Mededeling

Collapse
No announcement yet.

Browser gehijacked door arccosine

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Browser gehijacked door arccosine

    Hallo,

    Ik heb enkele weken geleden Google Books Downloader gedownload en daarbij blijkbaar ook Arccosine. Arccosine heeft mijn Internet Explorer gehijacked maar Chrome niet. Ik gebruik IE nooit maar ik kon ineens bepaalde video's niet meer bekijken in Chrome en toen ik het probeerde in IE zag ik dat mijn homepage was gehijacked door Arccosine. Op internet staan er alleen instructies voor Firefox om het te verwijderen dus daar heb ik niks aan. Ik heb Google Books Downloader meteen verwijderd maar nog geen resultaat (kan nog steeds geen video's bekijken, ik had ergens gelezen dat dat met elkaar te maken heeft. Ik kan wel YouTube video's kijken maar op bijvoorbeeld deze pagina zijn alle video's zwart: http://www.afterellen.com/2013/06/ex...ts-set-fosters).
    Verder is mijn laptop linksonder erg warm en over het algemeen erg traag met opstarten en ook met opstarten van programma's. Ik heb al CCleaner gedaan, Malwarebytes vond niets, DDS bleef steken op driekwart dus die kon ik niet afmaken. AdAware vond 1 dingetje maar na verwijderen is er nog niets veranderd.

    Hoop dat iemand kan helpen!

  • #2
    DDS deed het nu wel.

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2
    Run by Eigenaar at 13:23:03 on 2013-06-18
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3886.2172 [GMT 2:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
    FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k NetworkService
    C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\System Control Manager\MSIService.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\SecureW2\sw2_service.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\SecureW2\sw2_tray.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit = userinit.exe
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    mRun: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [SecureW2 Tray] C:\Program Files (x86)\SecureW2\sw2_tray.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{3A97FD9B-C203-4344-9AF7-45A7B836F433} : NameServer = 145.18.39.16,145.18.40.50
    TCP: Interfaces\{9D1ACFD9-DF18-4150-9882-636F3CE55BEC} : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{9D1ACFD9-DF18-4150-9882-636F3CE55BEC}\3596475636F6D6036344334363 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{9D1ACFD9-DF18-4150-9882-636F3CE55BEC}\3596475636F6D6931373733334 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{9D1ACFD9-DF18-4150-9882-636F3CE55BEC}\7427F65634F6C6 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{9D1ACFD9-DF18-4150-9882-636F3CE55BEC}\75164737B6562696A7A797022496A7A7C6560225F6260225F626265627 : DHCPNameServer = 213.160.212.3 213.160.223.35
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
    x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-20 65336]
    R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-20 189936]
    R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-6-18 14456]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-5-15 1025808]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-5-15 378432]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-3-18 1236336]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-5-15 33400]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-5-15 80816]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-14 46808]
    R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [2012-11-5 136576]
    R2 JuniperAccessService;Juniper Unified Network Service;C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2013-2-20 162136]
    R2 Micro Star SCM;Micro Star SCM;C:\Program Files (x86)\System Control Manager\MSIService.exe [2010-6-23 160768]
    R2 SW2SVC;SecureW2 Service;C:\Program Files (x86)\SecureW2\sw2_service.exe [2012-11-2 106920]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-23 2320920]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
    R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
    R3 JNPRNA;Juniper Network Agent Miniport;C:\Windows\System32\drivers\jnprna6.sys [2013-4-2 519544]
    R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;C:\Windows\System32\drivers\jnprvamgr.sys [2013-1-17 45352]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-9-20 3677000]
    S3 EUCR;EUCR;C:\Windows\System32\drivers\EUCR6SK.sys [2009-12-4 87888]
    S3 jnprva;Juniper Networks Virtual Adapter Service;C:\Windows\System32\drivers\jnprva.sys [2013-1-17 26480]
    S3 MSI_DVD_010507;MSI_DVD_010507;C:\PROGRA~1\MSI\MSIWDev\DVDSYS64_100507.sys [2010-5-10 28984]
    S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;C:\PROGRA~1\MSI\MSIWDev\msibios64_100507.sys [2010-5-10 33592]
    S3 MSI_VGASYS_010507;MSI_VGASYS_010507;C:\PROGRA~1\MSI\MSIWDev\VGASYS64_100507.sys [2010-5-10 14960]
    S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-7-17 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-15 1255736]
    S3 WSDScan;Ondersteuning voor WSD-scan via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
    S4 jnprTdi_730_32781;Juniper Networks TDI Filter Driver (jnprTdi_730_32781);C:\Windows\System32\drivers\jnprTdi_730_32781.sys [2013-4-2 108336]
    .
    =============== Created Last 30 ================
    .
    2013-06-18 11:12:56 -------- d-----w- C:\ProgramData\Licenses
    2013-06-18 11:12:51 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
    2013-06-18 10:20:23 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\LavasoftStatistics
    2013-06-18 10:20:23 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus
    2013-06-18 10:12:50 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
    2013-06-18 10:12:07 -------- d-----w- C:\ProgramData\Downloaded Installations
    2013-06-18 10:12:05 -------- d-----w- C:\Users\Eigenaar\AppData\Local\adawarebp
    2013-06-18 10:12:05 -------- d-----w- C:\ProgramData\blekko toolbars
    2013-06-18 10:12:05 -------- d-----w- C:\ProgramData\adawaretb
    2013-06-18 10:12:02 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
    2013-06-18 10:11:55 -------- d-----w- C:\Program Files (x86)\adawaretb
    2013-06-18 10:11:54 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
    2013-06-18 10:10:36 47496 ----a-w- C:\Windows\System32\sbbd.exe
    2013-06-18 10:10:36 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys
    2013-06-18 10:10:29 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Ad-Aware Antivirus
    2013-06-18 09:11:09 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{D7E484B2-5CA3-4368-BB52-29FFE1BA1C1A}
    2013-06-17 17:24:01 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{BF71E027-053E-49E9-978D-CDAAFF865EAA}
    2013-06-16 09:30:17 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{C8C6355E-3712-4F01-9D24-5F99A62113EF}
    2013-06-15 21:29:47 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{17CB4302-E0F2-4A8C-80C1-21C13CF6F5BF}
    2013-06-15 17:07:27 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A9352BC8-B107-4473-B880-D0C8FE386241}\mpengine.dll
    2013-06-13 14:09:21 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{436558CD-AA0B-4B07-B0B7-53AE814862E5}
    2013-06-13 13:52:22 -------- d-----w- C:\Program Files\iPod
    2013-06-13 13:52:21 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-06-13 13:52:21 -------- d-----w- C:\Program Files\iTunes
    2013-06-10 09:23:35 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{AEA8DEA9-6A83-4E26-AEE7-B3E6B22E6075}
    2013-06-09 09:45:19 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{EF19EFE7-6E27-442A-A6C0-A01CD6533918}
    2013-06-08 12:57:12 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{F82ECB98-72A4-4F47-B46A-A59EDE37E2C6}
    2013-06-06 20:18:17 -------- d-----w- C:\Windows\SysWow64\Adobe
    2013-06-06 18:31:54 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{DB28B9A0-7A4F-427B-88C6-E5FE4AD229C8}
    2013-06-03 12:35:20 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{0F110BCA-64F0-4725-B249-B2162A8349B0}
    2013-06-03 09:40:22 2770944 ----a-w- C:\Windows\System32\drivers\athrx.sys
    2013-06-03 09:40:22 2770944 ----a-w- C:\Windows\System32\athrx.sys
    2013-06-03 09:40:20 -------- d-----w- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
    2013-06-03 09:39:03 -------- d-----w- C:\ProgramData\Qualcomm Atheros
    2013-06-03 09:31:23 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
    2013-06-03 09:31:23 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
    2013-06-03 09:31:19 -------- d-----w- C:\Program Files (x86)\Realtek
    2013-05-31 18:40:59 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{734541DE-F5C3-4DF3-BE77-F9149F2D5749}
    2013-05-30 10:11:03 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{8E1F74D5-211D-4AF0-8127-BE6566FDF628}
    2013-05-29 22:09:11 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\.minecraft
    2013-05-29 10:16:51 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{BDD025D7-0DAB-49BF-B8C7-D87C8C2A27EA}
    2013-05-29 10:11:32 -------- d-----w- C:\Users\Eigenaar\AppData\Local\CrashDumps
    2013-05-27 12:05:37 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{0583CCF5-2386-42D4-858F-F2CC42A7840C}
    2013-05-26 20:42:11 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{362F3F1D-3ED1-4BC7-A222-9F1B6BBBD804}
    2013-05-25 21:09:00 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{E2B5BC4F-85CD-4C91-B2FA-6A720B4EBDBC}
    2013-05-24 16:48:54 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{4E8B26AF-C2FE-4F7C-95EC-57A797752068}
    2013-05-23 14:13:06 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{19769B63-3B5C-461B-82B0-6250DAA94030}
    2013-05-21 10:38:01 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{17C3D9FC-383D-4688-8656-739A4262EA32}
    2013-05-21 10:22:17 -------- d-----w- C:\ProgramData\tmp
    2013-05-21 10:22:16 -------- d-----w- C:\ProgramData\hps
    2013-05-21 10:19:50 -------- d-----w- C:\Program Files (x86)\AH
    .
    ==================== Find3M ====================
    .
    2013-06-13 15:03:18 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-06-13 15:03:17 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll
    2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll
    2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
    2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
    2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
    2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
    2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
    2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
    2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
    2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
    2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
    2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2013-05-09 08:59:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2013-05-09 08:59:07 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2013-05-09 08:59:07 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr
    2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-05-02 00:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
    2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
    2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
    2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
    2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
    2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
    2013-04-04 12:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-04-04 03:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-03-31 22:52:16 1887232 ----a-w- C:\Windows\System32\d3d11.dll
    .
    ============= FINISH: 13:24:17,49 ===============

    Comment


    • #3
      Hallo,

      Je gebruikt 2 antivirusprogramma's en dat is er eentje te veel.
      Verwijder 1 van beide.
      Herstart de computer en volg dan deze instructies: Lees ook dit artikel even door: http://www.nucia.eu/forum/threads/12...ericht-plaatst!

      Comment


      • #4
        Hi. Thanks voor je reactie.

        Ik heb pas sinds vandaag 2 antivirusprogs omdat ik wilde kijken of Adaware meer kon vinden dan Avast. Heb nu Adaware in elk geval weer verwijderd.

        Malwarebytes Anti-Malware 1.75.0.1300
        www.malwarebytes.org

        Databaseversie: v2013.06.16.01

        Windows 7 Service Pack 1 x64 NTFS
        Internet Explorer 10.0.9200.16618
        Eigenaar :: EIGENAAR-PC [administrator]

        18-6-2013 21:17:26
        mbam-log-2013-06-18 (21-17-26).txt

        Scan type: Snelle scan
        Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
        Uitgeschakelde scan opties: P2P
        Objecten gescand: 208811
        Verstreken tijd: 7 minuut/minuten, 18 seconde(n)

        Geheugenprocessen gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Geheugenmodulen gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Registersleutels gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Registerwaarden gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Registerdata gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Mappen gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        Bestanden gedetecteerd: 0
        (Geen kwaadaardige objecten gedetecteerd)

        (einde)

        DDS (Ver_2012-11-20.01) - NTFS_AMD64
        Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2
        Run by Eigenaar at 21:33:12 on 2013-06-18
        Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3886.2056 [GMT 2:00]
        .
        AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
        SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
        SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
        .
        ============== Running Processes ===============
        .
        C:\Windows\system32\lsm.exe
        C:\Windows\system32\svchost.exe -k DcomLaunch
        C:\Windows\system32\svchost.exe -k RPCSS
        C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
        C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
        C:\Windows\system32\svchost.exe -k LocalService
        C:\Windows\system32\svchost.exe -k netsvcs
        C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
        C:\Windows\system32\svchost.exe -k NetworkService
        C:\Windows\system32\WLANExt.exe
        C:\Program Files\AVAST Software\Avast\AvastSvc.exe
        C:\Windows\System32\spoolsv.exe
        C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
        C:\Windows\System32\svchost.exe -k NetworkService
        C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
        C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
        C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
        C:\Program Files\Bonjour\mDNSResponder.exe
        C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
        C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
        C:\Program Files (x86)\System Control Manager\MSIService.exe
        C:\Windows\system32\svchost.exe -k imgsvc
        C:\Program Files (x86)\SecureW2\sw2_service.exe
        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
        C:\Windows\system32\taskhost.exe
        C:\Windows\system32\Dwm.exe
        C:\Windows\Explorer.EXE
        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
        C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
        C:\Windows\System32\rundll32.exe
        C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
        C:\Windows\System32\hkcmd.exe
        C:\Windows\System32\igfxpers.exe
        C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
        C:\Program Files\AVAST Software\Avast\AvastUI.exe
        C:\Program Files (x86)\SecureW2\sw2_tray.exe
        C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
        C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
        C:\Windows\system32\SearchIndexer.exe
        C:\Windows\system32\wbem\unsecapp.exe
        C:\Program Files\Windows Media Player\wmpnetwk.exe
        C:\Windows\system32\wbem\wmiprvse.exe
        C:\Windows\System32\svchost.exe -k LocalServicePeerNet
        C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
        C:\Windows\System32\svchost.exe -k secsvcs
        C:\Users\Eigenaar\AppData\Local\Google\Chrome\Application\chrome.exe
        C:\Users\Eigenaar\AppData\Local\Temp\nsa562C.tmp\PEV.DAT
        C:\Windows\System32\svchost.exe -k WerSvcGroup
        C:\Windows\system32\SearchProtocolHost.exe
        C:\Windows\system32\SearchFilterHost.exe
        C:\Windows\system32\igfxsrvc.exe
        C:\Windows\system32\wbem\wmiprvse.exe
        C:\Windows\System32\cscript.exe
        .
        ============== Pseudo HJT Report ===============
        .
        mWinlogon: Userinit = userinit.exe
        BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
        BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
        BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
        BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
        TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
        mRun: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
        mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
        mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
        mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
        mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
        mRun: [SecureW2 Tray] C:\Program Files (x86)\SecureW2\sw2_tray.exe
        mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
        mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
        mPolicies-Explorer: NoActiveDesktop = dword:1
        mPolicies-Explorer: NoActiveDesktopChanges = dword:1
        mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
        mPolicies-System: ConsentPromptBehaviorUser = dword:3
        mPolicies-System: EnableUIADesktopToggle = dword:0
        IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
        IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
        IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
        .
        INFO: HKCU has more than 50 listed domains.
        If you wish to scan all of them, select the 'Force scan all domains' option.
        .
        DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
        DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
        DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
        DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
        DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
        DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
        TCP: NameServer = 192.168.0.1
        TCP: Interfaces\{3A97FD9B-C203-4344-9AF7-45A7B836F433} : NameServer = 145.18.39.16,145.18.40.50
        TCP: Interfaces\{9D1ACFD9-DF18-4150-9882-636F3CE55BEC} : DHCPNameServer = 192.168.0.1
        TCP: Interfaces\{9D1ACFD9-DF18-4150-9882-636F3CE55BEC}\3596475636F6D6036344334363 : DHCPNameServer = 192.168.0.1
        TCP: Interfaces\{9D1ACFD9-DF18-4150-9882-636F3CE55BEC}\3596475636F6D6931373733334 : DHCPNameServer = 192.168.0.1
        TCP: Interfaces\{9D1ACFD9-DF18-4150-9882-636F3CE55BEC}\7427F65634F6C6 : DHCPNameServer = 192.168.0.1
        TCP: Interfaces\{9D1ACFD9-DF18-4150-9882-636F3CE55BEC}\75164737B6562696A7A797022496A7A7C6560225F6260225F626265627 : DHCPNameServer = 213.160.212.3 213.160.223.35
        Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
        Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
        SSODL: WebCheck - <orphaned>
        SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
        x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
        x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
        x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
        x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
        x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
        x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
        x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
        x64-DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
        x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
        x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
        x64-Notify: igfxcui - igfxdev.dll
        x64-SSODL: WebCheck - <orphaned>
        .
        ============= SERVICES / DRIVERS ===============
        .
        R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-20 65336]
        R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-20 189936]
        R0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-6-18 14456]
        R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-5-15 1025808]
        R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-5-15 378432]
        R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
        R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-5-15 33400]
        R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-5-15 80816]
        R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-14 46808]
        R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [2012-11-5 136576]
        R2 JuniperAccessService;Juniper Unified Network Service;C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2013-2-20 162136]
        R2 Micro Star SCM;Micro Star SCM;C:\Program Files (x86)\System Control Manager\MSIService.exe [2010-6-23 160768]
        R2 SW2SVC;SecureW2 Service;C:\Program Files (x86)\SecureW2\sw2_service.exe [2012-11-2 106920]
        R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-23 2320920]
        R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
        R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
        R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
        R3 JNPRNA;Juniper Network Agent Miniport;C:\Windows\System32\drivers\jnprna6.sys [2013-4-2 519544]
        R3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;C:\Windows\System32\drivers\jnprvamgr.sys [2013-1-17 45352]
        R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
        S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
        S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
        S3 EUCR;EUCR;C:\Windows\System32\drivers\EUCR6SK.sys [2009-12-4 87888]
        S3 jnprva;Juniper Networks Virtual Adapter Service;C:\Windows\System32\drivers\jnprva.sys [2013-1-17 26480]
        S3 MSI_DVD_010507;MSI_DVD_010507;C:\PROGRA~1\MSI\MSIWDev\DVDSYS64_100507.sys [2010-5-10 28984]
        S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;C:\PROGRA~1\MSI\MSIWDev\msibios64_100507.sys [2010-5-10 33592]
        S3 MSI_VGASYS_010507;MSI_VGASYS_010507;C:\PROGRA~1\MSI\MSIWDev\VGASYS64_100507.sys [2010-5-10 14960]
        S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
        S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-7-17 59392]
        S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
        S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-15 1255736]
        S3 WSDScan;Ondersteuning voor WSD-scan via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
        S4 jnprTdi_730_32781;Juniper Networks TDI Filter Driver (jnprTdi_730_32781);C:\Windows\System32\drivers\jnprTdi_730_32781.sys [2013-4-2 108336]
        .
        =============== Created Last 30 ================
        .
        2013-06-18 11:12:56 -------- d-----w- C:\ProgramData\Licenses
        2013-06-18 11:12:51 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
        2013-06-18 10:20:23 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\LavasoftStatistics
        2013-06-18 10:12:07 -------- d-----w- C:\ProgramData\Downloaded Installations
        2013-06-18 10:12:05 -------- d-----w- C:\Users\Eigenaar\AppData\Local\adawarebp
        2013-06-18 10:12:05 -------- d-----w- C:\ProgramData\blekko toolbars
        2013-06-18 10:12:05 -------- d-----w- C:\ProgramData\adawaretb
        2013-06-18 10:12:02 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
        2013-06-18 10:11:55 -------- d-----w- C:\Program Files (x86)\adawaretb
        2013-06-18 10:11:54 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
        2013-06-18 10:10:36 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys
        2013-06-18 09:11:09 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{D7E484B2-5CA3-4368-BB52-29FFE1BA1C1A}
        2013-06-17 17:24:01 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{BF71E027-053E-49E9-978D-CDAAFF865EAA}
        2013-06-16 09:30:17 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{C8C6355E-3712-4F01-9D24-5F99A62113EF}
        2013-06-15 21:29:47 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{17CB4302-E0F2-4A8C-80C1-21C13CF6F5BF}
        2013-06-15 17:07:27 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A9352BC8-B107-4473-B880-D0C8FE386241}\mpengine.dll
        2013-06-13 14:09:21 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{436558CD-AA0B-4B07-B0B7-53AE814862E5}
        2013-06-13 13:52:22 -------- d-----w- C:\Program Files\iPod
        2013-06-13 13:52:21 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
        2013-06-13 13:52:21 -------- d-----w- C:\Program Files\iTunes
        2013-06-10 09:23:35 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{AEA8DEA9-6A83-4E26-AEE7-B3E6B22E6075}
        2013-06-09 09:45:19 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{EF19EFE7-6E27-442A-A6C0-A01CD6533918}
        2013-06-08 12:57:12 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{F82ECB98-72A4-4F47-B46A-A59EDE37E2C6}
        2013-06-06 20:18:17 -------- d-----w- C:\Windows\SysWow64\Adobe
        2013-06-06 18:31:54 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{DB28B9A0-7A4F-427B-88C6-E5FE4AD229C8}
        2013-06-03 12:35:20 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{0F110BCA-64F0-4725-B249-B2162A8349B0}
        2013-06-03 09:40:22 2770944 ----a-w- C:\Windows\System32\drivers\athrx.sys
        2013-06-03 09:40:22 2770944 ----a-w- C:\Windows\System32\athrx.sys
        2013-06-03 09:40:20 -------- d-----w- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
        2013-06-03 09:39:03 -------- d-----w- C:\ProgramData\Qualcomm Atheros
        2013-06-03 09:31:23 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
        2013-06-03 09:31:23 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
        2013-06-03 09:31:19 -------- d-----w- C:\Program Files (x86)\Realtek
        2013-05-31 18:40:59 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{734541DE-F5C3-4DF3-BE77-F9149F2D5749}
        2013-05-30 10:11:03 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{8E1F74D5-211D-4AF0-8127-BE6566FDF628}
        2013-05-29 22:09:11 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\.minecraft
        2013-05-29 10:16:51 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{BDD025D7-0DAB-49BF-B8C7-D87C8C2A27EA}
        2013-05-29 10:11:32 -------- d-----w- C:\Users\Eigenaar\AppData\Local\CrashDumps
        2013-05-27 12:05:37 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{0583CCF5-2386-42D4-858F-F2CC42A7840C}
        2013-05-26 20:42:11 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{362F3F1D-3ED1-4BC7-A222-9F1B6BBBD804}
        2013-05-25 21:09:00 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{E2B5BC4F-85CD-4C91-B2FA-6A720B4EBDBC}
        2013-05-24 16:48:54 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{4E8B26AF-C2FE-4F7C-95EC-57A797752068}
        2013-05-23 14:13:06 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{19769B63-3B5C-461B-82B0-6250DAA94030}
        2013-05-21 10:38:01 -------- d-----w- C:\Users\Eigenaar\AppData\Local\{17C3D9FC-383D-4688-8656-739A4262EA32}
        2013-05-21 10:22:17 -------- d-----w- C:\ProgramData\tmp
        2013-05-21 10:22:16 -------- d-----w- C:\ProgramData\hps
        2013-05-21 10:19:50 -------- d-----w- C:\Program Files (x86)\AH
        .
        ==================== Find3M ====================
        .
        2013-06-13 15:03:18 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
        2013-06-13 15:03:17 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
        2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
        2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
        2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
        2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
        2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
        2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
        2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll
        2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll
        2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll
        2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll
        2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
        2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
        2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
        2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
        2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
        2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
        2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
        2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
        2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
        2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
        2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
        2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
        2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
        2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
        2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
        2013-05-09 08:59:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
        2013-05-09 08:59:07 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
        2013-05-09 08:59:07 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
        2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
        2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr
        2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
        2013-05-02 00:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
        2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
        2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
        2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
        2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
        2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
        2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
        2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
        2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
        2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
        2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
        2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
        2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
        2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
        2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
        2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
        2013-04-04 12:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
        2013-04-04 03:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
        2013-03-31 22:52:16 1887232 ----a-w- C:\Windows\System32\d3d11.dll
        .
        ============= FINISH: 21:34:32,99 ===============

        Comment


        • #5
          hier nog gmer

          gmer.rar

          Comment


          • #6
            Oops, ik zie dat je net de gmer log gepost hebt.

            Comment


            • #7
              Downloadt TDSSKiller en plaats het op je bureaublad.
              Dubbelklik op TDSSKiller.exe om de tool te starten.
              Klik op "Change parameters" en vink aan:
              - Services and drivers
              - Boot sectors
              - Verify drivers digital signatures
              Klik op "OK"
              Klik op de knop "Start Scan" en volg de instructies.
              Wanneer de scan klaar is klik je op de knop "Report".
              Er opent een kladblokbestand. Post de inhoud van dit bestand.
              Geeft TDSSKiller aan om een bestand te genezen (Cure),dan sta je dit toe. In dit geval wordt gevraagd om de computer te herstarten. Doe dit onmiddellijk.
              De unsigned files skip je.
              Rootkit.Boot.SST.b en anderen zoals Sinowal, ZeroAccess of Whistler laat je herstellen Cure.
              Na reboot vind je de log op c:\ met de naam TDSSKiller.versie_datum_uur_log.txt.
              Post dat logje.

              Comment


              • #8
                tdss.txt

                Comment


                • #9
                  Download combofix.exe van deze site: http://www.bleepingcomputer.com/comb...uikt-te-worden .
                  ComboFix zal wanneer de Recovery Console niet geïnstalleerd is, voorstellen om deze te downloaden en te installeren. Sta dit toe.
                  Wanneer de Recovery Console geïnstalleerd is, laat je ComboFix de computer scannen.
                  Wanneer ComboFix start, kan het zijn dat je een Error melding krijgt dat de "contents of the ComboFix package has been compromised".
                  Ga niet verder met de instructies, maar download ComboFix opnieuw. Deze melding kan verschijnen wanneer een file-infector (Virut) actief is op de computer.
                  Krijg je deze melding dan meld je dit.
                  Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                  Post de inhoud van dit bestandje.

                  Comment


                  • #10
                    ComboFix 13-06-18.02 - Eigenaar 18-06-2013 22:23:50.1.4 - x64
                    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3886.2296 [GMT 2:00]
                    Gestart vanuit: c:\users\Eigenaar\Downloads\ComboFix.exe
                    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
                    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
                    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                    .
                    .
                    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    c:\program files (x86)\SecureW2
                    c:\program files (x86)\SecureW2\_uninstall.exe
                    c:\program files (x86)\SecureW2\sw2_res_default.bmp
                    c:\program files (x86)\SecureW2\sw2_rsaproxy.exe
                    c:\program files (x86)\SecureW2\sw2_service.exe
                    c:\program files (x86)\SecureW2\sw2_tray.exe
                    c:\program files (x86)\SecureW2\Uninstall.exe
                    c:\users\Eigenaar\AppData\Local\TempDIR
                    c:\users\Eigenaar\AppData\Local\TempDIR\SecureW2_Enterprise_Client_359.exe
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    -------\Service_SW2SVC
                    -------\Service_SW2SVC
                    .
                    .
                    (((((((((((((((((((( Bestanden Gemaakt van 2013-05-18 to 2013-06-18 ))))))))))))))))))))))))))))))
                    .
                    .
                    2013-06-18 20:37 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C50E5D0A-E879-4C70-AF5E-6634CCDFFD6E}\mpengine.dll
                    2013-06-18 20:34 . 2013-06-18 20:34 -------- d-----w- c:\users\Default\AppData\Local\temp
                    2013-06-18 11:12 . 2013-06-18 11:12 -------- d-----w- c:\programdata\Licenses
                    2013-06-18 11:12 . 2013-06-18 11:14 -------- d-----w- c:\program files (x86)\SpywareBlaster
                    2013-06-18 10:20 . 2013-06-18 10:20 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\LavasoftStatistics
                    2013-06-18 10:12 . 2013-06-18 10:12 -------- d-----w- c:\programdata\Downloaded Installations
                    2013-06-18 10:12 . 2013-06-18 10:12 -------- d-----w- c:\users\Eigenaar\AppData\Local\adawarebp
                    2013-06-18 10:12 . 2013-06-18 10:12 -------- d-----w- c:\programdata\blekko toolbars
                    2013-06-18 10:12 . 2013-06-18 10:12 -------- d-----w- c:\programdata\adawaretb
                    2013-06-18 10:12 . 2013-06-18 10:12 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
                    2013-06-18 10:11 . 2013-06-18 10:12 -------- d-----w- c:\program files (x86)\adawaretb
                    2013-06-18 10:11 . 2013-06-18 10:11 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
                    2013-06-18 10:10 . 2013-06-18 10:10 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
                    2013-06-15 17:07 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A9352BC8-B107-4473-B880-D0C8FE386241}\mpengine.dll
                    2013-06-13 13:52 . 2013-06-13 13:52 -------- d-----w- c:\program files\iPod
                    2013-06-13 13:52 . 2013-06-13 13:52 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
                    2013-06-13 13:52 . 2013-06-13 13:52 -------- d-----w- c:\program files\iTunes
                    2013-06-06 20:18 . 2013-06-06 20:18 -------- d-----w- c:\windows\SysWow64\Adobe
                    2013-06-03 09:40 . 2011-10-03 21:49 2770944 ----a-w- c:\windows\system32\drivers\athrx.sys
                    2013-06-03 09:40 . 2011-10-03 21:49 2770944 ----a-w- c:\windows\system32\athrx.sys
                    2013-06-03 09:40 . 2013-06-03 10:22 -------- d-----w- c:\program files (x86)\Qualcomm Atheros WiFi Driver Installation
                    2013-06-03 09:39 . 2013-06-03 09:39 -------- d-----w- c:\programdata\Qualcomm Atheros
                    2013-06-03 09:31 . 2011-06-10 04:34 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
                    2013-06-03 09:31 . 2011-06-10 04:34 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
                    2013-06-03 09:31 . 2013-06-03 09:31 -------- d-----w- c:\program files (x86)\Realtek
                    2013-05-29 22:09 . 2013-05-30 19:33 -------- d-----w- c:\users\Eigenaar\AppData\Roaming\.minecraft
                    2013-05-29 10:11 . 2013-06-18 20:23 -------- d-----w- c:\users\Eigenaar\AppData\Local\CrashDumps
                    2013-05-21 10:22 . 2013-05-30 13:42 -------- d-----w- c:\programdata\tmp
                    2013-05-21 10:22 . 2013-05-21 10:22 -------- d-----w- c:\programdata\hps
                    2013-05-21 10:19 . 2013-05-21 10:19 -------- d-----w- c:\program files (x86)\AH
                    .
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    2013-06-13 23:25 . 2010-06-23 10:58 75825640 ----a-w- c:\windows\system32\MRT.exe
                    2013-06-13 15:03 . 2012-12-20 12:09 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                    2013-06-13 15:03 . 2012-05-31 19:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                    2013-05-14 09:58 . 2013-05-14 09:58 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 226304 ----a-w- c:\windows\system32\elshyph.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 158720 ----a-w- c:\windows\SysWow64\msls31.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 138752 ----a-w- c:\windows\SysWow64\wextract.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 97280 ----a-w- c:\windows\system32\mshtmled.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 81408 ----a-w- c:\windows\system32\icardie.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 77312 ----a-w- c:\windows\system32\tdc.ocx
                    2013-05-14 09:58 . 2013-05-14 09:58 762368 ----a-w- c:\windows\system32\ieapfltr.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 62976 ----a-w- c:\windows\system32\pngfilt.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
                    2013-05-14 09:58 . 2013-05-14 09:58 599552 ----a-w- c:\windows\system32\vbscript.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 51200 ----a-w- c:\windows\system32\imgutil.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 48640 ----a-w- c:\windows\system32\mshtmler.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 452096 ----a-w- c:\windows\system32\dxtmsft.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 441856 ----a-w- c:\windows\system32\html.iec
                    2013-05-14 09:58 . 2013-05-14 09:58 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 361984 ----a-w- c:\windows\SysWow64\html.iec
                    2013-05-14 09:58 . 2013-05-14 09:58 281600 ----a-w- c:\windows\system32\dxtrans.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 27648 ----a-w- c:\windows\system32\licmgr10.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 270848 ----a-w- c:\windows\system32\iedkcs32.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 247296 ----a-w- c:\windows\system32\webcheck.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 235008 ----a-w- c:\windows\system32\url.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 216064 ----a-w- c:\windows\system32\msls31.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 197120 ----a-w- c:\windows\system32\msrating.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 173568 ----a-w- c:\windows\system32\ieUnatt.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 167424 ----a-w- c:\windows\system32\iexpress.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
                    2013-05-14 09:58 . 2013-05-14 09:58 149504 ----a-w- c:\windows\system32\occache.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 144896 ----a-w- c:\windows\system32\wextract.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
                    2013-05-14 09:58 . 2013-05-14 09:58 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
                    2013-05-14 09:58 . 2013-05-14 09:58 13824 ----a-w- c:\windows\system32\mshta.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 136192 ----a-w- c:\windows\system32\iepeers.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 12800 ----a-w- c:\windows\SysWow64\mshta.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 12800 ----a-w- c:\windows\system32\msfeedssync.exe
                    2013-05-14 09:58 . 2013-05-14 09:58 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
                    2013-05-14 09:58 . 2013-05-14 09:58 102912 ----a-w- c:\windows\system32\inseng.dll
                    2013-05-14 08:40 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
                    2013-05-09 08:59 . 2013-03-20 10:58 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
                    2013-05-09 08:59 . 2013-03-20 10:58 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
                    2013-05-09 08:59 . 2012-05-15 10:40 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
                    2013-05-09 08:59 . 2012-05-15 10:40 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
                    2013-05-09 08:59 . 2012-05-15 10:40 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
                    2013-05-09 08:59 . 2012-05-15 10:40 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
                    2013-05-09 08:59 . 2012-05-15 10:40 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
                    2013-05-09 08:59 . 2012-05-15 10:39 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
                    2013-05-09 08:58 . 2012-05-15 10:37 41664 ----a-w- c:\windows\avastSS.scr
                    2013-05-09 08:58 . 2012-05-15 10:39 287840 ----a-w- c:\windows\system32\aswBoot.exe
                    2013-05-02 00:06 . 2010-06-23 09:12 278800 ------w- c:\windows\system32\MpSigStub.exe
                    2013-04-13 05:49 . 2013-05-16 14:50 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
                    2013-04-13 05:49 . 2013-05-16 14:50 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
                    2013-04-13 05:49 . 2013-05-16 14:50 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
                    2013-04-13 05:49 . 2013-05-16 14:50 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
                    2013-04-13 04:45 . 2013-05-16 14:50 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
                    2013-04-13 04:45 . 2013-05-16 14:50 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
                    2013-04-12 14:45 . 2013-04-25 16:39 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
                    2013-04-10 06:01 . 2013-05-16 14:51 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
                    2013-04-10 06:01 . 2013-05-16 14:51 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
                    2013-04-10 03:30 . 2013-05-16 14:50 3153920 ----a-w- c:\windows\system32\win32k.sys
                    2013-04-04 12:50 . 2012-05-23 20:32 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
                    2013-04-04 03:35 . 2013-04-23 08:00 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                    REGEDIT4
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt1]
                    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-05-25 00:36 130736 ----a-w- c:\users\Eigenaar\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt2]
                    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-05-25 00:36 130736 ----a-w- c:\users\Eigenaar\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt3]
                    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-05-25 00:36 130736 ----a-w- c:\users\Eigenaar\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                    "MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2010-02-05 2408448]
                    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
                    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
                    "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
                    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
                    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
                    "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-05-15 554408]
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                    "ConsentPromptBehaviorAdmin"= 5 (0x5)
                    "ConsentPromptBehaviorUser"= 3 (0x3)
                    "EnableUIADesktopToggle"= 0 (0x0)
                    .
                    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                    R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
                    R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS;c:\windows\SYSNATIVE\DRIVERS\EUCR6SK.SYS [x]
                    R3 jnprva;Juniper Networks Virtual Adapter Service;c:\windows\system32\DRIVERS\jnprva.sys;c:\windows\SYSNATIVE\DRIVERS\jnprva.sys [x]
                    R3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS64_100507.sys;c:\progra~1\MSI\MSIWDev\DV DSYS64_100507.sys [x]
                    R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios64_100507.sys;c:\progra~1\MSI\M SIWDev\msibios64_100507.sys [x]
                    R3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS64_100507.sys;c:\progra~1\MSI\MSIW Dev\VGASYS64_100507.sys [x]
                    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
                    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
                    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                    R3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
                    R4 jnprTdi_730_32781;Juniper Networks TDI Filter Driver (jnprTdi_730_32781);c:\windows\system32\Drivers\jnprTdi_730_32781.sys;c:\windows\SYSNATIVE\Drivers\j nprTdi_730_32781.sys [x]
                    S0 aswRvrt;aswRvrt; [x]
                    S0 aswVmm;aswVmm; [x]
                    S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
                    S1 aswSnx;aswSnx; [x]
                    S1 aswSP;aswSP; [x]
                    S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
                    S2 aswFsBlk;aswFsBlk; [x]
                    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt .sys [x]
                    S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
                    S2 JuniperAccessService;Juniper Unified Network Service;c:\program files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe;c:\program files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [x]
                    S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
                    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
                    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
                    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
                    S3 JNPRNA;Juniper Network Agent Miniport;c:\windows\system32\DRIVERS\jnprna6.sys;c:\windows\SYSNATIVE\DRIVERS\jnprna6.sys [x]
                    S3 JnprVaMgr;Juniper Networks Virtual Adapter Manager Service;c:\windows\system32\DRIVERS\jnprvamgr.sys;c:\windows\SYSNATIVE\DRIVERS\jnprvamgr.sys [x]
                    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
                    .
                    .
                    --- Andere Services/Drivers In Geheugen ---
                    .
                    *NewlyCreated* - WS2IFSL
                    .
                    Inhoud van de 'Gedeelde Taken' map
                    .
                    2013-06-18 c:\windows\Tasks\Adobe Flash Player Updater.job
                    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-20 15:03]
                    .
                    2013-06-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2908917369-2189213934-2465320181-1000Core.job
                    - c:\users\Eigenaar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-05 09:35]
                    .
                    2013-06-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2908917369-2189213934-2465320181-1000UA.job
                    - c:\users\Eigenaar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-05 09:35]
                    .
                    2013-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2908917369-2189213934-2465320181-1000Core.job
                    - c:\users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-15 10:19]
                    .
                    2013-06-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2908917369-2189213934-2465320181-1000UA.job
                    - c:\users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-15 10:19]
                    .
                    .
                    --------- X64 Entries -----------
                    .
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00 avast]
                    @="{472083B0-C522-11CF-8763-00608CC02F24}"
                    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
                    2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
                    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-05-25 00:36 164016 ----a-w- c:\users\Eigenaar\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
                    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-05-25 00:36 164016 ----a-w- c:\users\Eigenaar\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
                    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-05-25 00:36 164016 ----a-w- c:\users\Eigenaar\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
                    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-05-25 00:36 164016 ----a-w- c:\users\Eigenaar\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
                    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
                    "Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
                    .
                    ------- Bijkomende Scan -------
                    .
                    uLocal Page = c:\windows\system32\blank.htm
                    mLocal Page = c:\windows\SysWOW64\blank.htm
                    uInternet Settings,ProxyOverride = *.local
                    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
                    Trusted Zone: com\www.msi
                    Trusted Zone: com.tw\asia.msi
                    Trusted Zone: com.tw\global.msi
                    TCP: DhcpNameServer = 192.168.0.1
                    TCP: Interfaces\{3A97FD9B-C203-4344-9AF7-45A7B836F433}: NameServer = 145.18.39.16,145.18.40.50
                    .
                    - - - - ORPHANS VERWIJDERD - - - -
                    .
                    Wow6432Node-HKLM-Run-SecureW2 Tray - c:\program files (x86)\SecureW2\sw2_tray.exe
                    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
                    AddRemove-SecureW2 - c:\program files (x86)\SecureW2\_uninstall.exe
                    .
                    .
                    .
                    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                    .
                    [HKEY_USERS\S-1-5-21-2908917369-2189213934-2465320181-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="WindowsLiveMail.Email.1"
                    .
                    [HKEY_USERS\S-1-5-21-2908917369-2189213934-2465320181-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="WindowsLiveMail.VCard.1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="FlashBroker"
                    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe ,-101"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                    "Enabled"=dword:00000001
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="IFlashBroker5"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                    @="{00020424-0000-0000-C000-000000000046}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    "Version"="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="FlashBroker"
                    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe ,-101"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                    "Enabled"=dword:00000001
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                    @Denied: (A 2) (Everyone)
                    @="Shockwave Flash Object"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
                    "ThreadingModel"="Apartment"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                    @="0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                    @="ShockwaveFlash.ShockwaveFlash.11"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                    @="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                    @="ShockwaveFlash.ShockwaveFlash"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                    @Denied: (A 2) (Everyone)
                    @="Macromedia Flash Factory Object"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
                    "ThreadingModel"="Apartment"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                    @="FlashFactory.FlashFactory.1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                    @="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                    @="FlashFactory.FlashFactory"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="IFlashBroker5"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                    @="{00020424-0000-0000-C000-000000000046}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    "Version"="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
                    @="?????????????????? v1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
                    @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
                    @="?????????????????? v2"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
                    @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                    @Denied: (Full) (Everyone)
                    .
                    ------------------------ Andere Aktieve Processen ------------------------
                    .
                    c:\program files\AVAST Software\Avast\AvastSvc.exe
                    c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                    c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                    .
                    **************************************************************************
                    .
                    Voltooingstijd: 2013-06-18 22:43:57 - machine werd herstart
                    ComboFix-quarantined-files.txt 2013-06-18 20:43
                    .
                    Pre-Run: 59.508.969.472 bytes beschikbaar
                    Post-Run: 58.952.265.728 bytes beschikbaar
                    .
                    - - End Of File - - 7DA59CCA8B3E6AA4F5458F99BC04B493
                    A36C5E4F47E84449FF07ED3517B43A31
                    Bijgevoegde Bestanden
                    Last edited by Marckie; 19-06-13, 05:55.

                    Comment


                    • #11
                      De inhoud van de logjes posten aub, niet als bijlage toevoegen!
                      Last edited by Marckie; 19-06-13, 05:57.

                      Comment


                      • #12
                        Zijn er nog problemen?

                        Comment


                        • #13
                          De inhoud van de logjes is 9 vd 10 keer te groot om in t bericht te zetten.
                          Ik heb t idee dat mn laptop een stuk sneller en soepeler werkt. Bedankt voor je hulp!
                          De videos werken alleen nog steeds niet, flash is up to date, heb geen gekke extensies in chrome. Weet jij wat ik kan doen of waar ik anders het beste deze vraag kan stellen?

                          Comment


                          • #14
                            Flash deïnstalleren, de computer herstarten en dan opnieuw installeren.

                            Comment


                            • #15
                              Thanks, ga ik proberen.
                              Had je trouwens iets gevonden of was er niets zichtbaar mis met mn laptop?

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X