e7af32072
        2017-01-08 18:46:47 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign6bb7b3c7ac4654e0
        2017-01-08 18:40:26 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignfe9cf1f21312d143
        2017-01-08 15:37:20 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign73cb9bce50f02acb
        2017-01-08 15:37:08 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign89bd22693589d574
        2017-01-08 12:50:53 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign6ee638a626f6e70f
        2017-01-08 11:55:05 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign5150a17b02e7789d
        2017-01-08 11:51:30 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign63b23de8d293a91b
        2017-01-07 22:25:03 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignc778a78a1fdb7a25
        2017-01-07 19:49:21 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigncceeda74f3efddbd
        2017-01-07 19:39:56 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignacde866997ca2644
        2017-01-06 20:07:12 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign71ebfd2352d675f8
        2017-01-06 20:01:21 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign0ab37ec02ab79be3
        2017-01-06 18:49:47 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignb933e13828ad13a3
        2017-01-06 18:40:18 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignf8ee5b2b70267e96
        2017-01-03 13:47:01 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignfbf44e63f2814500
        2017-01-03 13:38:06 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign6d5ef1eeb8cad34a
        2017-01-02 16:21:49 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign41b81662e8dd6df7
        2017-01-02 16:16:47 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignd80ac9242b01e967
        2017-01-02 15:12:51 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigne4c76b96f67da67b
        2017-01-02 15:11:04 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignde6dfcb171fbd089
        2017-01-02 14:05:11 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignaf260839241ea3e5
        2017-01-02 13:55:54 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigna184c590a37d47d9
        2017-01-01 22:45:43 -------- d-----w- C:\Users\Leo\AppData\Local\Image Composite Editor
        2017-01-01 22:45:24 -------- d-----w- C:\Program Files\Microsoft Research
        2017-01-01 18:22:44 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign22cb83cc671e250f
        2017-01-01 18:19:33 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigne77fb364fedf6446
        2017-01-01 13:34:26 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign2615cf2453f923ee
        2017-01-01 13:31:53 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignd5bc19824f37cf06
        2017-01-01 13:24:24 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign7e334305a09b6eaa
        2017-01-01 13:21:40 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigna4154875a8352963
        2017-01-01 01:53:37 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign8af3f209f89a857c
        2017-01-01 01:50:59 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign6792c8e9879db5f0
        2017-01-01 01:43:01 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign3c672c2eca3d7f2f
        2017-01-01 01:42:39 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign0adb8063ae5250ae
        2017-01-01 01:40:27 -------- d-----w- C:\Program Files\Topaz Labs
        2016-12-30 20:56:08 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignf9a56aa1346b0024
        2016-12-30 20:52:42 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigncae2d0deab8ac43a
        2016-12-30 19:51:08 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign8c7b0bb43190dd30
        2016-12-30 19:37:25 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign82f442710ad0cc08
        2016-12-30 19:34:45 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign8a3c8445cca87e6c
        2016-12-29 21:44:54 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign4bc111453f832f1d
        2016-12-29 21:39:39 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign2452b8a40849c374
        2016-12-29 20:52:55 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign291af1c0fe280b04
        2016-12-29 20:41:50 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign37d06db09c6d7108
        2016-12-29 19:30:16 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignd682f6cc7adf3b90
        2016-12-29 19:25:00 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignbbd529eec496e21a
        2016-12-29 15:57:32 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignfe0370f1e804802a
        2016-12-29 15:52:50 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign9f7e6f3614d9a420
        2016-12-29 15:28:23 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign633c12c4f85c0592
        2016-12-28 21:56:14 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignf2395458c6e1330e
        2016-12-28 21:47:44 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign7f6cef269b782b47
        2016-12-28 21:37:22 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignabae1a16d8e0e517
        2016-12-28 20:00:18 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign655ea354da06b2c8
        2016-12-28 19:14:22 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign2add8bd5c8100bf3
        2016-12-28 19:09:02 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignc44c90888660f320
        2016-12-28 19:03:28 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignb0ba4f779c11d80a
        2016-12-28 18:19:39 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign8061cf4233da9387
        2016-12-28 17:34:23 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigneac9c3b233b1049b
        2016-12-28 17:28:33 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigna3935e551a49aed1
        2016-12-28 17:17:01 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign875d5e303cac7199
        2016-12-28 17:13:03 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign41c5b65afc7975df
        2016-12-28 17:04:57 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign7b4746d41a610d37
        2016-12-28 15:58:59 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigndc78b860e9202bed
        2016-12-28 15:33:16 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign4c5a9b0ac3d8fab5
        2016-12-27 00:03:20 570960 ----a-w- C:\WINDOWS\System32\ONCore11.dll
        2016-12-27 00:03:20 486992 ----a-w- C:\WINDOWS\System32\ONProxySupport11.dll
        2016-12-27 00:03:20 472144 ----a-w- C:\WINDOWS\System32\ONDocument11.dll
        2016-12-27 00:03:20 379984 ----a-w- C:\WINDOWS\System32\ONCMS11.dll
        2016-12-27 00:03:20 2132560 ----a-w- C:\WINDOWS\System32\ONCoreFoundation11.dll
        2016-12-26 23:19:34 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign629d2f93599f51f8
        2016-12-26 22:32:04 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignd96fb2b75d1a05a5
        2016-12-26 22:23:40 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign1b57ac4e3793f075
        2016-12-26 21:51:02 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign218fa53551328d4f
        2016-12-26 21:49:56 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignc0657b30924ad564
        2016-12-26 21:31:28 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign9daf8786d6695a9f
        2016-12-26 21:24:29 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign3028ec1bc1ac5ccc
        2016-12-26 20:35:39 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignb1d7de1ae3c37a15
        2016-12-25 15:35:38 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign0522aa045bcca517
        2016-12-25 15:33:04 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignffa7878bbe40f8e7
        2016-12-25 15:32:17 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign3abf334f2b418247
        2016-12-25 15:28:40 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigna8979b3b585b3130
        2016-12-23 14:33:48 -------- d-----w- C:\ProgramData\Auto FX
        2016-12-23 13:34:31 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignc7ca80f504ddf97c
        2016-12-23 13:33:37 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignd7880970be5f64be
        2016-12-23 13:33:12 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigne774e9f37c6f5702
        2016-12-23 13:33:03 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign91c04e81dbdea25a
        2016-12-23 13:32:14 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign8142e1111c86e541
        2016-12-21 19:33:56 -------- d-----w- C:\WINDOWS\SysWow64\beidpp
        2016-12-21 19:33:55 -------- d-----w- C:\Program Files\log
        2016-12-21 19:33:54 -------- d---a-w- C:\Program Files (x86)\Belgium Identity Card
        2016-12-17 21:53:16 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign902194b40c4b49a1
        2016-12-17 21:53:10 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignec49352cc70be996
        2016-12-17 21:49:15 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign61e43e4edbbd0fcf
        2016-12-17 21:40:16 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignbbfe9373989b6d3b
        2016-12-16 11:05:06 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign7497f60a3484d397
        2016-12-16 11:04:59 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign6b313993bf011f33
        2016-12-16 11:04:54 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign623977cac89cb371
        2016-12-16 11:04:46 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsigne5bb7799bf78fefc
        2016-12-16 11:04:10 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign25a789d700dbf52d
        2016-12-15 17:55:07 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign82af11b1f32438e6
        2016-12-15 17:53:31 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsignc18c4c433e2d4641
        2016-12-15 17:53:09 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign71167a7d4600447d
        2016-12-15 17:53:01 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign05e9acd6874a0b10
        2016-12-15 17:52:14 -------- d-----w- C:\Users\Leo\AppData\Local\Tempzxpsign7ad0e653ecf35bf8
        .
        ==================== Find3M ====================
        .
        2017-01-14 16:40:47 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin
        2017-01-14 11:14:50 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
        2016-12-22 23:13:26 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
        2016-12-22 23:13:26 177656 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
        2016-12-21 13:52:50 40240 ----a-w- C:\WINDOWS\System32\drivers\revoflt.sys
        2016-12-21 08:08:31 245600 ----a-w- C:\WINDOWS\System32\offlinesam.dll
        2016-12-21 08:08:17 136032 ----a-w- C:\WINDOWS\System32\ImplatSetup.dll
        2016-12-21 08:04:10 7816032 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
        2016-12-21 07:49:39 328008 ----a-w- C:\WINDOWS\System32\Windows.Storage.ApplicationData.dll
        2016-12-21 07:46:39 624048 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
        2016-12-21 07:43:56 92512 ----a-w- C:\WINDOWS\System32\rdpudd.dll
        2016-12-21 07:43:06 4130440 ----a-w- C:\WINDOWS\System32\mfcore.dll
        2016-12-21 07:43:01 1454504 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll
        2016-12-21 07:43:00 1071736 ----a-w- C:\WINDOWS\System32\mfnetcore.dll
        2016-12-21 07:42:59 1988560 ----a-w- C:\WINDOWS\System32\mfmp4srcsnk.dll
        2016-12-21 07:42:55 1702392 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll
        2016-12-21 07:42:54 1300600 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll
        2016-12-21 07:42:27 241504 ----a-w- C:\WINDOWS\System32\CloudExperienceHost.dll
        2016-12-21 07:41:56 1600632 ----a-w- C:\WINDOWS\System32\sppobjs.dll
        2016-12-21 07:37:23 455520 ----a-w- C:\WINDOWS\System32\securekernel.exe
        2016-12-21 07:15:01 22563840 ----a-w- C:\WINDOWS\System32\edgehtml.dll
        2016-12-21 07:14:11 43008 ----a-w- C:\WINDOWS\System32\LaunchWinApp.exe
        2016-12-21 07:13:54 119808 ----a-w- C:\WINDOWS\System32\KnobsCsp.dll
        2016-12-21 07:12:14 83968 ----a-w- C:\WINDOWS\System32\ProvPluginEng.dll
        2016-12-21 07:10:22 175104 ----a-w- C:\WINDOWS\System32\wbem\netswitchteamcim.dll
        2016-12-21 07:10:09 234496 ----a-w- C:\WINDOWS\System32\KnobsCore.dll
        2016-12-21 07:09:56 363520 ----a-w- C:\WINDOWS\System32\Windows.UI.BioFeedback.dll
        2016-12-21 07:09:13 368640 ----a-w- C:\WINDOWS\System32\OneBackupHandler.dll
        2016-12-21 07:08:35 211968 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
        2016-12-21 07:08:33 261632 ----a-w- C:\WINDOWS\System32\wbem\ndisimplatcim.dll
        2016-12-21 07:08:27 360448 ----a-w- C:\WINDOWS\System32\rdpencom.dll
        2016-12-21 07:08:23 289792 ----a-w- C:\WINDOWS\System32\DeveloperOptionsSettingsHandlers.dll
        2016-12-21 07:08:14 418304 ----a-w- C:\WINDOWS\System32\Windows.UI.BlockedShutdown.dll
        2016-12-21 07:08:06 349184 ----a-w- C:\WINDOWS\System32\provengine.dll
        2016-12-21 07:08:03 1292288 ----a-w- C:\WINDOWS\System32\MSVPXENC.dll
        2016-12-21 07:07:10 748544 ----a-w- C:\WINDOWS\System32\StoreAgent.dll
        2016-12-21 07:06:49 260608 ----a-w- C:\WINDOWS\System32\InstallAgentUserBroker.exe
        2016-12-21 07:06:49 147456 ----a-w- C:\WINDOWS\System32\winsrv.dll
        2016-12-21 07:06:26 310784 ----a-w- C:\WINDOWS\System32\SyncSettings.dll
        2016-12-21 07:06:05 6285312 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
        2016-12-21 07:05:21 261632 ----a-w- C:\WINDOWS\System32\indexeddbserver.dll
        2016-12-21 07:05:01 49152 ----a-w- C:\WINDOWS\System32\Windows.UI.Shell.dll
        2016-12-21 07:05:01 425984 ----a-w- C:\WINDOWS\System32\aadcloudap.dll
        2016-12-21 07:01:42 9131008 ----a-w- C:\WINDOWS\System32\twinui.dll
        2016-12-21 07:00:29 440320 ----a-w- C:\WINDOWS\System32\fhcfg.dll
        2016-12-21 06:59:50 883712 ----a-w- C:\WINDOWS\System32\samsrv.dll
        2016-12-21 06:59:31 1908224 ----a-w- C:\WINDOWS\System32\AzureSettingSyncProvider.dll
        2016-12-21 06:57:48 462336 ----a-w- C:\WINDOWS\System32\fhsettingsprovider.dll
        2016-12-21 06:56:56 936960 ----a-w- C:\WINDOWS\System32\MCRecvSrc.dll
        2016-12-21 06:56:14 947712 ----a-w- C:\WINDOWS\System32\MSVP9DEC.dll
        2016-12-21 06:55:16 8129536 ----a-w- C:\WINDOWS\System32\Chakra.dll
        2016-12-21 06:55:09 4749312 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
        2016-12-21 06:54:14 5511680 ----a-w- C:\WINDOWS\System32\aclui.dll
        2016-12-21 06:53:19 6664192 ----a-w- C:\WINDOWS\System32\mspaint.exe
        2016-12-21 06:53:13 4474368 ----a-w- C:\WINDOWS\System32\D3DCompiler_47.dll
        2016-12-21 06:53:10 1692672 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
        2016-12-21 06:51:56 5611008 ----a-w- C:\WINDOWS\System32\d2d1.dll
        2016-12-21 06:51:41 8075776 ----a-w- C:\WINDOWS\System32\mstscax.dll
        2016-12-21 06:50:57 1490432 ----a-w- C:\WINDOWS\System32\lsasrv.dll
        2016-12-21 06:49:55 2691072 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
        2016-12-21 06:49:43 1062912 ----a-w- C:\WINDOWS\System32\SettingSyncCore.dll
        2016-12-21 06:49:25 4149248 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
        2016-12-21 06:47:47 1121280 ----a-w- C:\WINDOWS\System32\aadtb.dll
        2016-12-21 05:59:21 218976 ----a-w- C:\WINDOWS\SysWow64\offlinesam.dll
        2016-12-21 05:09:45 263472 ----a-w- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
        2016-12-21 05:02:16 1852720 ----a-w- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
        2016-12-21 05:02:12 3892864 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
        2016-12-21 05:02:09 1277344 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
        2016-12-21 05:02:02 1360464 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll
        2016-12-21 05:02:01 980832 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll
        2016-12-21 05:02:00 1201872 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
        2016-12-21 04:46:55 34304 ----a-w- C:\WINDOWS\SysWow64\LaunchWinApp.exe
        2016-12-21 04:43:09 285184 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.BlockedShutdown.dll
        2016-12-21 04:41:59 253952 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.BioFeedback.dll
        2016-12-21 04:41:15 231936 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
        2016-12-21 04:40:57 180224 ----a-w- C:\WINDOWS\SysWow64\InstallAgent.exe
        2016-12-21 04:40:43 237056 ----a-w- C:\WINDOWS\SysWow64\SyncSettings.dll
        2016-12-21 04:40:39 318976 ----a-w- C:\WINDOWS\SysWow64\rdpencom.dll
        2016-12-21 04:40:07 557568 ----a-w- C:\WINDOWS\SysWow64\StoreAgent.dll
        2016-12-21 04:39:58 1300480 ----a-w- C:\WINDOWS\SysWow64\MSVPXENC.dll
        2016-12-21 04:39:04 223232 ----a-w- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
        2016-12-21 04:38:54 866816 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Cred.dll
        2016-12-21 04:35:42 198656 ----a-w- C:\WINDOWS\SysWow64\indexeddbserver.dll
        2016-12-21 04:35:28 4612608 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
        2016-12-21 04:34:53 7626752 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
        2016-12-21 04:33:09 19413504 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
        2016-12-21 04:30:56 5398016 ----a-w- C:\WINDOWS\SysWow64\aclui.dll
        2016-12-21 04:30:06 1255936 ----a-w- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
        2016-12-21 04:27:12 640000 ----a-w- C:\WINDOWS\SysWow64\MCRecvSrc.dll
        2016-12-21 04:26:36 1155072 ----a-w- C:\WINDOWS\SysWow64\MSVP9DEC.dll
        2016-12-21 04:25:44 7469056 ----a-w- C:\WINDOWS\SysWow64\mstscax.dll
        2016-12-21 04:25:42 6474752 ----a-w- C:\WINDOWS\SysWow64\mspaint.exe
        2016-12-21 04:24:58 6044160 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
        2016-12-21 04:24:30 5061120 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
        2016-12-21 04:24:11 886272 ----a-w- C:\WINDOWS\SysWow64\aadtb.dll
        2016-12-21 04:24:09 3733504 ----a-w- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
        2016-12-21 04:22:44 1883648 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Logon.dll
        2016-12-21 04:22:32 860672 ----a-w- C:\WINDOWS\SysWow64\SettingSyncCore.dll
        2016-12-15 12:52:35 85984 ----a-w- C:\WINDOWS\System32\drivers\klupd_klif_kimul.sys
        2016-12-14 05:41:35 1235296 ----a-w- C:\WINDOWS\System32\aeinv.dll
        .
        ============= FINISH: 17:53:21,57 ===============

        Comment


        • #5
          GMER 2.2.19882 - http://www.gmer.net
          Rootkit scan 2017-01-14 18:25:13
          Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000037 ST1000DM003-1ER162 rev.HP51 931,51GB
          Running: 14715hnu.exe; Driver: C:\Users\Leo\AppData\Local\Temp\kfndaaow.sys


          ---- Devices - GMER 2.2 ----

          Device \Driver\klupd_klif_klark \Device\klark_030405_KLIF fffff80f35a28ed8

          ---- Threads - GMER 2.2 ----

          Thread C:\WINDOWS\system32\csrss.exe [1020:764] fffffd980df36c20
          Thread C:\WINDOWS\system32\SettingSyncHost.exe [3228:7796] 00007ffce941dbe0
          Thread C:\WINDOWS\system32\SettingSyncHost.exe [3228:9188] 00007ffce941dbe0
          Thread [9944:9924] 00007ffcfbf52dc0
          Thread [9944:10048] 00007ffcfbf52dc0
          Thread [9944:8676] 00007ffcfbf52dc0
          Thread [9944:8860] 00007ffcfbf52dc0
          Thread [9944:4788] 00007ffcfbf52dc0
          Thread [9944:6508] 00007ffcfbb75f10
          Thread [9944:1352] 00007ffcfbf52dc0
          Thread [9944:7784] 00007ffcfbf52dc0
          Thread [9944:2396] 00007ffcfbf52dc0
          Thread [9944:7312] 00007ffcfbf52dc0
          Thread [9944:8468] 00007ffcfbf52dc0
          Thread [9944:9364] 00007ffcf1e848e0
          Thread [9944:2616] 00007ffcfbf52dc0
          Thread [9944:7200] 00007ffcfbf52dc0
          Thread [9944:9920] 00007ffcfbf52dc0
          Thread [9944:4956] 00007ffcfbf52dc0

          ---- Services - GMER 2.2 ----

          Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] CDPUserSvc_3e508 <-- ROOTKIT !!!
          Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] MessagingService_3e508 <-- ROOTKIT !!!
          Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] OneSyncSvc_3e508 <-- ROOTKIT !!!
          Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] PimIndexMaintenanceSvc_3e508 <-- ROOTKIT !!!
          Service C:\WINDOWS\System32\svchost.exe (*** hidden *** ) [MANUAL] UnistoreSvc_3e508 <-- ROOTKIT !!!
          Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] UserDataSvc_3e508 <-- ROOTKIT !!!
          Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [MANUAL] WpnUserService_3e508 <-- ROOTKIT !!!

          ---- Registry - GMER 2.2 ----

          Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\[email protected] -2087592595
          Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\[email protected] 0x9E 0xFE 0x38 0x2C ...
          Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\[email protected] 0x9E 0x66 0xFD 0x8D ...
          Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\[email protected] 0x9E 0x96 0x74 0xCA ...
          Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\[email protected] 0x64 0x62 0x03 0x00 ...
          Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\[email protected] 0x64 0x62 0x03 0x00 ...
          Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPNPPROVIDER\ UUID:0BEBC200-00C8-1000-87C7-5085697AAA05\Interfaces\{d0875fb4-2196-4c7a-a63d-e416addd60a1}\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\[email protected] 0x64 0x62 0x04 0x00 ...
          Reg HKLM\SYSTEM\Setup\Upgrade\Pnp\CurrentControlSet\Control\DeviceMigration\Devices\SWD\DAFUPNPPROVIDER\ UUID:0BEBC200-00C8-1000-87C7-5085697AAA05\Properties\{88ad39db-0d0c-4a38-8435-4043826b5c91}\[email protected] 0x64 0x62 0x04 0x00 ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\[email protected] 773
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\[email protected] 7
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] 22674
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] 249
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] Time 0x09 0x46 0x2F 0xB3 ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] DrainTime 0x09 0x46 0x2F 0xB3 ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] me 0x09 0x46 0x2F 0xB3 ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] 195776
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] 175
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] ime 0x09 0x46 0x2F 0xB3 ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] 0x8F 0x51 0x29 0xB3 ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Live\Roaming\[email protected] st 0x1B 0xA4 0x01 0x66 ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\[email protected] KasperskyLab.Kis.UI.Toasts?E7CF176E110C211B?
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistDat[email protected] 0x17 0x15 0xF2 0xBC ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\[email protected] 0x9F 0x80 0xC5 0x4A ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{87604812-13F4-45C0-BAE4-898EDF0BDB60}@LastAccessedTime 0xB0 0x46 0xE1 0x2B ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{87604812-13F4-45C0-BAE4-898EDF0BDB60}@LaunchCount 1
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{D89167D0-F310-4601-8189-51C1CE136AD9}@LastAccessedTime 0x90 0x85 0xD4 0x93 ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{D89167D0-F310-4601-8189-51C1CE136AD9}@LaunchCount 5
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and [email protected] 0xB6 0x10 0x9F 0xCA ...
          Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\[email protected] 5

          ---- Disk sectors - GMER 2.2 ----

          Disk \Device\Harddisk0\DR0 unknown MBR code

          ---- EOF - GMER 2.2 ----

          Comment


          • #6
            Download de Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links
            Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

            Farbar Recovery Scan Tool uitvoeren
            • Dubbelklik op FRST.exe om de tool te starten.
            • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
            • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
            • Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
            • Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
            • Voeg beide logbestanden als bijlage toe aan het volgende bericht.

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              bijlagen

              In bijlage de gevraagde zaken van Farbar.
              Bijgevoegde Bestanden

              Comment


              • #8
                Start de Farbar Recovery Scan Tool nogmaals.
                • Download fixlist.txt uit de bijlage naar het bureaublad, waar ook FRST.exe aanwezig is.
                • Dubbelklik op FRST.exe om de tool te starten.
                • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
                • Druk op de Fix knop
                • Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
                • Voeg dit logbestand als bijlage toe aan het volgende bericht..


                [attachment=0]fixlist.txt[/attachment]
                Bijgevoegde Bestanden

                Windows 10 opstarten in Veilige Modus

                Comment


                • #9
                  fixlog.txt in bijlage
                  Bijgevoegde Bestanden

                  Comment


                  • #10
                    Vertel even hoe het nu gaat aub.

                    Windows 10 opstarten in Veilige Modus

                    Comment


                    • #11
                      Het gaat al veel vlotter.
                      Het enige wat nog opvalt, is het traag inladen van nieuwssites met veel afbeeldingen en het af en toe 'terug naar boven springen' van een pagina wanneer ik naar beneden scrol.

                      Comment


                      • #12
                        Dat kan ook aan je videokaart liggen en ook nog aan je download snelheid.

                        Windows 10 opstarten in Veilige Modus

                        Comment


                        • #13
                          Oorspronkelijk geplaatst door Juisterr Bekijk Berichten
                          Dat kan ook aan je videokaart liggen en ook nog aan je download snelheid.
                          Beiden zijn dezelfde dan voor het ontstaan van de problemen.
                          Maar alles loopt veel vlotter en ik ben tevreden !

                          Mag ik alle progjes (gmer, adawarecleaner etc.) verwijderen?

                          Comment


                          • #14
                            Download Delfix by Xplode naar het bureaublad.

                            KLIK HIER voor een vergroting!
                            (Klik bovenstaande afbeelding aan voor een vergroting!)

                            Dubbelklik op Delfix.exe om de tool te starten.
                            Zet nu vinkjes voor de volgende items:
                            • Remove disinfection tools
                            • Purge System Restore
                            • Reset system settings

                            Klik nu op "Run" en wacht geduldig tot de tool gereed is.
                            Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

                            Windows 10 opstarten in Veilige Modus

                            Comment


                            • #15
                              Dat is gebeurd.

                              Hartelijk bedankt voor je hulp !

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X