laptop met veel popups in IE.

• 

  lg

  26-08-2014 13:33

  Laptop met veel Popups

  Graag uw medewerking weer in deze.

  LG

  Logfile of random's system information tool 1.10 (written by random/random)

  Run by Jan at 2014-08-26 13:25:08

  Microsoft Windows 8.1

  System drive C: has 369 GB (89%) free of 414 GB

  Total RAM: 4004 MB (61% free)

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 13:25:18, on 26-8-2014

  Platform: Unknown Windows (WinNT 6.02.1008)

  MSIE: Internet Explorer v11.0 (11.00.9600.17239)

  Boot mode: Normal

  Running processes:

  C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

  C:\Program Files (x86)\Browser Mouse\Browser Mouse\1.0\LwbWheel.exe

  C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

  C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

  C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

  C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

  C:\Program Files\trend micro\Jan.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://nl.search.yahoo.com?fr=hp-avast&type=avastbcl

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://nl.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://nl.search.yahoo.com?fr=hp-avast&type=avastbcl

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

  F2 - REG:system.ini: UserInit=userinit.exe,

  O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe” /R

  O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe” /s

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Spesoft Windows 8 Start Menu\Spesoft Windows 8 Start Menu.exe”

  O4 - HKLM\..\Run: C:\Program Files (x86)\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe

  O4 - HKUS\S-1-5-18\..\Run: C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe (User ‘SYSTEM’)

  O4 - HKUS\.DEFAULT\..\Run: C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe (User ‘Default user’)

  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

  O11 - Options group: Accelerated graphics

  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

  O23 - Service: Ashampoo Core Tuner 2 Service (ACT2_Service) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe

  O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe

  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

  O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

  O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

  O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

  O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

  O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

  O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

  O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

  O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

  O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

  O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

  O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

  O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

  O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe

  O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

  O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

  O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

  O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

  –

  End of file - 8725 bytes

  ======Listing Processes======

  wininit.exe

  winlogon.exe

  C:\Windows\system32\lsass.exe

  C:\Windows\system32\svchost.exe -k DcomLaunch

  C:\Windows\system32\svchost.exe -k RPCSS

  “dwm.exe”

  C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

  C:\Windows\system32\svchost.exe -k netsvcs

  C:\Windows\system32\svchost.exe -k LocalService

  C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

  C:\Windows\system32\svchost.exe -k NetworkService

  C:\Windows\system32\WLANExt.exe 828577154960

  \??\C:\Windows\system32\conhost.exe 0x4

  C:\Windows\System32\spoolsv.exe

  C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

  “C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe”

  “C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe”

  “C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe”

  “C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe”

  “C:\Program Files\Intel\WiFi\bin\EvtEng.exe”

  dashost.exe {b5264ea6-3b74-454f-9cfbce4294809d67}

  “C:\Program Files\Intel\iCLS Client\HeciServer.exe”

  “C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe”

  “C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe”

  “C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe”

  C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

  “C:\Windows\System32\WUDFHost.exe” -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5830a438-7dd4-496e-8d3f-740ba8802072 -SystemEventPortName:HostProcess-e2f5fe4b-9247-43e9-9da2-37abd4c2628d -IoCancelEventPortName:HostProcess-31a26e17-4f30-4f46-be6b-ff99e6cc35f2 -NonStateChangingEventPortName:HostProcess-1e9c3761-b654-4ab8-bd3d-09caec2eb7d8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9ddadebe-208d-4ae7-b6c7-4c643f576ddd -DeviceGroupId:WudfDefaultDevicePool

  C:\Windows\System32\svchost.exe -k LocalServicePeerNet

  C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

  C:\Windows\system32\wbem\unsecapp.exe -Embedding

  C:\Windows\system32\wbem\wmiprvse.exe

  C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

  taskhostex.exe

  “C:\Program Files\Synaptics\SynTP\SynTPEnh.exe”

  C:\Windows\Explorer.EXE

  “C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe” -ServerName:Microsoft.WindowsLive.Platform.Server

  /QuitInfo:00000000000005B8;0000000000000BB4;

  C:\Windows\system32\SearchIndexer.exe /Embedding

  /loadhooks /Parent:00000000000005ac

  “C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE”

  C:\Windows\System32\skydrive.exe -Embedding

  C:\Windows\System32\RuntimeBroker.exe -Embedding

  “C:\Windows\System32\igfxtray.exe”

  “C:\Windows\system32\igfxsrvc.exe” -Embedding

  “C:\Windows\System32\hkcmd.exe”

  “C:\Windows\System32\igfxpers.exe”

  “C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe” -s

  “C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe” /FORPCEE4

  “C:\Windows\System32\rundll32.exe” “C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll”,TrayApp

  “C:\Program Files (x86)\Spesoft Windows 8 Start Menu\Spesoft Windows 8 Start Menu.exe”

  “C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe”

  “C:\Program Files (x86)\Browser Mouse\Browser Mouse\1.0\LwbWheel.exe”

  “C:\Windows\System32\SettingSyncHost.exe” -Embedding

  “C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe”

  “C:\Program Files\Dolby Digital Plus\ddp.exe” -autostart

  “C:\Program Files\Internet Explorer\iexplore.exe”

  “C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:4724 CREDAT:267521 /prefetch:2

  “C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3527790972-1101768821-547663246-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3527790972-1101768821-547663246-10012 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon” “1”

  “C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe”

  “C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:4724 CREDAT:660743 /prefetch:2

  “C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe”

  “C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe”

  “C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe”

  C:\Windows\system32\wbem\wmiprvse.exe

  “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe”

  “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe”

  “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe”

  “C:\Program Files\Windows Media Player\wmpnetwk.exe”

  “C:\Windows\System32\WWAHost.exe” -ServerName:Windows.Store

  C:\Windows\WinStore\WSHost.exe -Embedding

  “C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:4724 CREDAT:202122 /prefetch:2

  “C:\Windows\system32\SearchProtocolHost.exe” Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 “Software\Microsoft\Windows Search” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)” “C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc” “DownLevelDaemon”

  “C:\Windows\system32\SearchFilterHost.exe” 0 568 572 580 65536 576

  “C:\Users\janmeijs\Desktop\RSITx64.exe”

  ======Registry dump======

  “IAStorIcon”=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe

  “IgfxTray”=C:\Windows\system32\igfxtray.exe

  “HotKeysCmds”=C:\Windows\system32\hkcmd.exe

  “Persistence”=C:\Windows\system32\igfxpers.exe

  “RtHDVCpl”=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

  “RtHDVBg_Dolby”=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

  “BTMTrayAgent”=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll

  “SynTPEnh”=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

  “CLMLServer_For_P2G8”=C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

  “CLVirtualDrive”=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe

  “RemoteControl10”=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

  “YouCam Service”=C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

  “Spesoft Start Menu”=C:\Program Files (x86)\Spesoft Windows 8 Start Menu\Spesoft Windows 8 Start Menu.exe

  “LWBMOUSE”=C:\Program Files (x86)\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe

  C:\Windows\system32\igfxdev.dll

  “ConfirmFileDelete”=1

  “msacm.l3acm”=C:\Windows\System32\l3codeca.acm

  “VIDC.YUY2”=msyuv.dll

  “vidc.i420”=iyuv_32.dll

  “msacm.msgsm610”=msgsm32.acm

  “msacm.msg711”=msg711.acm

  “VIDC.YVYU”=msyuv.dll

  “VIDC.YVU9”=tsbyuv.dll

  “wavemapper”=msacm32.drv

  “midimapper”=midimap.dll

  “VIDC.UYVY”=msyuv.dll

  “VIDC.IYUV”=iyuv_32.dll

  “vidc.mrle”=msrle32.dll

  “msacm.imaadpcm”=imaadp32.acm

  “msacm.msadpcm”=msadp32.acm

  “vidc.msvc”=msvidc32.dll

  “MSVideo8”=VfWWDM32.dll

  “wave1”=wdmaud.drv

  “midi1”=wdmaud.drv

  “mixer1”=wdmaud.drv

  “aux1”=wdmaud.drv

  “midi”=wdmaud.drv

  ======File associations======

  .js - edit - C:\Windows\System32\Notepad.exe %1

  .js - open - C:\Windows\System32\WScript.exe “%1” %*

  ======List of files/folders created in the last 1 month======

  2014-08-26 13:25:08 —-D—- C:\rsit

  2014-08-26 13:25:08 —-D—- C:\Program Files\trend micro

  2014-08-26 13:03:20 —-A—- C:\Windows\system32\drivers\MBAMSwissArmy.sys

  2014-08-26 13:02:48 —-D—- C:\ProgramData\Malwarebytes

  2014-08-26 13:02:48 —-D—- C:\Program Files (x86)\Malwarebytes Anti-Malware

  2014-08-26 13:02:48 —-A—- C:\Windows\system32\drivers\mwac.sys

  2014-08-26 13:02:48 —-A—- C:\Windows\system32\drivers\mbamchameleon.sys

  2014-08-26 13:02:48 —-A—- C:\Windows\system32\drivers\mbam.sys

  2014-08-26 11:33:06 —-D—- C:\Program Files (x86)\VS Revo Group

  2014-08-19 11:13:46 —-D—- C:\Users\janmeijs\AppData\Roaming\Gadwin

  2014-08-19 11:01:20 —-D—- C:\Program Files\Gadwin

  2014-08-17 00:09:05 —-A—- C:\Windows\system32\MrmCoreR.dll

  2014-08-15 09:21:32 —-A—- C:\Windows\system32\rpcrt4.dll

  2014-08-15 09:21:31 —-A—- C:\Windows\SYSWOW64\rpcrt4.dll

  2014-08-15 09:21:30 —-A—- C:\Windows\system32\dxgi.dll

  2014-08-15 09:21:29 —-A—- C:\Windows\SYSWOW64\dxgi.dll

  2014-08-15 09:21:29 —-A—- C:\Windows\system32\dwmcore.dll

  2014-08-15 09:21:29 —-A—- C:\Windows\system32\drivers\dxgkrnl.sys

  2014-08-15 09:21:20 —-A—- C:\Windows\system32\mshtmled.dll

  2014-08-15 09:21:20 —-A—- C:\Windows\system32\jscript9diag.dll

  2014-08-15 09:21:19 —-A—- C:\Windows\system32\jscript9.dll

  2014-08-15 09:21:18 —-A—- C:\Windows\system32\ieapfltr.dll

  2014-08-15 09:21:16 —-A—- C:\Windows\system32\mshtml.dll

  2014-08-15 09:21:15 —-A—- C:\Windows\system32\msfeeds.dll

  2014-08-15 09:21:14 —-A—- C:\Windows\system32\ieframe.dll

  2014-08-15 09:21:13 —-A—- C:\Windows\SYSWOW64\mshtml.dll

  2014-08-15 09:21:03 —-A—- C:\Windows\SYSWOW64\jscript9.dll

  2014-08-15 09:21:01 —-A—- C:\Windows\SYSWOW64\ieframe.dll

  2014-08-15 09:20:59 —-A—- C:\Windows\system32\iertutil.dll

  2014-08-15 09:20:58 —-A—- C:\Windows\system32\urlmon.dll

  2014-08-15 09:20:57 —-A—- C:\Windows\system32\dxtmsft.dll

  2014-08-15 09:20:56 —-A—- C:\Windows\SYSWOW64\iertutil.dll

  2014-08-15 09:20:56 —-A—- C:\Windows\system32\wininet.dll

  2014-08-15 09:20:56 —-A—- C:\Windows\system32\dxtrans.dll

  2014-08-15 09:20:55 —-A—- C:\Windows\SYSWOW64\wininet.dll

  2014-08-15 09:20:55 —-A—- C:\Windows\SYSWOW64\urlmon.dll

  2014-08-15 09:20:55 —-A—- C:\Windows\system32\ie4uinit.exe

  2014-08-15 09:20:54 —-A—- C:\Windows\SYSWOW64\iedkcs32.dll

  2014-08-15 09:20:54 —-A—- C:\Windows\system32\iedkcs32.dll

  2014-08-15 09:20:53 —-A—- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

  2014-08-15 09:20:53 —-A—- C:\Windows\system32\JavaScriptCollectionAgent.dll

  2014-08-15 09:20:52 —-A—- C:\Windows\SYSWOW64\jscript9diag.dll

  2014-08-15 09:20:52 —-A—- C:\Windows\SYSWOW64\dxtrans.dll

  2014-08-15 09:20:52 —-A—- C:\Windows\SYSWOW64\dxtmsft.dll

  2014-08-15 09:20:51 —-A—- C:\Windows\SYSWOW64\msfeeds.dll

  2014-08-15 09:20:48 —-A—- C:\Windows\SYSWOW64\MshtmlDac.dll

  2014-08-15 09:20:48 —-A—- C:\Windows\system32\MshtmlDac.dll

  2014-08-15 09:20:45 —-A—- C:\Windows\SYSWOW64\mshtmled.dll

  2014-08-15 09:20:44 —-A—- C:\Windows\SYSWOW64\ieapfltr.dll

  2014-08-15 09:20:43 —-A—- C:\Windows\SYSWOW64\vbscript.dll

  2014-08-15 09:20:43 —-A—- C:\Windows\system32\vbscript.dll

  2014-08-15 09:19:41 —-A—- C:\Windows\system32\mfcore.dll

  2014-08-15 09:19:40 —-A—- C:\Windows\system32\d3d9.dll

  2014-08-15 09:19:37 —-A—- C:\Windows\SYSWOW64\mfcore.dll

  2014-08-15 09:19:37 —-A—- C:\Windows\SYSWOW64\d3d9.dll

  2014-08-15 09:19:36 —-A—- C:\Windows\system32\vpnike.dll

  2014-08-15 09:19:36 —-A—- C:\Windows\system32\localspl.dll

  2014-08-15 09:19:34 —-A—- C:\Windows\system32\ntdll.dll

  2014-08-15 09:19:34 —-A—- C:\Windows\system32\fveapi.dll

  2014-08-15 09:19:34 —-A—- C:\Windows\system32\dhcpcore.dll

  2014-08-15 09:19:33 —-A—- C:\Windows\SYSWOW64\ntdll.dll

  2014-08-15 09:19:33 —-A—- C:\Windows\system32\actxprxy.dll

  2014-08-15 09:19:32 —-A—- C:\Windows\SYSWOW64\SkyDriveShell.dll

  2014-08-15 09:19:32 —-A—- C:\Windows\system32\SkyDriveShell.dll

  2014-08-15 09:19:32 —-A—- C:\Windows\system32\framedynos.dll

  2014-08-15 09:19:32 —-A—- C:\Windows\system32\drivers\mrxsmb.sys

  2014-08-15 09:19:30 —-A—- C:\Windows\system32\dhcpcore6.dll

  2014-08-15 09:19:29 —-A—- C:\Windows\SYSWOW64\framedynos.dll

  2014-08-15 09:19:29 —-A—- C:\Windows\SYSWOW64\dhcpcore6.dll

  2014-08-15 09:19:29 —-A—- C:\Windows\SYSWOW64\dhcpcore.dll

  2014-08-15 09:19:29 —-A—- C:\Windows\system32\bdesvc.dll

  2014-08-15 09:19:28 —-A—- C:\Windows\system32\BFE.DLL

  2014-08-15 09:19:27 —-A—- C:\Windows\system32\drivers\agilevpn.sys

  2014-08-15 09:19:26 —-A—- C:\Windows\system32\ncobjapi.dll

  2014-08-15 09:19:25 —-A—- C:\Windows\system32\winbici.dll

  2014-08-15 09:19:25 —-A—- C:\Windows\system32\framedyn.dll

  2014-08-15 09:19:23 —-A—- C:\Windows\SYSWOW64\ncobjapi.dll

  2014-08-15 09:19:21 —-A—- C:\Windows\system32\drivers\vwifimp.sys

  2014-08-15 09:19:20 —-A—- C:\Windows\SYSWOW64\WebClnt.dll

  2014-08-15 09:19:20 —-A—- C:\Windows\system32\WebClnt.dll

  2014-08-15 09:19:20 —-A—- C:\Windows\system32\Robocopy.exe

  2014-08-15 09:19:19 —-A—- C:\Windows\system32\dhcpcsvc.dll

  2014-08-15 09:19:18 —-A—- C:\Windows\SYSWOW64\Robocopy.exe

  2014-08-15 09:19:18 —-A—- C:\Windows\system32\IKEEXT.DLL

  2014-08-15 09:19:18 —-A—- C:\Windows\system32\dhcpcsvc6.dll

  2014-08-15 09:19:17 —-A—- C:\Windows\SYSWOW64\framedyn.dll

  2014-08-15 09:19:17 —-A—- C:\Windows\SYSWOW64\dhcpcsvc.dll

  2014-08-15 09:19:17 —-A—- C:\Windows\SYSWOW64\actxprxy.dll

  2014-08-15 09:19:17 —-A—- C:\Windows\system32\BulkOperationHost.exe

  2014-08-15 09:19:14 —-A—- C:\Windows\SYSWOW64\dhcpcsvc6.dll

  2014-08-15 09:19:14 —-A—- C:\Windows\system32\drivers\vwififlt.sys

  2014-08-15 09:19:13 —-A—- C:\Windows\system32\reseteng.dll

  2014-08-15 09:19:12 —-A—- C:\Windows\SYSWOW64\d3d8thk.dll

  2014-08-15 09:19:12 —-A—- C:\Windows\system32\srms.dat

  2014-08-15 09:17:26 —-A—- C:\Windows\system32\drivers\mrxsmb20.sys

  2014-08-15 09:17:19 —-A—- C:\Windows\SYSWOW64\TsWpfWrp.exe

  2014-08-15 09:17:19 —-A—- C:\Windows\system32\TsWpfWrp.exe

  2014-08-15 09:09:25 —-A—- C:\Windows\system32\Wpc.dll

  2014-08-15 09:09:24 —-A—- C:\Windows\SYSWOW64\Wpc.dll

  2014-08-15 09:09:24 —-A—- C:\Windows\system32\WpcWebSync.dll

  2014-08-15 09:09:24 —-A—- C:\Windows\system32\WpcMon.exe

  2014-08-15 09:09:23 —-A—- C:\Windows\system32\SyncEngine.dll

  2014-08-15 09:09:22 —-A—- C:\Windows\system32\SkyDriveTelemetry.dll

  2014-08-15 09:09:22 —-A—- C:\Windows\system32\SkyDrive.exe

  2014-08-15 09:09:06 —-A—- C:\Windows\system32\Windows.UI.Xaml.dll

  2014-08-15 09:09:04 —-A—- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll

  2014-08-15 09:08:59 —-A—- C:\Windows\system32\drivers\tcpip.sys

  2014-08-15 09:08:56 —-A—- C:\Windows\system32\drivers\usbport.sys

  2014-08-15 09:08:56 —-A—- C:\Windows\system32\drivers\usbhub.sys

  2014-08-15 09:08:55 —-A—- C:\Windows\SYSWOW64\rsaenh.dll

  2014-08-15 09:08:55 —-A—- C:\Windows\system32\WUDFSvc.dll

  2014-08-15 09:08:55 —-A—- C:\Windows\system32\WUDFHost.exe

  2014-08-15 09:08:55 —-A—- C:\Windows\system32\rsaenh.dll

  2014-08-15 09:08:55 —-A—- C:\Windows\system32\drivers\WUDFRd.sys

  2014-08-15 09:08:55 —-A—- C:\Windows\system32\drivers\WUDFPf.sys

  2014-08-15 09:08:54 —-A—- C:\Windows\system32\WUDFPlatform.dll

  2014-08-15 09:08:52 —-A—- C:\Windows\system32\drivers\usbuhci.sys

  2014-08-15 09:08:52 —-A—- C:\Windows\system32\drivers\usbehci.sys

  2014-08-15 09:08:52 —-A—- C:\Windows\system32\DaOtpCredentialProvider.dll

  2014-08-15 09:08:51 —-A—- C:\Windows\SYSWOW64\DaOtpCredentialProvider.dll

  2014-08-15 09:08:51 —-A—- C:\Windows\system32\hal.dll

  2014-08-15 09:08:51 —-A—- C:\Windows\system32\drivers\USBHUB3.SYS

  2014-08-15 09:08:51 —-A—- C:\Windows\system32\drivers\usbd.sys

  2014-08-15 09:08:43 —-A—- C:\Windows\SYSWOW64\gdi32.dll

  2014-08-15 09:08:43 —-A—- C:\Windows\system32\win32k.sys

  2014-08-15 09:08:43 —-A—- C:\Windows\system32\gdi32.dll

  2014-08-15 09:08:42 —-A—- C:\Windows\system32\msi.dll

  2014-08-15 09:08:42 —-A—- C:\Windows\system32\MDMAgent.exe

  2014-08-15 09:08:42 —-A—- C:\Windows\system32\authui.dll

  2014-08-15 09:08:41 —-A—- C:\Windows\SYSWOW64\msi.dll

  2014-08-15 09:08:41 —-A—- C:\Windows\SYSWOW64\authui.dll

  2014-08-15 09:08:41 —-A—- C:\Windows\system32\consent.exe

  2014-08-15 09:08:40 —-A—- C:\Windows\SYSWOW64\msihnd.dll

  2014-08-15 09:08:40 —-A—- C:\Windows\system32\msihnd.dll

  ======List of files/folders modified in the last 1 month======

  2014-08-26 13:25:14 —-D—- C:\Windows\Prefetch

  2014-08-26 13:25:08 —-RD—- C:\Program Files

  2014-08-26 13:23:35 —-D—- C:\Windows\Temp

  2014-08-26 13:23:06 —-D—- C:\Windows\system32\DriverStore

  2014-08-26 13:23:06 —-D—- C:\Windows\system32\drivers

  2014-08-26 13:23:06 —-D—- C:\Windows\Inf

  2014-08-26 13:21:45 —-RD—- C:\Program Files (x86)

  2014-08-26 13:21:02 —-D—- C:\Windows\it

  2014-08-26 13:02:48 —-HD—- C:\ProgramData

  2014-08-26 13:00:00 —-D—- C:\Windows\system32\sru

  2014-08-26 10:41:10 —-D—- C:\Windows\debug

  2014-08-26 10:20:22 —-RD—- C:\Windows\System32

  2014-08-26 10:14:37 —-D—- C:\Windows\system32\config

  2014-08-26 10:08:45 —-D—- C:\ProgramData\AVAST Software

  2014-08-26 10:08:44 —-D—- C:\Windows

  2014-08-26 08:56:30 —-A—- C:\Windows\win.ini

  2014-08-26 08:45:22 —-D—- C:\Windows\system32\NDF

  2014-08-25 13:22:08 —-D—- C:\Windows\Microsoft.NET

  2014-08-25 13:17:49 —-D—- C:\Windows\CbsTemp

  2014-08-25 13:14:07 —-D—- C:\Windows\WinSxS

  2014-08-25 13:13:13 —-D—- C:\Windows\WinStore

  2014-08-25 13:13:13 —-D—- C:\Windows\servicing

  2014-08-25 13:13:13 —-D—- C:\Program Files\Windows Photo Viewer

  2014-08-25 13:13:13 —-D—- C:\Program Files\Windows Media Player

  2014-08-25 13:13:13 —-D—- C:\Program Files\Windows Mail

  2014-08-25 13:13:13 —-D—- C:\Program Files\Windows Journal

  2014-08-25 13:13:13 —-D—- C:\Program Files\Windows Defender

  2014-08-25 13:13:13 —-D—- C:\Program Files\Internet Explorer

  2014-08-25 13:13:13 —-D—- C:\Program Files\Common Files\System

  2014-08-25 13:13:13 —-D—- C:\Program Files (x86)\Windows Photo Viewer

  2014-08-25 13:13:13 —-D—- C:\Program Files (x86)\Windows Media Player

  2014-08-25 13:13:13 —-D—- C:\Program Files (x86)\Windows Mail

  2014-08-25 13:13:13 —-D—- C:\Program Files (x86)\Windows Defender

  2014-08-25 13:13:13 —-D—- C:\Program Files (x86)\Internet Explorer

  2014-08-25 13:13:00 —-D—- C:\Windows\SYSWOW64\winrm

  2014-08-25 13:13:00 —-D—- C:\Windows\SYSWOW64\oobe

  2014-08-25 13:13:00 —-D—- C:\Windows\SYSWOW64\fr-FR

  2014-08-25 13:12:58 —-D—- C:\Windows\SYSWOW64\XPSViewer

  2014-08-25 13:12:58 —-D—- C:\Windows\SYSWOW64\WCN

  2014-08-25 13:12:58 —-D—- C:\Windows\SYSWOW64\wbem

  2014-08-25 13:12:58 —-D—- C:\Windows\SYSWOW64\slmgr

  2014-08-25 13:12:58 —-D—- C:\Windows\SYSWOW64\Printing_Admin_Scripts

  2014-08-25 13:12:58 —-D—- C:\Windows\SYSWOW64\MUI

  2014-08-25 13:12:58 —-D—- C:\Windows\SYSWOW64\migration

  2014-08-25 13:12:58 —-D—- C:\Windows\SYSWOW64\drivers

  2014-08-25 13:12:58 —-D—- C:\Windows\SYSWOW64\Dism

  2014-08-25 13:12:58 —-D—- C:\Windows\SYSWOW64\Com

  2014-08-25 13:12:58 —-D—- C:\Windows\SysWOW64

  2014-08-25 13:12:58 —-D—- C:\Windows\IME

  2014-08-25 13:12:51 —-RD—- C:\Windows\ImmersiveControlPanel

  2014-08-25 13:12:51 —-D—- C:\Windows\system32\winrm

  2014-08-25 13:12:51 —-D—- C:\Windows\system32\migwiz

  2014-08-25 13:12:51 —-D—- C:\Windows\system32\fr-FR

  2014-08-25 13:12:51 —-D—- C:\Windows\PolicyDefinitions

  2014-08-25 13:12:48 —-D—- C:\Windows\system32\oobe

  2014-08-25 13:12:47 —-D—- C:\Windows\system32\WCN

  2014-08-25 13:12:47 —-D—- C:\Windows\system32\Sysprep

  2014-08-25 13:12:47 —-D—- C:\Windows\system32\slmgr

  2014-08-25 13:12:47 —-D—- C:\Windows\system32\MUI

  2014-08-25 13:12:47 —-D—- C:\Windows\system32\migration

  2014-08-25 13:12:47 —-D—- C:\Windows\system32\drivers\UMDF

  2014-08-25 13:12:47 —-D—- C:\Windows\system32\Dism

  2014-08-25 13:12:47 —-D—- C:\Windows\system32\Boot

  2014-08-25 13:12:44 —-D—- C:\Windows\system32\wbem

  2014-08-25 13:12:44 —-D—- C:\Windows\system32\Printing_Admin_Scripts

  2014-08-25 13:12:43 —-SD—- C:\Windows\system32\dsc

  2014-08-25 13:12:43 —-D—- C:\Windows\system32\SystemResetPlatform

  2014-08-25 13:12:43 —-D—- C:\Windows\system32\Com

  2014-08-25 13:12:43 —-D—- C:\Windows\Help

  2014-08-25 13:12:43 —-D—- C:\Windows\apppatch

  2014-08-25 13:01:24 —-D—- C:\Windows\SYSWOW64\es-ES

  2014-08-25 13:01:12 —-D—- C:\Windows\system32\es-ES

  2014-08-25 12:46:12 —-D—- C:\Windows\SYSWOW64\hu-HU

  2014-08-25 12:45:53 —-D—- C:\Windows\system32\hu-HU

  2014-08-25 12:37:13 —-SHD—- C:\System Volume Information

  2014-08-24 16:58:40 —-A—- C:\Windows\system32\PerfStringBackup.INI

  2014-08-22 11:38:25 —-D—- C:\Windows\AppReadiness

  2014-08-22 10:47:15 —-D—- C:\Windows\system32\catroot2

  2014-08-22 10:40:09 —-D—- C:\Windows\SYSWOW64\pl-PL

  2014-08-22 10:40:09 —-D—- C:\Windows\SYSWOW64\nl-NL

  2014-08-22 10:40:09 —-D—- C:\Windows\SYSWOW64\fi-FI

  2014-08-22 10:40:09 —-D—- C:\Windows\SYSWOW64\da-DK

  2014-08-22 10:40:09 —-D—- C:\Windows\system32\pl-PL

  2014-08-22 10:40:09 —-D—- C:\Windows\system32\nl-NL

  2014-08-22 10:40:09 —-D—- C:\Windows\system32\fi-FI

  2014-08-22 10:40:09 —-D—- C:\Windows\system32\da-DK

  2014-08-22 10:08:43 —-RSD—- C:\Windows\assembly

  2014-08-21 18:48:16 —-D—- C:\Windows\system32\MRT

  2014-08-21 18:46:11 —-A—- C:\Windows\system32\MRT.exe

  2014-08-21 10:16:12 —-D—- C:\Users\janmeijs\AppData\Roaming\Skype

  2014-08-19 11:20:06 —-D—- C:\Windows\Tasks

  2014-08-19 11:01:21 —-SHD—- C:\Windows\Installer

  2014-08-18 14:00:28 —-D—- C:\Windows\SoftwareDistribution

  2014-08-18 13:20:36 —-D—- C:\Windows\system32\Tasks

  2014-08-17 09:28:24 —-HD—- C:\Program Files\WindowsApps

  2014-08-15 23:51:27 —-RD—- C:\Windows\ToastData

  2014-08-15 23:51:25 —-D—- C:\Windows\system32\en-US

  2014-08-15 23:51:25 —-D—- C:\Windows\MediaViewer

  2014-08-15 23:51:25 —-D—- C:\Windows\Camera

  2014-08-15 23:51:24 —-D—- C:\Windows\FileManager

  2014-08-15 09:04:40 —-A—- C:\Windows\system32\mfps.dll

  2014-08-15 08:44:57 —-A—- C:\Windows\system32\ieetwproxystub.dll

  2014-08-15 08:44:57 —-A—- C:\Windows\system32\ieetwcollectorres.dll

  2014-08-15 08:44:57 —-A—- C:\Windows\system32\ieetwcollector.exe

  2014-08-15 08:44:54 —-A—- C:\Windows\system32\ieUnatt.exe

  2014-08-15 08:44:53 —-A—- C:\Windows\system32\iesetup.dll

  2014-08-15 08:44:53 —-A—- C:\Windows\system32\iernonce.dll

  2014-08-15 08:44:44 —-A—- C:\Windows\system32\msrating.dll

  2014-08-15 08:44:43 —-A—- C:\Windows\system32\jsproxy.dll

  2014-08-14 09:56:37 —-D—- C:\ProgramData\Skype

  2014-08-14 09:56:34 —-D—- C:\Program Files (x86)\Common Files

  2014-08-03 22:53:06 —-D—- C:\Users\janmeijs\AppData\Roaming\CyberLink

  2014-08-02 02:17:43 —-A—- C:\Windows\SYSWOW64\FlashPlayerApp.exe

  ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys

  R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys

  R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys

  R2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver; \??\C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys

  R3 acpials;@sensorsalsdriver.inf,%kbfiltr.SvcDesc%;ALS Sensor Filter; C:\Windows\system32\DRIVERS\acpials.sys

  R3 AMPPAL;@oem24.inf,%AMPPAL.SVCDESC%;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter; C:\Windows\System32\drivers\AMPPAL.sys

  R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\Windows\System32\drivers\BthEnum.sys

  R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys

  R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys

  R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys

  R3 btmaux;@oem22.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys

  R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys

  R3 clwvd;@oem3.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys

  R3 ibtusb;@oem23.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\Windows\system32\DRIVERS\ibtusb.sys

  R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys

  R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys

  R3 iwdbus;@oem12.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys

  R3 MEIx64;@oem7.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys

  R3 NETwNb64;@oem27.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless adapter stuurprogramma onder Windows 8.1 64 Bit; C:\Windows\system32\DRIVERS\NETwbw02.sys

  R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys

  R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys

  R3 SensorsAlsDriver;@sensorsalsdriver.inf,%WudfSensorsAlsDriverDisplayName%;UMDF Reflector service for SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys

  R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys

  R3 SynTP;@oem15.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys

  R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys

  S3 AirplaneModeHID;@oem1.inf,%AirplaneModeHid%;AirplaneMode HID Mini-driver for virtual keyborad Device; C:\Windows\System32\drivers\AirplaneModeHID.sys

  S3 AMPPALP;@oem25.inf,%AMPPALP_Desc%;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys

  S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys

  S3 dg_ssudbus;@oem31.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys

  S3 intaud_WaveExtensible;@oem11.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys

  S3 IntcDAud;@oem9.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys

  S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\Windows\system32\DRIVERS\NETwew02.sys

  S3 RSUSBSTOR;@oem17.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys

  S3 RtlWlanu;@oem2.inf,%RtlWlanu.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys

  S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys

  S3 ssudmdm;@oem32.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys

  S3 TDKLIB;TDKLIB; \??\C:\Users\ADMINI~1\AppData\Local\Temp\TdkLib64.sys

  S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys

  ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R2 ACT2_Service;Ashampoo Core Tuner 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe

  R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe

  R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

  R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

  R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

  R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

  R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe

  R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe

  R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe

  R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

  R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe

  R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

  R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe

  R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

  R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

  R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

  S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe

  S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe

  S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

  S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

  S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

  —————–EOF—————–

  Malwarebytes Anti-Malware

  www.malwarebytes.org

  Scan Date: 26-8-2014

  Scan Time: 13:04:05

  Logfile: mb.txt

  Administrator: Yes

  Version: 2.00.2.1012

  Malware Database: v2014.08.26.01

  Rootkit Database: v2014.08.21.01

  License: Free

  Malware Protection: Disabled

  Malicious Website Protection: Disabled

  Self-protection: Disabled

  OS: Windows 8.1

  CPU: x64

  File System: NTFS

  User: Jan

  Scan Type: Threat Scan

  Result: Completed

  Objects Scanned: 330072

  Time Elapsed: 16 min, 28 sec

  Memory: Enabled

  Startup: Enabled

  Filesystem: Enabled

  Archives: Enabled

  Rootkits: Disabled

  Heuristics: Enabled

  PUP: Enabled

  PUM: Enabled

  Processes: 1

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\updateClearThink.exe, 1276, Delete-on-Reboot,

  Modules: 0

  (No malicious items detected)

  Registry Keys: 16

  PUP.Optional.ClearThink.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update ClearThink, Quarantined, ,

  PUP.Optional.ClearThink.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util ClearThink, Quarantined, ,

  PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Quarantined, ,

  PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7e6d4e3e-fc66-4036-9799-ce5c625c4c56}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{06E035F9-C6B3-4AE7-A839-BA68791F5499}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D8972B0D-B0FB-4158-A567-365283693AD6}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D8972B0D-B0FB-4158-A567-365283693AD6}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{06E035F9-C6B3-4AE7-A839-BA68791F5499}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7E6D4E3E-FC66-4036-9799-CE5C625C4C56}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKU\S-1-5-21-3527790972-1101768821-547663246-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7E6D4E3E-FC66-4036-9799-CE5C625C4C56}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKU\S-1-5-21-3527790972-1101768821-547663246-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7E6D4E3E-FC66-4036-9799-CE5C625C4C56}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKU\S-1-5-21-3527790972-1101768821-547663246-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7E6D4E3E-FC66-4036-9799-CE5C625C4C56}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKU\S-1-5-21-3527790972-1101768821-547663246-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7E6D4E3E-FC66-4036-9799-CE5C625C4C56}, Quarantined, ,

  PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\ClearThink, Quarantined, ,

  PUP.Optional.ClearThink.A, HKU\S-1-5-21-3527790972-1101768821-547663246-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ClearThink, Quarantined, ,

  Registry Values: 0

  (No malicious items detected)

  Registry Data: 0

  (No malicious items detected)

  Folders: 11

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink, Delete-on-Reboot, ,

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\bin, Quarantined, ,

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\bin\plugins, Quarantined, ,

  PUP.Optional.OpenCandy, C:\Users\janmeijs\AppData\Roaming\OpenCandy, Quarantined, ,

  PUP.Optional.OpenCandy, C:\Users\janmeijs\AppData\Roaming\OpenCandy\BCF258758AAF4661860231FB94BDDE69, Quarantined, ,

  PUP.Optional.OpenCandy, C:\Users\janmeijs\AppData\Roaming\OpenCandy\C26ACABE4A934F4D804739FE44B1D783, Quarantined, ,

  PUP.Optional.Astromenda.A, C:\Users\janmeijs\AppData\Roaming\Astromenda, Quarantined, ,

  PUP.Optional.Astromenda.A, C:\Users\janmeijs\AppData\Roaming\Astromenda\BRS, Quarantined, ,

  PUP.Optional.Astromenda.A, C:\Users\janmeijs\AppData\Roaming\WSE_Astromenda, Quarantined, ,

  PUP.Optional.Astromenda.A, C:\Users\janmeijs\AppData\Roaming\WSE_Astromenda\icons_3.0.10.3, Quarantined, ,

  PUP.Optional.Astromenda.A, C:\Users\janmeijs\AppData\Roaming\WSE_Astromenda\UpdateProc, Quarantined, ,

  Files: 19

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\updateClearThink.exe, Delete-on-Reboot, ,

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\bin\utilClearThink.exe, Quarantined, ,

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\ClearThinkBHO.dll, Quarantined, ,

  PUP.Optional.OpenCandy.A, C:\Users\janmeijs\AppData\Roaming\OpenCandy\BCF258758AAF4661860231FB94BDDE69\dlm.exe, Quarantined, ,

  PUP.Optional.OpenCandy.A, C:\Users\janmeijs\AppData\Roaming\OpenCandy\C26ACABE4A934F4D804739FE44B1D783\dlm.exe, Quarantined, ,

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\ClearThink.ico, Quarantined, ,

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\0, Quarantined, ,

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\7za.exe, Quarantined, ,

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\updateClearThink.InstallState, Quarantined, ,

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\bin\7za.exe, Quarantined, ,

  PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\bin\utilClearThink.InstallState, Quarantined, ,

  PUP.Optional.OpenCandy, C:\Users\janmeijs\AppData\Roaming\OpenCandy\BCF258758AAF4661860231FB94BDDE69\3213.ico, Quarantined, ,

  PUP.Optional.OpenCandy, C:\Users\janmeijs\AppData\Roaming\OpenCandy\BCF258758AAF4661860231FB94BDDE69\speedupmypcNL.exe, Quarantined, ,

  PUP.Optional.OpenCandy, C:\Users\janmeijs\AppData\Roaming\OpenCandy\BCF258758AAF4661860231FB94BDDE69\speedupmypcNL_p3v0.exe, Quarantined, ,

  PUP.Optional.Astromenda.A, C:\Users\janmeijs\AppData\Roaming\Astromenda\BRS\stats, Quarantined, ,

  PUP.Optional.Astromenda.A, C:\Users\janmeijs\AppData\Roaming\WSE_Astromenda\icons_3.0.10.3\ctr.ico, Quarantined, ,

  PUP.Optional.Astromenda.A, C:\Users\janmeijs\AppData\Roaming\WSE_Astromenda\UpdateProc\bkup.dat, Quarantined, ,

  PUP.Optional.Astromenda.A, C:\Users\janmeijs\AppData\Roaming\WSE_Astromenda\UpdateProc\config.dat, Quarantined, ,

  PUP.Optional.Astromenda.A, C:\Users\janmeijs\AppData\Roaming\WSE_Astromenda\UpdateProc\info.dat, Quarantined, ,

  Physical Sectors: 0

  (No malicious items detected)

  (end)

  Rapporteren
• 

  Ben

  26-08-2014 15:04

  Hallo,

  Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.

  Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

  Download Zoek.exe naar het bureaublad.

  * Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.

  Zoek.exe uitvoeren

  Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

  * Dubbelklik vervolgens op Zoek.exe om de tool te starten.

  * Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

  * Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:

  * Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

  firefoxlook;

  torpigcheck;

  emptyfolderscheck;delete

  chromelook;

  standardsearch;

  filesrcm;

  autoclean;

  startupall;

  * Klik nu op de knop "Run script".

  * Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  * Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  * Post het geopende logje in het volgende bericht.

  Rapporteren
• 

  lg

  26-08-2014 18:13

  ik weet niet of alles goed gegaan hij schakelde tijdens het scannen.

  Dit log file terug gevonden

  Zoek.exe v5.0.0.0 Updated 26-08-2014

  Tool run by Jan on di 26-08-2014 at 17:52:52,04.

  Microsoft Windows 8.1 6.3.9600 x64

  Running in: Normal Mode Internet Access Detected

  Launched: C:\Users\janmeijs\Desktop\zoek.exe

  ==== System Restore Info ======================

  26-8-2014 17:54:10 Zoek.exe System Restore Point Created Succesfully.

  ==== Torpig Check ======================

  HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll

  HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll

  ==== Empty Folders Check ======================

  C:\Users\Gast\AppData\Local\VirtualStore deleted successfully

  Rapporteren
• 

  Ben

  26-08-2014 18:17

  Hallo,

  Nee het is niet goed gegaan voer het nogmaals uit.

  Rapporteren
• 

  lg

  26-08-2014 19:23

  Even via een andere pc

  Is het normaal dat Zoek.exe blijft hangen op

  Delete service sinds 18:37:56,73?

  Rapporteren
• 

  Ben

  26-08-2014 19:28

  Hallo,

  Niet zo lang sluit zoek.exe af en voer zoek.exe uit in veilige modus.

  Rapporteren
• 

  lg

  26-08-2014 19:33

  Afgesloten toen kwam dit te voor schijn

  Zoek.exe v5.0.0.0 Updated 26-08-2014

  Tool run by Jan on di 26-08-2014 at 18:19:57,16.

  Microsoft Windows 8.1 6.3.9600 x64

  Running in: Normal Mode Internet Access Detected

  Launched: C:\Users\janmeijs\Desktop\zoek.exe

  ===== Runcheck 18:20:14,05 =====

  — Create Environment Variables 18:20:16,33

  — Checking Input 18:20:28,22

  — Torpig Check 18:20:33,17

  — AU AppData Check 18:20:35,69

  — Remove From Windows Installer 18:20:39,44

  — IE Startpage Check 18:22:03,84

  — Program Files DB Check 18:22:39,70

  — C:\Users\Default\AppData\Roaming DB Check 18:24:12,24

  — C:\Users\Default User\AppData\Roaming DB Check 18:24:12,24

  — C:\Users\Gast\AppData\Roaming DB Check 18:24:12,24

  — C:\Users\janmeijs\AppData\Roaming DB Check 18:24:12,24

  — C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 18:24:12,24

  — C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 18:24:12,24

  — C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 18:24:12,24

  — C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 18:24:12,24

  — C:\Users\janmeijs DB Check 18:28:50,82

  — C:\PROGRA~3 DB Check 18:29:23,61

  — C:\Users\Default\AppData\Local DB Check 18:29:26,19

  — C:\Users\Default User\AppData\Local DB Check 18:29:26,19

  — C:\Users\Gast\AppData\Local DB Check 18:29:26,19

  — C:\Users\janmeijs\AppData\Local DB Check 18:29:26,19

  — C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 18:29:26,19

  — C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 18:29:26,19

  — C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 18:29:26,19

  — C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 18:29:26,19

  — C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 18:32:32,31

  — C:\Users\janmeijs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 18:32:49,20

  — Tasks DB Check 18:32:59,06

  — Downloads DB Check 18:33:05,97

  — C:\Users\Gast\AppData\LocalLow DB Check 18:33:15,05

  — C:\Users\janmeijs\AppData\LocalLow DB Check 18:33:15,05

  — C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 18:33:15,05

  — C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 18:33:15,05

  — C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 18:33:15,05

  — C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 18:33:15,05

  — Tasks2 DB Check 18:35:27,12

  — Documents DB Check 18:36:14,38

  — C:\Users\Public\Desktop DB Check 18:36:26,90

  — C:\Users\janmeijs\Desktop DB Check 18:36:33,68

  — Services DB Check 18:36:45,86

  — FF prefs.js DB Check 18:37:09,81

  — Del by CLSID 18:37:12,09

  — Processes 18:37:56,32

  — Delete Services 18:37:56,73

  Rapporteren
• 

  lg

  26-08-2014 21:34

  Deze topic kan gesloten worden de laptop gaat terug naar de winkel ivm voeding problemen.

  Dus ik kan even niets meer doen.

  Wederom dank voor de geboden service.

  Lg.

  Rapporteren
• 

  Ben

  26-08-2014 21:37

  Hallo,

  Bedankt voor je terug post, ja dan kunnen we weinig als er zo'n probleem is.

  Rapporteren

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.