logje nakijken

  • marianne40

    ik heb hier een laptop van een vriendin en die heeft wat problemen hiermee. Het icoontje van google chrome ziet er gek uit.

    Word documenten opslaan lukt niet. krijg steeds de melding er is onvoldoende geheugen maar er is voldoende ruimte op de harde schijf.

    Afbeeldingen van internet kunnen niet opgeslagen worden dan krijg je de melding C:/Windows/system32/config/systemprofile/Desktop verwijst naar een locatie die niet toegankelijk is.

    Hieronder heb ik de logjes

    Malwarebytes Anti-Malware

    www.malwarebytes.org

    Scan Date: 12-5-2014

    Scan Time: 20:24:24

    Logfile: mbamlog.txt

    Administrator: Yes

    Version: 2.00.1.1004

    Malware Database: v2014.05.12.06

    Rootkit Database: v2014.03.27.01

    License: Free

    Malware Protection: Disabled

    Malicious Website Protection: Disabled

    Chameleon: Disabled

    OS: Windows 7 Service Pack 1

    CPU: x64

    File System: NTFS

    User: Rochelle

    Scan Type: Threat Scan

    Result: Completed

    Objects Scanned: 287312

    Time Elapsed: 18 min, 8 sec

    Memory: Enabled

    Startup: Enabled

    Filesystem: Enabled

    Archives: Enabled

    Rootkits: Disabled

    Shuriken: Enabled

    PUP: Enabled

    PUM: Enabled

    Processes: 0

    (No malicious items detected)

    Modules: 0

    (No malicious items detected)

    Registry Keys: 16

    PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , ,

    PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , ,

    PUP.Optional.MixiDJToolbar.A, HKLM\SOFTWARE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, , ,

    PUP.Optional.MixiDJToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, , ,

    PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , ,

    PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , ,

    PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, , ,

    PUP.Optional.SoftwareUpdater.A, HKLM\SOFTWARE\WOW6432NODE\SOFTWAREUPDATER, , ,

    PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, , ,

    PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, , ,

    PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, , ,

    PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , ,

    PUP.Optional.DataMngr.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, , ,

    PUP.Optional.DataMngr.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, , ,

    PUP.Optional.Babylon.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , ,

    PUP.Optional.SweetIM.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.BAK-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, , ,

    Registry Values: 3

    PUP.Optional.SoftwareUpdater.A, HKLM\SOFTWARE\WOW6432NODE\SOFTWAREUPDATER|partner_keyword, ALLFILEWINCOM, ,

    PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 11111111, ,

    PUP.Optional.SweetIM.A, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, 11111111, ,

    Registry Data: 1

    PUP.Optional.StartPage, HKU\S-1-5-21-4247244868-4280345956-1845474204-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=786E4C72B90DBB2B&affID=121136&tsp=4960, Good: (http://www.google.com), Bad: (http://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=786E4C72B90DBB2B&affID=121136&tsp=4960),,

    Folders: 3

    PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater, , ,

    PUP.Optional.PutLocker.A, C:\Program Files (x86)\PutLockerDownloader, , ,

    PUP.Optional.PutLockerDownloader.A, C:\Program Files (x86)\PutLockerDownloader.com, , ,

    Files: 11

    Trojan.ELEX, C:\Users\Rochelle\Downloads\yet_another_cleaner.exe, , ,

    PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\KeyGen.dll, , ,

    PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe, , ,

    PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe.config, , ,

    PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\config.xml, , ,

    PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\Interop.Shell32.dll, , ,

    PUP.Optional.SoftwareUpdater.A, C:\Program Files (x86)\SoftwareUpdater\translations.xml, , ,

    PUP.Optional.BrowserDefender.A, C:\Users\Rochelle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage, , ,

    PUP.Optional.PutLocker.A, C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx, , ,

    PUP.Optional.PutLockerDownloader.A, C:\Program Files (x86)\PutLockerDownloader.com\PTLextsetup.exe, , ,

    PUP.Optional.PutLockerDownloader.A, C:\Program Files (x86)\PutLockerDownloader.com\PutLockerDownloader.exe, , ,

    Physical Sectors: 0

    (No malicious items detected)

    (end)

    Logfile of random's system information tool 1.09 (written by random/random)

    Run by Rochelle at 2014-05-12 20:33:40

    Microsoft Windows 7 Home Premium Service Pack 1

    System drive C: has 130 GB (65%) free of 200 GB

    Total RAM: 5980 MB (72% free)

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 20:33:46, on 12-5-2014

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v11.0 (11.00.9600.17041)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    C:\Program Files\trend micro\Rochelle.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    F2 - REG:system.ini: UserInit=userinit.exe,

    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - (no file)

    O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\18.1.0.443\AVG Nation toolbar_toolbar.dll

    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    O3 - Toolbar: AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\18.1.0.443\AVG Nation toolbar_toolbar.dll

    O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe”

    O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG\AVG2014\avgui.exe” /TRAYONLY

    O4 - HKLM\..\Run: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

    O4 - HKLM\..\Run: C:\Program Files (x86)\Launch Manager\LManager.exe

    O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

    O4 - HKLM\..\Run: “C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe” /s

    O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Nation toolbar\vprot.exe”

    O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”

    O4 - HKLM\..\RunOnce: “C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe” “C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware”

    O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: “C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Spotify\Spotify.exe” /uri spotify:autostart

    O4 - HKCU\..\Run: “C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe”

    O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)

    O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)

    O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)

    O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Rochelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: Accelerated graphics

    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

    O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

    O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: vToolbarUpdater18.1.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    End of file - 9778 bytes

    ======Listing Processes======

    \SystemRoot\System32\smss.exe

    c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot

    C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=eac3a802-3c0c-4f6f-9338-195854b0f07b /coreSdkOptions=4382 /logConfFile=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\fb7e9671-0308-4809-b5ca-c83c54ef5914-1dc-oopp.tmp” /loggerName=AVG.RS.Core /binaryPath=“C:\Program Files (x86)\AVG\AVG2014\” /tempPath=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\” /logPath=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\”

    %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

    wininit.exe

    %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

    winlogon.exe

    C:\Windows\system32\services.exe

    C:\Windows\system32\lsass.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”

    “C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe”

    “C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe”

    “C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe” /service

    “C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe” /service

    “C:\Program Files (x86)\Launch Manager\dsiwmis.exe”

    “C:\Program Files (x86)\Launch Manager\LMutilps32.exe” –system-level-mutex=“Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}” –enable-wmi-window

    C:\Windows\system32\svchost.exe -k imgsvc

    “C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe”

    “C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”

    WLIDSvcM.exe 1284

    “C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe” 72648 “C:\ProgramData\AVG Secure Search\Logger\logger.properties”

    \??\C:\Windows\system32\conhost.exe "-1229512238-1289935368549670463631783624-1502201531-1258674192-1221229926-573990625

    “C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe”

    “C:\Program Files (x86)\AVG\AVG2014\avgemca.exe”

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    “taskhost.exe”

    “C:\Windows\system32\Dwm.exe”

    C:\Windows\Explorer.EXE

    “C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe”

    “C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe”

    C:\Windows\system32\SearchIndexer.exe /Embedding

    “C:\Program Files\Windows Media Player\wmpnetwk.exe”

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    “C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe”

    “C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe”

    “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”

    “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –type=gpu-process –channel=“4032.0.348586318\1308466720” –disable-d3d11 –supports-dual-gpus=false –gpu-driver-bug-workarounds=0,1,5,14,28 –disable-accelerated-video-decode –gpu-vendor-id=0x8086 –gpu-device-id=0x0106 –gpu-driver-vendor=“Intel Corporation” –gpu-driver-version=8.15.10.2653 –ignored=“ –type=renderer ” /prefetch:822062411

    “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –type=renderer –lang=nl –force-fieldtrials=“AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Default/OmniboxBundledExperimentV1/PrePeriod_Hivemind_A3_Stable_R5/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/” –renderer-print-preview –enable-threaded-compositing –enable-delegated-renderer –enable-deadline-scheduling –disable-accelerated-video-decode –enable-software-compositing –channel=“4032.3.345481757\255951027” /prefetch:673131151

    C:\Windows\system32\svchost.exe -k SDRSVC

    “C:\Windows\system32\config\systemprofile\Desktop\RSITx64 (1).exe”

    C:\Windows\system32\wbem\wmiprvse.exe

    ======Scheduled tasks folder======

    C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4247244868-4280345956-1845474204-1000Core.job

    C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4247244868-4280345956-1845474204-1000UA.job

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    C:\Windows\tasks\Norton Security Scan for Rochelle.job

    ======Registry dump======

    Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

    Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    Aanmeldhulp voor Microsoft-account - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    AVG Nation toolbar - C:\Program Files (x86)\AVG Nation toolbar\18.1.0.443\AVG Nation toolbar_toolbar.dll

    Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

    Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Nation toolbar - C:\Program Files (x86)\AVG Nation toolbar\18.1.0.443\AVG Nation toolbar_toolbar.dll

    “IgfxTray”=C:\Windows\system32\igfxtray.exe

    “HotKeysCmds”=C:\Windows\system32\hkcmd.exe

    “Persistence”=C:\Windows\system32\igfxpers.exe

    “*Restore”=C:\Windows\System32\rstrui.exe

    “Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe

    “Spotify”=C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Spotify\Spotify.exe

    “Spotify Web Helper”=C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

    “USB3MON”=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

    “AVG_UI”=C:\Program Files (x86)\AVG\AVG2014\avgui.exe

    “IAStorIcon”=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

    “LManager”=C:\Program Files (x86)\Launch Manager\LManager.exe

    “Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    “YouCam Service”=C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

    “vProt”=C:\Program Files (x86)\AVG Nation toolbar\vprot.exe

    “SunJavaUpdateSched”=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    “Malwarebytes Anti-Malware (cleanup)”=C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe

    C:\Windows\system32\igfxdev.dll

    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    “SecurityProviders”=credssp.dll

    “ConsentPromptBehaviorAdmin”=0

    “ConsentPromptBehaviorUser”=3

    “EnableLUA”=0

    “EnableUIADesktopToggle”=0

    “PromptOnSecureDesktop”=0

    “dontdisplaylastusername”=0

    “legalnoticecaption”=

    “legalnoticetext”=

    “shutdownwithoutlogon”=1

    “undockwithoutlogon”=1

    “NoDriveTypeAutoRun”=145

    “NoActiveDesktop”=1

    “NoActiveDesktopChanges”=1

    “ForceActiveDesktopOn”=0

    “vidc.mrle”=msrle32.dll

    “vidc.msvc”=msvidc32.dll

    “msacm.imaadpcm”=imaadp32.acm

    “msacm.msg711”=msg711.acm

    “msacm.msgsm610”=msgsm32.acm

    “msacm.msadpcm”=msadp32.acm

    “midimapper”=midimap.dll

    “wavemapper”=msacm32.drv

    “VIDC.UYVY”=msyuv.dll

    “VIDC.YUY2”=msyuv.dll

    “VIDC.YVYU”=msyuv.dll

    “VIDC.IYUV”=iyuv_32.dll

    “vidc.i420”=iyuv_32.dll

    “VIDC.YVU9”=tsbyuv.dll

    “msacm.l3acm”=C:\Windows\System32\l3codeca.acm

    “wave1”=wdmaud.drv

    “midi1”=wdmaud.drv

    “mixer1”=wdmaud.drv

    “aux1”=wdmaud.drv

    “MSVideo8”=VfWWDM32.dll

    “wave”=wdmaud.drv

    “midi”=wdmaud.drv

    “mixer”=wdmaud.drv

    “aux”=wdmaud.drv

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1

    .js - open - C:\Windows\System32\WScript.exe “%1” %*

    ======List of files/folders created in the last 3 months======

    2014-05-12 20:33:41 —-D—- C:\Program Files\trend micro

    2014-05-12 20:33:40 —-D—- C:\rsit

    2014-05-12 20:26:03 —-A—- C:\Windows\system32\drivers\wbelkjxi.sys

    2014-05-12 20:04:57 —-A—- C:\Windows\system32\drivers\MBAMSwissArmy.sys

    2014-05-12 20:04:19 —-D—- C:\ProgramData\Malwarebytes

    2014-05-12 20:04:19 —-D—- C:\Program Files (x86)\Malwarebytes Anti-Malware

    2014-05-12 20:04:19 —-A—- C:\Windows\system32\drivers\mwac.sys

    2014-05-12 20:04:19 —-A—- C:\Windows\system32\drivers\mbamchameleon.sys

    2014-05-12 20:04:19 —-A—- C:\Windows\system32\drivers\mbam.sys

    2014-05-06 20:54:12 —-SD—- C:\Windows\system32\CompatTel

    2014-05-06 15:52:16 —-A—- C:\Windows\system32\aepdu.dll

    2014-05-06 15:52:16 —-A—- C:\Windows\system32\aeinv.dll

    2014-05-03 21:16:01 —-A—- C:\Windows\system32\mshtml.dll

    2014-05-03 21:15:59 —-A—- C:\Windows\SYSWOW64\mshtml.dll

    2014-04-28 18:38:26 —-D—- C:\ProgramData\AVG Secure Search

    2014-04-18 18:10:28 —-D—- C:\ProgramData\Oracle

    2014-04-18 18:10:16 —-A—- C:\Windows\SYSWOW64\javaws.exe

    2014-04-18 18:10:11 —-A—- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

    2014-04-18 18:10:11 —-A—- C:\Windows\SYSWOW64\java.exe

    2014-04-18 17:35:12 —-A—- C:\Windows\SYSWOW64\ieui.dll

    2014-04-18 17:35:12 —-A—- C:\Windows\system32\ieui.dll

    2014-04-18 17:35:08 —-A—- C:\Windows\SYSWOW64\vbscript.dll

    2014-04-18 17:35:08 —-A—- C:\Windows\system32\vbscript.dll

    2014-04-18 17:35:04 —-A—- C:\Windows\system32\iernonce.dll

    2014-04-18 17:35:04 —-A—- C:\Windows\system32\ie4uinit.exe

    2014-04-18 17:35:03 —-A—- C:\Windows\system32\JavaScriptCollectionAgent.dll

    2014-04-18 17:35:03 —-A—- C:\Windows\system32\ieetwcollectorres.dll

    2014-04-18 17:35:02 —-A—- C:\Windows\SYSWOW64\dxtmsft.dll

    2014-04-18 17:35:02 —-A—- C:\Windows\system32\jscript9diag.dll

    2014-04-18 17:35:02 —-A—- C:\Windows\system32\dxtrans.dll

    2014-04-18 17:35:02 —-A—- C:\Windows\system32\dxtmsft.dll

    2014-04-18 17:35:01 —-A—- C:\Windows\SYSWOW64\msrating.dll

    2014-04-18 17:35:01 —-A—- C:\Windows\SYSWOW64\msfeeds.dll

    2014-04-18 17:35:01 —-A—- C:\Windows\SYSWOW64\jsproxy.dll

    2014-04-18 17:35:01 —-A—- C:\Windows\SYSWOW64\dxtrans.dll

    2014-04-18 17:35:01 —-A—- C:\Windows\system32\msrating.dll

    2014-04-18 17:35:01 —-A—- C:\Windows\system32\msfeeds.dll

    2014-04-18 17:35:01 —-A—- C:\Windows\system32\jsproxy.dll

    2014-04-18 17:35:00 —-A—- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

    2014-04-18 17:35:00 —-A—- C:\Windows\SYSWOW64\ieUnatt.exe

    2014-04-18 17:35:00 —-A—- C:\Windows\SYSWOW64\iesetup.dll

    2014-04-18 17:35:00 —-A—- C:\Windows\SYSWOW64\iernonce.dll

    2014-04-18 17:35:00 —-A—- C:\Windows\system32\ieUnatt.exe

    2014-04-18 17:35:00 —-A—- C:\Windows\system32\iesetup.dll

    2014-04-18 17:34:57 —-A—- C:\Windows\SYSWOW64\jscript9diag.dll

    2014-04-18 17:34:57 —-A—- C:\Windows\SYSWOW64\ieetwproxystub.dll

    2014-04-18 17:34:56 —-A—- C:\Windows\SYSWOW64\ieapfltr.dll

    2014-04-18 17:34:56 —-A—- C:\Windows\system32\ieetwproxystub.dll

    2014-04-18 17:34:56 —-A—- C:\Windows\system32\ieetwcollector.exe

    2014-04-18 17:34:56 —-A—- C:\Windows\system32\ieapfltr.dll

    2014-04-18 17:34:55 —-A—- C:\Windows\system32\MsSpellCheckingFacility.exe

    2014-04-18 17:34:54 —-A—- C:\Windows\SYSWOW64\wininet.dll

    2014-04-18 17:34:54 —-A—- C:\Windows\SYSWOW64\urlmon.dll

    2014-04-18 17:34:54 —-A—- C:\Windows\SYSWOW64\iertutil.dll

    2014-04-18 17:34:54 —-A—- C:\Windows\system32\wininet.dll

    2014-04-18 17:34:54 —-A—- C:\Windows\system32\urlmon.dll

    2014-04-18 17:34:54 —-A—- C:\Windows\system32\iertutil.dll

    2014-04-18 17:34:53 —-A—- C:\Windows\system32\ieframe.dll

    2014-04-18 17:34:52 —-A—- C:\Windows\SYSWOW64\ieframe.dll

    2014-04-18 17:34:51 —-A—- C:\Windows\system32\jscript9.dll

    2014-04-18 17:34:50 —-A—- C:\Windows\SYSWOW64\jscript9.dll

    2014-04-18 15:01:56 —-A—- C:\Windows\system32\drivers\avgidsdrivera.sys

    2014-04-17 17:24:18 —-D—- C:\Windows\system32\config\systemprofile\AppData\Roaming\Adobe

    2014-04-17 17:24:02 —-D—- C:\Windows\system32\config\systemprofile\AppData\Roaming\Identities

    2014-04-10 18:00:38 —-A—- C:\Windows\SYSWOW64\iologmsg.dll

    2014-04-10 18:00:38 —-A—- C:\Windows\system32\iologmsg.dll

    2014-04-10 18:00:38 —-A—- C:\Windows\system32\drivers\storport.sys

    2014-04-10 18:00:38 —-A—- C:\Windows\system32\drivers\msiscsi.sys

    2014-04-10 18:00:38 —-A—- C:\Windows\system32\drivers\Diskdump.sys

    2014-04-10 18:00:36 —-A—- C:\Windows\SYSWOW64\setup16.exe

    2014-04-10 18:00:36 —-A—- C:\Windows\SYSWOW64\kernel32.dll

    2014-04-10 18:00:36 —-A—- C:\Windows\system32\wow64win.dll

    2014-04-10 18:00:36 —-A—- C:\Windows\system32\wow64.dll

    2014-04-10 18:00:36 —-A—- C:\Windows\system32\kernel32.dll

    2014-04-10 18:00:35 —-A—- C:\Windows\SYSWOW64\wow32.dll

    2014-04-10 18:00:35 —-A—- C:\Windows\SYSWOW64\user.exe

    2014-04-10 18:00:35 —-A—- C:\Windows\SYSWOW64\ntvdm64.dll

    2014-04-10 18:00:35 —-A—- C:\Windows\SYSWOW64\instnm.exe

    2014-04-10 18:00:35 —-A—- C:\Windows\system32\wow64cpu.dll

    2014-04-10 18:00:35 —-A—- C:\Windows\system32\ntvdm64.dll

    2014-04-10 18:00:35 —-A—- C:\Windows\system32\drivers\ntfs.sys

    2014-03-31 16:20:54 —-A—- C:\Windows\system32\drivers\avgtdia.sys

    2014-03-31 16:06:26 —-A—- C:\Windows\system32\drivers\avgmfx64.sys

    2014-03-27 22:14:26 —-A—- C:\Windows\system32\drivers\avgidsha.sys

    2014-03-27 22:14:24 —-A—- C:\Windows\system32\drivers\avgdiska.sys

    2014-03-27 22:07:10 —-A—- C:\Windows\system32\drivers\avgldx64.sys

    2014-03-27 22:05:02 —-A—- C:\Windows\system32\drivers\avgloga.sys

    2014-03-27 22:03:16 —-A—- C:\Windows\system32\drivers\avgrkx64.sys

    2014-03-16 19:08:20 —-A—- C:\Windows\system32\wwansvc.dll

    2014-03-16 19:08:20 —-A—- C:\Windows\system32\wer.dll

    2014-03-16 19:08:19 —-A—- C:\Windows\SYSWOW64\wer.dll

    2014-03-16 19:08:19 —-A—- C:\Windows\system32\win32k.sys

    2014-03-16 19:07:38 —-A—- C:\Windows\SYSWOW64\qedit.dll

    2014-03-16 19:07:38 —-A—- C:\Windows\system32\qedit.dll

    2014-03-16 19:07:37 —-A—- C:\Windows\SYSWOW64\WindowsCodecs.dll

    2014-03-16 19:07:37 —-A—- C:\Windows\system32\WindowsCodecs.dll

    2014-02-27 04:13:38 —-D—- C:\Windows\Migration

    ======List of files/folders modified in the last 3 months======

    2014-05-12 20:33:41 —-RD—- C:\Program Files

    2014-05-12 20:26:44 —-D—- C:\Windows\Temp

    2014-05-12 20:26:03 —-D—- C:\Windows\system32\drivers

    2014-05-12 20:26:03 —-D—- C:\Windows\ehome

    2014-05-12 20:26:02 —-RD—- C:\Program Files (x86)

    2014-05-12 20:11:26 —-D—- C:\Windows\system32\config

    2014-05-12 20:04:19 —-HD—- C:\ProgramData

    2014-05-12 19:56:07 —-D—- C:\Windows\system32\wbem

    2014-05-12 19:56:07 —-D—- C:\Windows

    2014-05-12 19:54:36 —-D—- C:\Program Files (x86)\AVG Nation toolbar

    2014-05-12 19:54:33 —-D—- C:\Program Files (x86)\Internet Explorer

    2014-05-12 19:54:31 —-D—- C:\Program Files\Internet Explorer

    2014-05-12 19:54:30 —-D—- C:\ProgramData\MFAData

    2014-05-12 19:54:22 —-D—- C:\Windows\AppPatch

    2014-05-12 19:54:18 —-D—- C:\Windows\inf

    2014-05-12 19:54:17 —-SHD—- C:\Windows\Installer

    2014-05-12 19:54:16 —-D—- C:\Windows\PolicyDefinitions

    2014-05-12 19:54:15 —-D—- C:\Windows\SYSWOW64\cache

    2014-05-12 19:54:15 —-D—- C:\Windows\system32\Tasks

    2014-05-12 19:54:15 —-D—- C:\Windows\system32\nl-NL

    2014-05-12 19:54:15 —-D—- C:\Windows\system32\en-US

    2014-05-12 19:54:15 —-D—- C:\Windows\system32\DriverStore

    2014-05-12 19:54:15 —-D—- C:\Windows\system32\CodeIntegrity

    2014-05-12 19:54:15 —-D—- C:\Windows\system32\catroot2

    2014-05-12 19:54:15 —-D—- C:\Windows\System32

    2014-05-12 19:53:34 —-D—- C:\Windows\SYSWOW64\en-US

    2014-05-12 19:53:34 —-D—- C:\Windows\SysWOW64

    2014-05-12 19:53:33 —-D—- C:\Windows\winsxs

    2014-05-12 19:53:33 —-D—- C:\Windows\Tasks

    2014-05-12 19:53:33 —-D—- C:\Windows\SYSWOW64\nl-NL

    2014-05-12 19:53:15 —-D—- C:\Windows\registration

    2014-05-12 19:48:28 —-SHD—- C:\System Volume Information

    2014-05-06 15:47:44 —-D—- C:\Windows\system32\catroot

    2014-04-18 18:10:22 —-D—- C:\Program Files (x86)\Common Files

    2014-04-18 18:10:11 —-D—- C:\Program Files (x86)\Java

    2014-04-17 17:51:12 —-RD—- C:\Program Files (x86)\Skype

    2014-04-17 17:24:11 —-SD—- C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft

    2014-04-16 19:49:27 —-D—- C:\Users

    2014-04-11 18:24:41 —-A—- C:\Windows\system32\PerfStringBackup.INI

    2014-04-11 18:03:04 —-D—- C:\ProgramData\Microsoft Help

    2014-04-11 18:02:10 —-D—- C:\Windows\system32\MRT

    2014-04-11 18:00:12 —-A—- C:\Windows\system32\MRT.exe

    2014-03-17 17:41:55 —-D—- C:\Program Files\Microsoft Silverlight

    2014-03-17 17:41:53 —-D—- C:\Program Files (x86)\Microsoft Silverlight

    2014-03-11 20:09:32 —-D—- C:\ProgramData\Skype

    2014-03-06 22:31:32 —-D—- C:\Windows\system32\NDF

    2014-03-02 17:37:01 —-D—- C:\Windows\Microsoft.NET

    2014-03-02 14:24:08 —-A—- C:\Windows\SYSWOW64\PerfStringBackup.INI

    2014-02-27 19:26:08 —-RSD—- C:\Windows\assembly

    2014-02-27 04:13:38 —-SD—- C:\ProgramData\Microsoft

    2014-02-26 18:07:55 —-D—- C:\Program Files (x86)\Electronic Arts

    2014-02-26 18:07:49 —-HD—- C:\Program Files (x86)\InstallShield Installation Information

    2014-02-24 17:34:04 —-HD—- C:\$AVG

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys

    R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys

    R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys

    R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys

    R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys

    R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hcs.sys

    R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys

    R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys

    R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys

    R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys

    R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys

    R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys

    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys

    R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys

    R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys

    R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys

    R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys

    R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys

    R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys

    R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3xhc.sys

    R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x64.sys

    R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys

    R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\drivers\serscan.sys

    S0 nkhwl;nkhwl; C:\Windows\System32\drivers\wbelkjxi.sys

    S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys

    S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys

    S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys

    S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys

    S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys

    S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys

    S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys

    S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

    R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

    R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

    R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

    R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe

    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

    R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

    R2 vToolbarUpdater18.1.0;vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe

    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

    S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe

    S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

    S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe

    S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe

    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

    S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe

    S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

    S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

    S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

    —————–EOF—————–

  • Ben

    Hallo,

    Voer mbam opnieuw uit en laat na het scannen het genen wat word gevonden in quarantaine zetten zo;

    • Bij de kolom “actie” staat over het algemeen de quarantaine optie geselecteerd, laat dit bij voorkeur onveranderd.

    • Klik vervolgens op de knop Acties toepassen, bij de melding dat uw computer opnieuw opgestart moet worden klikt u op Ja.

    Plaats daarna het logje wat je kan vinden onder de knop Historie.

  • marianne40

    ik heb opnieuw gescant maar hij heeft niets gevonden

  • fazantje

    Hoi Marianne,

    Dan gaan we verder kijken.

    Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.

    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

    Download Zoek.exe naar het bureaublad.

    Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.

    Zoek.exe uitvoeren:

    Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

    Dubbelklik vervolgens op Zoek.exe om de tool te starten.

    Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

    Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:

    Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

    firefoxlook;

    torpigcheck;

    installedprogs;

    emptyfolderscheck;delete

    chromelook;

    standardsearch;

    filesrcm;

    startupall;

    Klik nu op de knop “Run script”.

    Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    Post het geopende logje in het volgende bericht.

    Succes,

    Huib;)

  • marianne40

    ik kreeg tijdens het draaien van zoek exe een foutmelding.

    Regel: 68

    teken: 6

    fout: kan het pad niet vinden

    code: 0

    url: file:///C:/Windows/System32/config/SYSTEM~1/AppData/Local/Temp/zoekrun.hta

    Ik heb wel 1 logje maar weet niet of deze compleet is.

    Zoek.exe v5.0.0.0 Updated 14-April-2014

    Tool run by SYSTEM on di 13-05-2014 at 12:37:11,00.

    Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

    Running in: Normal Mode Internet Access Detected

    Launched: C:\Windows\system32\config\systemprofile\Desktop\zoek.exe

    ==== System Restore Info ======================

    13-5-2014 12:40:18 Zoek.exe System Restore Point Created Succesfully.

    ==== Empty Folders Check ======================

    C:\PROGRA~2\OApps deleted successfully

    C:\PROGRA~2\Origin Games deleted successfully

    C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully

    C:\PROGRA~3\Babylon deleted successfully

    C:\PROGRA~3\Oracle deleted successfully

  • Ben

    Hallo,

    Is dit het gehele logje?

  • marianne40

    ik krijg een foutmelding en heb daarna op ja geklikt en hem wel een uur aan laten staan maar er gebeurt niets meer.

    Dus dit is het enige wat er aan logbestand is.

  • Ben

    Hallo,

    Dan gaan we het anders proberen:

    Download de

    Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links

    Farbar Recovery Scan Tool 32 bit (x86)

    Farbar Recovery Scan Tool 64 bit (x64)

    Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

    Farbar Recovery Scan Tool uitvoeren

    Dubbelklik op FRST.exe om de tool te starten.

    Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

    Als het programma is geopend klik Yes (Ja) bij de disclaimer.

    Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.

    Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de ‘tool’ is gestart.

    Voeg (FRST.txt) logbestand toe aan het volgende bericht.

  • marianne40

    Hoi Ben

    Hier het gevraagde logje.

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-05-2014

    Ran by Rochelle (administrator) on ROCHELLE-LAPTOP on 14-05-2014 15:43:44

    Running from C:\

    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Dutch Standard

    Internet Explorer Version 11

    Boot Mode: Normal

    The only official download link for FRST:

    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

    Download link from any site other than Bleeping Computer is unpermitted or outdated.

    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

    (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

    (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe

    (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe

    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe

    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe

    (Intel Corporation) C:\Windows\System32\igfxtray.exe

    (Intel Corporation) C:\Windows\System32\hkcmd.exe

    (Intel Corporation) C:\Windows\System32\igfxpers.exe

    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

    (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

    () C:\Program Files (x86)\AVG Nation toolbar\vprot.exe

    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

    (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

    (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ==================

    HKLM-x32\…\Run: => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)

    HKLM-x32\…\Run: => C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)

    HKLM-x32\…\Run: => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

    HKLM-x32\…\Run: => C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

    HKLM-x32\…\Run: => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

    HKLM-x32\…\Run: => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)

    HKLM-x32\…\Run: => C:\Program Files (x86)\AVG Nation toolbar\vprot.exe ()

    HKLM-x32\…\Run: => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)

    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

    HKU\S-1-5-21-4247244868-4280345956-1845474204-1000\…\Run: => C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)

    HKU\S-1-5-21-4247244868-4280345956-1845474204-1000\…\Run: => C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)

    HKU\S-1-5-21-4247244868-4280345956-1845474204-1000\…\MountPoints2: {5ae24ec6-31b1-11e3-9ad4-806e6f6e6963} - E:\Autorun.exe

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9B2D07F7E869CF01

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL

    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

    BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

    BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

    BHO-x32: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

    BHO-x32: AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\18.1.0.443\AVG Nation toolbar_toolbar.dll (AVG Secure Search)

    BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

    BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

    Toolbar: HKLM-x32 - AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\18.1.0.443\AVG Nation toolbar_toolbar.dll (AVG Secure Search)

    Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File

    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

    Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)

    Tcpip\Parameters: 192.168.178.1

    FireFox:

    ========

    FF Plugin: @microsoft.com/GENUINE - disabled No File

    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)

    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File

    FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

    FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

    FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    ==================== Services (Whitelisted) =================

    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

    R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)

    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)

    R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe (AVG Secure Search)

    ==================== Drivers (Whitelisted) ====================

    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys (AVG Technologies CZ, s.r.o.)

    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys (AVG Technologies CZ, s.r.o.)

    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys (AVG Technologies CZ, s.r.o.)

    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys (AVG Technologies CZ, s.r.o.)

    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys (AVG Technologies CZ, s.r.o.)

    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys (AVG Technologies CZ, s.r.o.)

    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys (AVG Technologies CZ, s.r.o.)

    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys (AVG Technologies CZ, s.r.o.)

    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys (AVG Technologies)

    R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys (DT Soft Ltd)

    R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys (Atheros Communications, Inc.)

    ==================== NetSvcs (Whitelisted) ===================

    ==================== One Month Created Files and Folders ========

    2014-05-14 15:43 - 2014-05-14 15:43 - 00011504 _____ () C:\FRST.txt

    2014-05-14 15:43 - 2014-05-14 15:43 - 00000000 ____D () C:\FRST

    2014-05-14 15:42 - 2014-05-14 15:42 - 02066944 _____ (Farbar) C:\FRST64.exe

    2014-05-13 16:27 - 2014-05-13 12:58 - 00000404 _____ () C:\zoek-results2014-05-13-105818.log

    2014-05-13 12:58 - 2014-05-13 12:40 - 00000720 _____ () C:\zoek-results2014-05-13-104038.log

    2014-05-13 12:49 - 2014-05-14 15:31 - 00001122 _____ () C:\Windows\PFRO.log

    2014-05-13 12:39 - 2014-05-13 16:27 - 00000450 _____ () C:\zoek-results.log

    2014-05-13 12:37 - 2014-05-13 16:27 - 00000463 _____ () C:\runcheck.txt

    2014-05-13 12:36 - 2014-05-13 12:36 - 01285120 _____ () C:\Windows\system32\config\systemprofile\Desktop\zoek.exe

    2014-05-13 12:36 - 2014-05-13 12:36 - 00000000 ____D () C:\zoek_backup

    2014-05-12 21:22 - 2014-05-14 15:31 - 00000336 _____ () C:\Windows\setupact.log

    2014-05-12 21:22 - 2014-05-12 21:22 - 00000000 _____ () C:\Windows\setuperr.log

    2014-05-12 21:08 - 2014-05-12 21:08 - 00106670 _____ () C:\Windows\system32\config\systemprofile\Documents\cc_20140512_210850.reg

    2014-05-12 20:33 - 2014-05-13 16:06 - 00000000 ____D () C:\Program Files\trend micro

    2014-05-12 20:33 - 2014-05-12 20:33 - 00000000 ____D () C:\rsit

    2014-05-12 20:32 - 2014-05-12 20:32 - 00935175 _____ () C:\Windows\system32\config\systemprofile\Desktop\RSITx64 (1).exe

    2014-05-12 20:04 - 2014-05-13 16:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

    2014-05-12 20:04 - 2014-05-13 16:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

    2014-05-12 20:04 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

    2014-05-12 20:04 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

    2014-05-12 20:04 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

    2014-05-07 13:38 - 2014-05-07 13:38 - 00000000 __SHD () C:\Windows\system32\config\systemprofile\AppData\Local\EmieUserList

    2014-05-07 13:38 - 2014-05-07 13:38 - 00000000 __SHD () C:\Windows\system32\config\systemprofile\AppData\Local\EmieSiteList

    2014-05-06 20:54 - 2014-05-12 21:21 - 00000000 ___SD () C:\Windows\system32\CompatTel

    2014-05-06 15:52 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

    2014-05-06 15:52 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

    2014-05-03 21:16 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

    2014-05-03 21:15 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

    2014-05-03 21:15 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

    2014-05-03 21:15 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

    2014-04-18 18:10 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

    2014-04-18 18:10 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

    2014-04-18 18:10 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

    2014-04-18 18:09 - 2014-04-18 18:10 - 00005883 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log

    2014-04-18 17:35 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

    2014-04-18 17:35 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

    2014-04-18 17:35 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

    2014-04-18 17:35 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

    2014-04-18 17:35 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

    2014-04-18 17:35 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

    2014-04-18 17:35 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

    2014-04-18 17:35 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

    2014-04-18 17:35 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

    2014-04-18 17:35 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

    2014-04-18 17:35 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

    2014-04-18 17:35 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

    2014-04-18 17:35 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

    2014-04-18 17:35 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

    2014-04-18 17:35 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

    2014-04-18 17:35 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

    2014-04-18 17:35 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

    2014-04-18 17:35 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

    2014-04-18 17:35 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

    2014-04-18 17:35 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

    2014-04-18 17:35 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

    2014-04-18 17:35 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

    2014-04-18 17:35 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

    2014-04-18 17:35 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

    2014-04-18 17:35 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

    2014-04-18 17:34 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

    2014-04-18 17:34 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

    2014-04-18 17:34 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

    2014-04-18 17:34 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

    2014-04-18 17:34 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

    2014-04-18 17:34 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

    2014-04-18 17:34 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

    2014-04-18 17:34 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

    2014-04-18 17:34 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

    2014-04-18 17:34 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

    2014-04-18 17:34 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

    2014-04-18 17:34 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

    2014-04-18 17:34 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

    2014-04-18 17:34 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

    2014-04-18 17:34 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

    2014-04-18 17:34 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

    2014-04-18 17:34 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

    2014-04-18 17:34 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

    2014-04-18 17:34 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

    2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

    2014-04-17 17:44 - 2014-04-17 17:44 - 00087368 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT

    2014-04-17 17:43 - 2014-04-17 17:43 - 00001242 _____ () C:\Windows\system32\config\systemprofile\Desktop\Paint.lnk

    2014-04-17 17:24 - 2014-04-17 22:00 - 00001424 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

    2014-04-17 17:24 - 2014-04-17 22:00 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

    2014-04-17 17:24 - 2014-04-17 22:00 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

    2014-04-17 17:24 - 2014-04-17 17:24 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

    2014-04-17 17:24 - 2014-04-17 17:24 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Adobe

    2014-04-17 17:24 - 2013-07-14 14:56 - 00002225 _____ () C:\Windows\system32\config\systemprofile\Desktop\Google Chrome.lnk

    ==================== One Month Modified Files and Folders =======

    2014-05-14 15:43 - 2014-05-14 15:43 - 00011504 _____ () C:\FRST.txt

    2014-05-14 15:43 - 2014-05-14 15:43 - 00000000 ____D () C:\FRST

    2014-05-14 15:43 - 2013-07-27 11:43 - 01508127 _____ () C:\Windows\WindowsUpdate.log

    2014-05-14 15:42 - 2014-05-14 15:42 - 02066944 _____ (Farbar) C:\FRST64.exe

    2014-05-14 15:39 - 2009-07-14 06:45 - 00015824 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

    2014-05-14 15:39 - 2009-07-14 06:45 - 00015824 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

    2014-05-14 15:32 - 2012-10-20 14:30 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

    2014-05-14 15:31 - 2014-05-13 12:49 - 00001122 _____ () C:\Windows\PFRO.log

    2014-05-14 15:31 - 2014-05-12 21:22 - 00000336 _____ () C:\Windows\setupact.log

    2014-05-14 15:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

    2014-05-13 21:23 - 2012-10-20 14:30 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

    2014-05-13 21:22 - 2013-02-19 21:13 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4247244868-4280345956-1845474204-1000UA.job

    2014-05-13 21:22 - 2013-02-19 21:13 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4247244868-4280345956-1845474204-1000Core.job

    2014-05-13 16:27 - 2014-05-13 12:39 - 00000450 _____ () C:\zoek-results.log

    2014-05-13 16:27 - 2014-05-13 12:37 - 00000463 _____ () C:\runcheck.txt

    2014-05-13 16:10 - 2014-05-12 20:04 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

    2014-05-13 16:06 - 2014-05-12 20:33 - 00000000 ____D () C:\Program Files\trend micro

    2014-05-13 16:06 - 2014-05-12 20:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

    2014-05-13 16:06 - 2013-10-29 16:52 - 00000000 ____D () C:\Windows\SysWOW64\cache

    2014-05-13 16:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration

    2014-05-13 12:58 - 2014-05-13 16:27 - 00000404 _____ () C:\zoek-results2014-05-13-105818.log

    2014-05-13 12:40 - 2014-05-13 12:58 - 00000720 _____ () C:\zoek-results2014-05-13-104038.log

    2014-05-13 12:36 - 2014-05-13 12:36 - 01285120 _____ () C:\Windows\system32\config\systemprofile\Desktop\zoek.exe

    2014-05-13 12:36 - 2014-05-13 12:36 - 00000000 ____D () C:\zoek_backup

    2014-05-12 21:22 - 2014-05-12 21:22 - 00000000 _____ () C:\Windows\setuperr.log

    2014-05-12 21:21 - 2014-05-06 20:54 - 00000000 ___SD () C:\Windows\system32\CompatTel

    2014-05-12 21:21 - 2013-10-27 15:07 - 00000000 ____D () C:\Program Files (x86)\AVG Nation toolbar

    2014-05-12 21:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

    2014-05-12 21:08 - 2014-05-12 21:08 - 00106670 _____ () C:\Windows\system32\config\systemprofile\Documents\cc_20140512_210850.reg

    2014-05-12 21:08 - 2012-10-20 14:36 - 00000000 ____D () C:\Windows\Panther

    2014-05-12 20:33 - 2014-05-12 20:33 - 00000000 ____D () C:\rsit

    2014-05-12 20:32 - 2014-05-12 20:32 - 00935175 _____ () C:\Windows\system32\config\systemprofile\Desktop\RSITx64 (1).exe

    2014-05-08 19:42 - 2012-10-20 14:30 - 00004056 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

    2014-05-08 19:42 - 2012-10-20 14:30 - 00003804 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

    2014-05-07 13:38 - 2014-05-07 13:38 - 00000000 __SHD () C:\Windows\system32\config\systemprofile\AppData\Local\EmieUserList

    2014-05-07 13:38 - 2014-05-07 13:38 - 00000000 __SHD () C:\Windows\system32\config\systemprofile\AppData\Local\EmieSiteList

    2014-04-29 16:01 - 2014-05-03 21:16 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

    2014-04-29 15:40 - 2014-05-03 21:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

    2014-04-29 14:48 - 2014-05-03 21:15 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

    2014-04-29 14:34 - 2014-05-03 21:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

    2014-04-28 18:38 - 2013-10-27 15:07 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

    2014-04-18 18:10 - 2014-04-18 18:09 - 00005883 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log

    2014-04-18 18:10 - 2013-09-01 15:38 - 00000000 ____D () C:\Program Files (x86)\Java

    2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

    2014-04-17 22:00 - 2014-04-17 17:24 - 00001424 _____ () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

    2014-04-17 22:00 - 2014-04-17 17:24 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

    2014-04-17 22:00 - 2014-04-17 17:24 - 00000000 ___RD () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

    2014-04-17 17:51 - 2012-10-20 16:35 - 00000000 ___RD () C:\Program Files (x86)\Skype

    2014-04-17 17:44 - 2014-04-17 17:44 - 00087368 _____ () C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT

    2014-04-17 17:43 - 2014-04-17 17:43 - 00001242 _____ () C:\Windows\system32\config\systemprofile\Desktop\Paint.lnk

    2014-04-17 17:24 - 2014-04-17 17:24 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

    2014-04-17 17:24 - 2014-04-17 17:24 - 00000000 ____D () C:\Windows\system32\config\systemprofile\AppData\Roaming\Adobe

    2014-04-17 17:24 - 2013-10-29 16:52 - 00002670 _____ () C:\Windows\SysWOW64\debug.log

    2014-04-14 20:13 - 2014-04-18 18:10 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

    2014-04-14 20:05 - 2014-04-18 18:10 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

    2014-04-14 20:04 - 2014-04-18 18:10 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

    2014-04-14 04:24 - 2014-05-06 15:52 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

    2014-04-14 04:19 - 2014-05-06 15:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit

    C:\Windows\System32\wininit.exe => MD5 is legit

    C:\Windows\SysWOW64\wininit.exe => MD5 is legit

    C:\Windows\explorer.exe => MD5 is legit

    C:\Windows\SysWOW64\explorer.exe => MD5 is legit

    C:\Windows\System32\svchost.exe => MD5 is legit

    C:\Windows\SysWOW64\svchost.exe => MD5 is legit

    C:\Windows\System32\services.exe => MD5 is legit

    C:\Windows\System32\User32.dll => MD5 is legit

    C:\Windows\SysWOW64\User32.dll => MD5 is legit

    C:\Windows\System32\userinit.exe => MD5 is legit

    C:\Windows\SysWOW64\userinit.exe => MD5 is legit

    C:\Windows\System32\rpcss.dll => MD5 is legit

    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    LastRegBack: 2014-01-24 14:30

    ==================== End Of Log ============================

  • Ben

    Hallo,

    Hoe staat het hierna met je klachten?

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.