Na lg pc suite

harryd
26 Jul, 2013 23:20

Zet het hier neer ivm , zie geen code om het op antivirus te plaatsen

Na lg pc suite

Gepost door: harry

Datum: 26/07/2013 23:14

Hallo

ik heb vandaag een mobiel gekocht en heb idem lg pc suite geïnstalleerd

maar er kwam heel veel troep mee naar binnen

druk ik op chrome , dan start startpagina 2x en om de 5 min vraagt een dame rechts onder of ik me verveel……..

hierbij stuur ik effe een logje ter controle

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:10:32, on 26-7-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Unable to get Internet Explorer version!

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.8.19.3\bh\Softonic.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll

O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui

O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-21-3453345529-432745293-659397266-1002\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)

O4 - HKUS\S-1-5-21-3453345529-432745293-659397266-1002\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: Accelerated graphics

O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} -

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) -

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

Bewerkt 27 Jul, 2013 10:16
harryd
26 Jul, 2013 23:24

Bedoel deze melding , zie ik niet meer

Vul hier bovenstaande code in

fazantje
26 Jul, 2013 23:43

Hoi Harry,

Ik heb ff het AV prikbord gecontroleerd, maar ik kan gewoon een bericht plaatsen incl. logjes.

Zou je als nog daar heen willen gaan en eerst ff de stappen uitvoeren van het stappenplan.

Er staan al zaken in je logje die via het stappenplan al zullen verwijderen.

Nog een opmerking, ( ook voor alle meelezers):

Download NOOIT via softsonic !!!!!!!!!!

Dit is vragen om problemen.

Succes,

Huib;)

harryd
27 Jul, 2013 00:11

eset niks gevonden idem mam

# AdwCleaner v2.306 - Verslag gemaakt op 26/07/2013 om 23:54:27

# Geactualiseerd op 19/07/2013 door Xplode

# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits)

# Gebruiker : Gebruiker - GEBRUIK-M9FNQAG

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Gebruiker\Downloads\adwcleaner.exe

# Optie

***** *****

***** *****

Map Verwijderd : C:\Program Files\Common Files\spigot

Map Verwijderd : C:\Program Files\Softonic

Map Verwijderd : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf

Map Verwijderd : C:\Users\Gebruiker\AppData\Local\PackageAware

Map Verwijderd : C:\Users\Gebruiker\AppData\LocalLow\Conduit

Map Verwijderd : C:\Users\Gebruiker\AppData\LocalLow\Softonic

Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\registry mechanic

Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\Softonic

***** *****

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar

Sleutel Verwijderd : HKCU\Software\Conduit

Sleutel Verwijderd : HKCU\Software\Softonic

Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\escort.escortIEPane

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\S

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Softonic.dskBnd

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SoftonicApp.appCore

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Sleutel Verwijderd : HKLM\Software\Conduit

Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic

Sleutel Verwijderd : HKLM\Software\Softonic

Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar

***** *****

-\\ Internet Explorer v10.0.9200.16635

Vervangen : = hxxp://search.softonic.com/MOY00011/tb_v1?SearchSource=10&cc=&mi=3414cd6400000000000000160a1c3a84 –> hxxp://www.google.com

Vervangen : = hxxp://search.softonic.com/MOY00011/tb_v1/?SearchSource=15&cc=&mi=3414cd6400000000000000160a1c3a84 –> hxxp://www.google.com

-\\ Google Chrome v28.0.1500.72

File : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences

De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner.txt - -

AdwCleaner.txt - -

AdwCleaner.txt - -

AdwCleaner.txt - -

########## EOF - C:\AdwCleaner.txt - ##########

fazantje
27 Jul, 2013 00:20

Hoi Harry,

Dit was al een heel mooie verwijdering die ADWcleaner heeft gedaan;)

Voer ook even RSIT uit en plaats dat logje. (punt 5 van het stappenplan)

Hoe staat het nu met het probleem?

Groetjes Huib;)

harryd
27 Jul, 2013 09:37

Geen problemen tot nu toe fazantje

alleen kan die code op viruspagina nog niet zien

hier volgt log

Logfile of random's system information tool 1.09 (written by random/random)

Run by Gebruiker at 2013-07-27 09:33:11

Microsoft Windows 7 Ultimate Service Pack 1

System drive C: has 94 GB (32%) free of 293 GB

Total RAM: 1791 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:33:18, on 27-7-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Unable to get Internet Explorer version!

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Gebruiker\Downloads\RSIT.exe

C:\Program Files\trend micro\Gebruiker.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui

O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-21-3453345529-432745293-659397266-1002\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)

O4 - HKUS\S-1-5-21-3453345529-432745293-659397266-1002\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: Accelerated graphics

O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - http://quickscan.bitdefender.com/qsax/qsax.cab

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

End of file - 8129 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\Wise Turbo Checker.job

======Registry dump======

HistoryTriggerBHO Class - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll

Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll

Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

“avast”=C:\Program Files\AVAST Software\Avast\avastUI.exe

“Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files\Microsoft Office\Office14\BCSSync.exe

C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Hard Drive Inspector\HDInspector.exe

C:\Program Files\IObit\IObit Malware Fighter\IMF.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Installer\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}\_C1A9BF9D98647632ED5172.exe

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll

Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll

“{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

“{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}”=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL

“SecurityProviders”=credssp.dll

“ConsentPromptBehaviorAdmin”=0

“ConsentPromptBehaviorUser”=0

“EnableLUA”=0

“EnableUIADesktopToggle”=0

“PromptOnSecureDesktop”=0

“dontdisplaylastusername”=0

“legalnoticecaption”=

“legalnoticetext”=

“shutdownwithoutlogon”=1

“undockwithoutlogon”=1

“EnableLinkedConnections”=1

“NoDriveTypeAutoRun”=221

“NoResolveTrack”=1

“NoResolveSearch”=1

“NoInstrumentation”=1

“vidc.mrle”=msrle32.dll

“vidc.msvc”=msvidc32.dll

“msacm.imaadpcm”=imaadp32.acm

“msacm.msg711”=msg711.acm

“msacm.msgsm610”=msgsm32.acm

“msacm.msadpcm”=msadp32.acm

“midimapper”=midimap.dll

“wavemapper”=msacm32.drv

“vidc.uyvy”=msyuv.dll

“vidc.yuy2”=msyuv.dll

“vidc.yvyu”=msyuv.dll

“vidc.iyuv”=iyuv_32.dll

“vidc.i420”=iyuv_32.dll

“vidc.yvu9”=tsbyuv.dll

“msacm.l3acm”=C:\Windows\System32\l3codeca.acm

“vidc.cvid”=iccvid.dll

“wave”=wdmaud.drv

“midi”=wdmaud.drv

“mixer”=wdmaud.drv

“aux”=wdmaud.drv

“msacm.siren”=sirenacm.dll

“vidc.dvsd”=pdvcodec.dll

“vidc.DIVX”=DivX.dll

“vidc.yv12”=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-07-27 00:01:52 —-D—- C:\rsit

2013-07-26 23:59:44 —-D—- C:\Program Files\ESET

2013-07-26 23:54:27 —-A—- C:\AdwCleaner.txt

2013-07-26 18:42:55 —-D—- C:\Program Files\LG Electronics

2013-07-15 22:31:34 —-D—- C:\Windows\system32\MRT

2013-07-11 06:05:32 —-A—- C:\Windows\system32\jscript.dll

2013-07-11 06:05:29 —-A—- C:\Windows\system32\jsproxy.dll

2013-07-11 06:05:29 —-A—- C:\Windows\system32\jscript9.dll

2013-07-11 06:05:29 —-A—- C:\Windows\system32\iesetup.dll

2013-07-11 06:05:28 —-A—- C:\Windows\system32\ieui.dll

2013-07-11 06:05:26 —-A—- C:\Windows\system32\RegisterIEPKEYs.exe

2013-07-11 06:05:26 —-A—- C:\Windows\system32\msfeeds.dll

2013-07-11 06:05:26 —-A—- C:\Windows\system32\iernonce.dll

2013-07-11 06:05:26 —-A—- C:\Windows\system32\ie4uinit.exe

2013-07-11 06:05:25 —-A—- C:\Windows\system32\iesysprep.dll

2013-07-11 06:05:24 —-A—- C:\Windows\system32\urlmon.dll

2013-07-11 06:05:23 —-A—- C:\Windows\system32\iertutil.dll

2013-07-11 06:05:20 —-A—- C:\Windows\system32\wininet.dll

2013-07-11 06:05:15 —-A—- C:\Windows\system32\ieframe.dll

2013-07-11 06:05:12 —-A—- C:\Windows\system32\mshtml.dll

2013-07-11 05:36:34 —-A—- C:\Windows\system32\DWrite.dll

2013-07-11 05:36:31 —-A—- C:\Windows\system32\WMVDECOD.DLL

2013-07-11 05:36:30 —-A—- C:\Windows\system32\qedit.dll

2013-07-11 05:36:28 —-A—- C:\Windows\system32\win32k.sys

2013-07-04 21:50:42 —-D—- C:\Users\Gebruiker\AppData\Roaming\Weather Clock

2013-06-28 00:10:56 —-A—- C:\Windows\system32\drivers\SmartDefragDriver.sys

======List of files/folders modified in the last 1 month======

2013-07-27 09:33:15 —-D—- C:\Windows\Temp

2013-07-27 09:33:13 —-D—- C:\Program Files\Trend Micro

2013-07-27 09:32:25 —-D—- C:\Users\Gebruiker\AppData\Roaming\QuickScan

2013-07-27 07:46:44 —-D—- C:\Windows\system32\config

2013-07-27 00:00:05 —-D—- C:\Windows\SoftwareDistribution

2013-07-26 23:59:44 —-RD—- C:\Program Files

2013-07-26 23:59:17 —-D—- C:\Windows

2013-07-26 23:56:10 —-D—- C:\Windows\debug

2013-07-26 23:54:31 —-D—- C:\Program Files\Common Files

2013-07-26 23:40:19 —-D—- C:\Windows\system32\drivers

2013-07-26 23:27:56 —-D—- C:\Windows\system32\catroot2

2013-07-26 23:26:38 —-D—- C:\Windows\inf

2013-07-26 23:01:50 —-SHD—- C:\System Volume Information

2013-07-26 22:56:09 —-D—- C:\Windows\system32\wbem

2013-07-26 22:55:26 —-D—- C:\ProgramData\IObit

2013-07-26 22:55:24 —-SHD—- C:\Windows\Installer

2013-07-26 22:55:24 —-D—- C:\Windows\system32\DriverStore

2013-07-26 22:55:24 —-D—- C:\Windows\system32\drivers\UMDF

2013-07-26 22:55:24 —-D—- C:\Windows\system32\CodeIntegrity

2013-07-26 22:55:24 —-D—- C:\Windows\System32

2013-07-26 22:55:23 —-D—- C:\Windows\Tasks

2013-07-26 22:55:23 —-D—- C:\Windows\system32\Tasks

2013-07-26 22:55:23 —-D—- C:\Windows\registration

2013-07-26 19:53:19 —-D—- C:\Windows\Performance

2013-07-26 18:46:36 —-A—- C:\Windows\system32\PerfStringBackup.INI

2013-07-26 18:44:50 —-HD—- C:\Config.Msi

2013-07-26 18:44:42 —-D—- C:\Windows\system32\catroot

2013-07-26 07:14:03 —-D—- C:\ProgramData\VSO

2013-07-25 14:54:31 —-HD—- C:\Windows\msdownld.tmp

2013-07-25 14:53:23 —-D—- C:\Program Files\CCleaner

2013-07-21 08:11:01 —-D—- C:\Windows\Minidump

2013-07-18 14:10:08 —-A—- C:\Windows\system32\FlashPlayerApp.exe

2013-07-12 17:53:52 —-A—- C:\Windows\winamp.ini

2013-07-11 20:48:38 —-D—- C:\Windows\Panther

2013-07-11 14:40:24 —-D—- C:\Windows\Microsoft.NET

2013-07-11 14:40:22 —-RSD—- C:\Windows\assembly

2013-07-11 13:43:17 —-D—- C:\Windows\winsxs

2013-07-11 13:41:50 —-D—- C:\Program Files\Internet Explorer

2013-07-11 13:41:48 —-D—- C:\Program Files\Windows Journal

2013-07-11 13:41:47 —-D—- C:\Program Files\Windows Defender

2013-07-11 13:41:42 —-D—- C:\Program Files\Microsoft Silverlight

2013-07-11 06:07:05 —-D—- C:\ProgramData\Microsoft Help

2013-07-09 20:35:23 —-D—- C:\Users\Gebruiker\AppData\Roaming\vlc

2013-06-30 08:50:15 —-D—- C:\Users\Gebruiker\AppData\Roaming\BSplayer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys

R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys

R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys

R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys

R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys

R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys

R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys

R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys

S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys

S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag.sys

S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem.sys

S3 AVFSFilter;AVFSFilter; C:\Windows\system32\drivers\AVFSFilter.sys

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys

S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys

S3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys

S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys

S3 Synth3dVsc;Synth3dVsc; C:\Windows\system32\drivers\Synth3dVsc.sys

S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver; C:\Windows\system32\DRIVERS\gtkdrv.sys

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys

S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys

S3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys

S3 VGPU;VGPU; C:\Windows\system32\drivers\VGPU.sys

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys

S4 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe

R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe

S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe

S2 WiseBootAssistant;Wise Boot Assistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe

S3 c2wts;@%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe

S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe

S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe

S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe

S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

—————–EOF—————–

fazantje
27 Jul, 2013 10:16

Hoi Harry,

Ook dit logje ziet er goed uit(tu)

ADWcleaner en RSIT mag je weer verwijderen.

Vraagje over de “code”van het AV prikbord:

Zou je eens precies willen uitleggen welke of wat voor code jij bedoeld.

Je mag ook een print screen maken en naar mij toe sturen.

Mijn mailadres zie je als je op het AV op mijn naam klikt.

Dan kan ik als er wat mis is aanpassingen doen.

Groetjes Huib.