Mededeling

Collapse
No announcement yet.

Qvo6.com blijft als startpagina!

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Qvo6.com blijft als startpagina!

    Sinds gisteren heb ik deze als startpagina. En wat ik ook doe hij wil geen google als startpagina.

    defogger_disable by jpshortstuff (23.02.10.1)
    Log created at 21:35 on 10/06/2013 (Krista)

    Checking for autostart values...
    HKCU\~\Run values retrieved.
    HKLM\~\Run values retrieved.

    Checking for services/drivers...


    -=E.O.F=-

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2013.06.10.06

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16576
    Krista :: KRISRIK-3 [administrator]

    10-6-2013 21:43:46
    mbam-log-2013-06-10 (21-43-46).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 216266
    Verstreken tijd: 6 minuut/minuten, 15 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.9.2
    Run by Krista at 21:51:11 on 2013-06-10
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2814.1097 [GMT 2:00]
    .
    AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
    C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
    C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
    C:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
    C:\Program Files (x86)\AVG\AVG2013\avgui.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\notepad.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.nl/
    mStart Page = hxxp://www.msn.com
    mWinlogon: Userinit = userinit.exe,
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Gamers Unite! Snag Bar BHO: {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Gamers Unite! Snag Bar: {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dll
    TB: Gamers Unite! Snag Bar: {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dll
    TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
    uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
    uRunOnce: [Shockwave Updater] C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C)" -"http://www8.agame.com/games/shockwave/m/My3DRoom/My3DRoom_girlsgogames_nl.htm"
    mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
    mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
    mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    uPolicies-Explorer: NoWindowsUpdate = dword:0
    uPolicies-Explorer: NoResolveTrack = dword:1
    uPolicies-Explorer: NoDevMgrUpdate = dword:1
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    TCP: Interfaces\{474F4330-CA30-4C04-948A-1366EC53D349} : NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,15 6.154.71.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: linkscanner - <Clsid value has no data>
    Handler: livecall - <Clsid value has no data>
    Handler: msnim - <Clsid value has no data>
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
    x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: linkscanner - <Clsid value has no data>
    x64-Handler: livecall - <Clsid value has no data>
    x64-Handler: msnim - <Clsid value has no data>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
    R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
    R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
    R0 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2010-6-18 18784]
    R0 xfiltx64;VIA SATA IDE Hot-plug Driver;C:\Windows\System32\drivers\xfiltx64.sys [2010-6-18 26776]
    R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-4-1 45856]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-3-25 283200]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
    R2 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2013-1-31 128000]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-6-10 1817560]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-6-10 171928]
    R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-5-21 1015984]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2012-4-2 31216]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-6-18 384552]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-6-10 1033688]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-5-8 161384]
    S3 2310_00;2310_00;C:\Windows\System32\drivers\2310_00.sys [2010-6-18 170528]
    S3 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2010-6-18 231224]
    S3 arcm_a64;arcm_a64;C:\Windows\System32\drivers\arcm_a64.sys [2010-6-18 52768]
    S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-3-25 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
    S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-18 56344]
    S3 hitmanpro35;Hitman Pro 3.5 Support Driver;C:\Windows\System32\drivers\hitmanpro36.sys [2012-7-18 27936]
    S3 hptiop;hptiop;C:\Windows\System32\drivers\hptiop.sys [2010-6-18 17440]
    S3 hptmv;hptmv;C:\Windows\System32\drivers\hptmv.sys [2010-6-18 93472]
    S3 hptmv6;hptmv6;C:\Windows\System32\drivers\hptmv6.sys [2010-6-18 152096]
    S3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTVE.sys [2010-6-18 43416]
    S3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTXPE.sys [2010-6-18 51096]
    S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-6-18 158976]
    S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2010-6-18 40144]
    S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2010-6-18 42192]
    S3 MegaSR1;MegaSR1;C:\Windows\System32\drivers\MegaSR1.sys [2010-6-18 461320]
    S3 nvamacpi;nvamacpi;C:\Windows\System32\drivers\nvamacpi.sys [2010-6-18 28192]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 Pnp680;Pnp680;C:\Windows\System32\drivers\PnP680.sys [2010-6-18 80424]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-3 19456]
    S3 rr172x;rr172x;C:\Windows\System32\drivers\rr172x.sys [2010-6-18 124448]
    S3 rr174x;rr174x;C:\Windows\System32\drivers\rr174x.sys [2010-6-18 159264]
    S3 rr2210;rr2210;C:\Windows\System32\drivers\rr2210.sys [2010-6-18 153632]
    S3 rr232x;rr232x;C:\Windows\System32\drivers\rr232x.sys [2010-6-18 152096]
    S3 rr2340;rr2340;C:\Windows\System32\drivers\rr2340.sys [2010-6-18 162400]
    S3 rr2522;rr2522;C:\Windows\System32\drivers\rr2522.sys [2010-6-18 168032]
    S3 rr62x;rr62x;C:\Windows\System32\drivers\rr62x.sys [2010-6-18 155232]
    S3 SI3112r;SI3112r;C:\Windows\System32\drivers\SI3112r.sys [2010-6-18 164656]
    S3 SI3114;SI3114;C:\Windows\System32\drivers\SI3114.sys [2010-6-18 99120]
    S3 SI3124;SI3124;C:\Windows\System32\drivers\SI3124.sys [2010-6-18 113456]
    S3 Si3124r5;Si3124r5;C:\Windows\System32\drivers\Si3124r5.sys [2010-6-18 334640]
    S3 Si3531;Si3531;C:\Windows\System32\drivers\Si3531.sys [2010-6-18 330544]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-3 57856]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 viamrx64;viamrx64;C:\Windows\System32\drivers\viamrx64.sys [2010-6-18 158944]
    S3 videX64;videX64;C:\Windows\System32\drivers\videX64.sys [2010-6-18 15000]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-29 1255736]
    S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-6-18 202752]
    S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-9-23 641832]
    .
    =============== Created Last 30 ================
    .
    2013-06-10 16:18:50 -------- d-----w- C:\Program Files\CCleaner
    2013-06-10 15:24:45 -------- d-----w- C:\Users\Krista\AppData\Roaming\Malwarebytes
    2013-06-10 15:24:26 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-06-10 15:24:24 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-06-10 15:24:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-06-10 15:07:32 -------- d-----w- C:\Windows\ERUNT
    2013-06-10 15:07:26 -------- d-----w- C:\JRT
    2013-06-10 12:21:40 110080 ----a-r- C:\Users\Krista\AppData\Roaming\Microsoft\Installer\{BCD55450-77AC-4347-B24F-654B1189F8D4}\IconF7A21AF7.exe
    2013-06-10 12:21:40 110080 ----a-r- C:\Users\Krista\AppData\Roaming\Microsoft\Installer\{BCD55450-77AC-4347-B24F-654B1189F8D4}\IconD7F16134.exe
    2013-06-10 12:21:40 110080 ----a-r- C:\Users\Krista\AppData\Roaming\Microsoft\Installer\{BCD55450-77AC-4347-B24F-654B1189F8D4}\Icon1226A4C5.exe
    2013-06-10 12:21:39 -------- d-----w- C:\sh4ldr
    2013-06-10 12:21:39 -------- d-----w- C:\Program Files\Enigma Software Group
    2013-06-10 12:21:20 -------- d-----w- C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
    2013-06-10 12:21:17 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2013-06-09 23:26:25 -------- d-----w- C:\Users\Krista\AppData\Roaming\DailyMagic
    2013-06-09 23:26:25 -------- d-----w- C:\ProgramData\DailyMagic
    2013-06-09 22:37:03 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2013-06-09 22:36:50 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
    2013-06-09 22:36:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-06-08 12:41:17 -------- d-----w- C:\ProgramData\eSafe
    2013-06-08 12:40:33 -------- d-----w- C:\Users\Krista\AppData\Roaming\eIntaller
    2013-06-08 12:40:12 -------- d-----w- C:\Users\Krista\AppData\Local\PutLockerDownloader
    2013-05-22 20:36:51 -------- d-----w- C:\Users\Krista\AppData\Roaming\Minecraft Portable [cir]
    2013-05-16 13:50:07 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2013-05-16 13:50:06 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
    2013-05-16 13:50:06 144384 ----a-w- C:\Windows\System32\cdd.dll
    2013-05-16 13:49:46 1930752 ----a-w- C:\Windows\System32\authui.dll
    2013-05-16 13:49:43 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
    2013-05-16 13:49:43 111448 ----a-w- C:\Windows\System32\consent.exe
    2013-05-16 13:49:42 70144 ----a-w- C:\Windows\System32\appinfo.dll
    2013-05-16 13:49:20 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
    2013-05-16 13:49:20 230400 ----a-w- C:\Windows\System32\wwansvc.dll
    2013-05-16 13:49:18 3153920 ----a-w- C:\Windows\System32\win32k.sys
    .
    ==================== Find3M ====================
    .
    2013-05-21 16:15:58 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
    2013-05-15 13:50:41 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-05-15 13:50:41 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
    2013-04-12 22:30:28 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
    2013-04-12 22:30:27 19968 ----a-w- C:\Windows\System32\drivers\usb8023x.sys
    2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll
    2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll
    2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
    2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-03-29 00:53:48 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
    2013-03-23 01:09:28 354656 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
    2013-03-21 01:08:24 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
    2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
    2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
    2013-03-14 19:13:58 6634052 ----a-w- C:\Minecraft 1 1 0 Cracked Full Installer.exe
    2012-12-22 06:13:42 2174976 ----a-w- C:\Program Files (x86)\Common Files\atimpenc.dll
    .
    ============= FINISH: 21:53:09,47 ===============

    GMER 2.1.19163 - http://www.gmer.net
    Rootkit scan 2013-06-10 18:13:04
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000071 Hitachi_ rev.PB3O 298,09GB
    Running: 7jldm558.exe; Driver: C:\Users\Krista\AppData\Local\Temp\kxdiqpoc.sys


    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe[1600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075631465 2 bytes [63, 75]
    .text C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe[1600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000756314bb 2 bytes [63, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe[1680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075631465 2 bytes [63, 75]
    .text C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe[1680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000756314bb 2 bytes [63, 75]
    .text ... * 2
    .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075631465 2 bytes [63, 75]
    .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000756314bb 2 bytes [63, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[784] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075631465 2 bytes [63, 75]
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[784] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000756314bb 2 bytes [63, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3328] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075631465 2 bytes [63, 75]
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3328] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000756314bb 2 bytes [63, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075631465 2 bytes [63, 75]
    .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4456] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000756314bb 2 bytes [63, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Windows Live\Mail\wlmail.exe[3500] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075631465 2 bytes [63, 75]
    .text C:\Program Files (x86)\Windows Live\Mail\wlmail.exe[3500] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000756314bb 2 bytes [63, 75]
    .text ... * 2
    ? C:\Windows\system32\mssprxy.dll [3500] entry point in ".rdata" section 00000000677b71e6

    ---- Threads - GMER 2.1 ----

    Thread C:\Windows\system32\svchost.exe [1108:1200] 000007fef9ac8274
    Thread C:\Windows\system32\svchost.exe [1108:1060] 000007fef9ac8274
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2724:2448] 000007fefa2f2a7c
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2724:156] 000007feee94d618
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2724:2936] 000007fef8325124
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2724:4320] 000007feee8e9730
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2724:2456] 000007feee94d618
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:3504] 0000000076fd2e25
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:4728] 0000000076fd3e45
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:1508] 0000000076fd3e45
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:4412] 0000000068098f48
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:2752] 00000000707b345e
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:3788] 000000007566d864
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:2636] 0000000067710c8d
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:4900] 000000007566d864
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:3068] 0000000076fd3e45
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:3724] 0000000073ef62ee
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:3120] 0000000067108408
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:2644] 00000000751cfff8
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:4364] 0000000076fd3e45
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:4592] 0000000076fd3e45
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:592] 0000000076fd3e45
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:2988] 0000000076fd3e45
    Thread C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe [836:4392] 000000007566d864

    ---- EOF - GMER 2.1 ----


    Ik hoop dat er iemand is die kan helpen.

    Mvg KrisRik

  • #2
    Hoi KrisRik en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Log enkel in als beheerder met alle rechten.
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.



    Ik merk dat je Teatimer / SDHelper hebt aanstaan.
    Tijdens het oplossen van spyware problemen, zet je die service best uit, omdat deze (ongewild) de uitvoering kan beletten.
    Als alles gedaan is en je pc is clean, kan je deze service terug aan zetten.

    Wanneer Teatimer je achteraf een waarschuwing geeft dat er veranderingen zijn gemaakt,
    keur je deze goed in plaats van ze te blokkeren.

    Open Spybot, Search & Destroy (SSD) en klik op Mode .
    Selecteer: Advanced Mode.
    Klik op ja (yes) bij het volgend venster.
    Klik op Tools in de linkeronderkant.
    Klik op Resident en zet de vinkjes uit bij : Teatimer en SDHelper (als ze geinstalleerd zijn).
    Klik op Allow change (verandering toestaan)
    Sluit SSD en herstart je PC.



    Stap 1:

    Malware scannen en verwijderen....

    Start MBAM.
    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    ___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Opmerking:Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    Beveiligingssoftware uitschakelen.

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner en klik op Verwijderen

    • KLIK HIER voor een vergroting! 
    • Klik bij AdwCleaner – Information op OK
    • Klik bij AdwCleaner – Restart Required op OK

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

    ___________________________________________________________

    Stap 4:

    Controle op updates...

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.

    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.

    Emphyrio
    Last edited by Emphyrio; 11-06-13, 02:15.
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Het lukt me niet om Teatimer/SDHelper uit te zetten. Heb ook de optie Mode niet. Kan wel een vinkje zetten bij advanced mode. Heb dan alleen Settings. Die heb ik helemaal doorgekeken maar kan het niet vinden. Gebruik ook een gratis versie 2.1. Kan het daaraan liggen?

      Comment


      • #4
        Nee, daar ligt het niet aan.
        Het zou onder de tab "System Services" moeten staan: http://www.safer-networking.org/faq/...able-services/
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Hier de gevraagde logs:

          Malwarebytes Anti-Malware 1.75.0.1300
          www.malwarebytes.org

          Databaseversie: v2013.06.11.04

          Windows 7 Service Pack 1 x64 NTFS
          Internet Explorer 10.0.9200.16576
          Krista :: KRISRIK-3 [administrator]

          11-6-2013 15:32:37
          mbam-log-2013-06-11 (15-32-37).txt

          Scan type: Volledige scan (C:\|Z:\|)
          Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
          Uitgeschakelde scan opties: P2P
          Objecten gescand: 472309
          Verstreken tijd: 2 uur/uren, 22 minuut/minuten, 59 seconde(n)

          Geheugenprocessen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Geheugenmodulen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registersleutels gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerwaarden gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerdata gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Mappen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Bestanden gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          (einde)

          # AdwCleaner v2.303 - Verslag gemaakt op 11/06/2013 om 18:01:50
          # Geactualiseerd op 08/06/2013 door Xplode
          # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (64 bits)
          # Gebruiker : Krista - KRISRIK-3
          # Opstarten Modus : Normale modus
          # Gelanceerd vanaf : C:\Users\Krista\Desktop\adwcleaner.exe
          # Optie [Verwijderen]


          ***** [Diensten] *****


          ***** [Files / Mappen] *****

          File Désinfected : C:\Users\Krista\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk
          File Désinfected : C:\Users\Krista\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
          File Désinfected : C:\Users\Krista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
          Map Verwijderd : C:\Program Files (x86)\AVG Secure Search
          Map Verwijderd : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
          Map Verwijderd : C:\ProgramData\eSafe
          Map Verwijderd : C:\Users\Krista\AppData\Local\AVG Secure Search
          Map Verwijderd : C:\Users\Krista\AppData\Local\PutLockerDownloader
          Map Verwijderd : C:\Users\Krista\AppData\LocalLow\AVG Secure Search
          Map Verwijderd : C:\Users\Krista\AppData\Roaming\eIntaller
          Verwijderd bij het opstarten : C:\Program Files (x86)\Common Files\AVG Secure Search

          ***** [Register] *****

          Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Freecause
          Sleutel Verwijderd : HKCU\Software\AVG Secure Search
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{148DCAEC-C91D-441D-A0E7-519A0673E7F5}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F464A68D-1CF2-4991-93AB-A84351D7F676}
          Sleutel Verwijderd : HKCU\Software\OCS
          Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar
          Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
          Sleutel Verwijderd : HKLM\Software\AVG Secure Search
          Sleutel Verwijderd : HKLM\Software\AVG Security Toolbar
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F464A68D-1CF2-4991-93AB-A84351D7F676}
          Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
          Sleutel Verwijderd : HKLM\SOFTWARE\Tarma Installer
          Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
          Waarde Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

          ***** [Browsers] *****

          -\\ Internet Explorer v10.0.9200.16576

          [OK] Het register bevat geen enkele ongeoorloofde invoer.

          -\\ Google Chrome v [Onmogelijk de versie te verkrijgen]

          File : C:\Users\Krista\AppData\Local\Google\Chrome\User Data\Default\Preferences

          [OK] De file bevat geen enkele ongeoorloofde invoer.

          *************************

          AdwCleaner[R1].txt - [10952 octets] - [10/06/2013 17:05:11]
          AdwCleaner[R2].txt - [11013 octets] - [10/06/2013 17:06:28]
          AdwCleaner[S1].txt - [359 octets] - [10/06/2013 17:07:18]
          AdwCleaner[S2].txt - [6973 octets] - [11/06/2013 18:01:50]

          ########## EOF - C:\AdwCleaner[S2].txt - [7033 octets] ##########

          DDS (Ver_2012-11-20.01) - NTFS_AMD64
          Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.9.2
          Run by Krista at 18:31:55 on 2013-06-11
          Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2814.1675 [GMT 2:00]
          .
          AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
          SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
          SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
          .
          ============== Running Processes ===============
          .
          C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
          C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          C:\Windows\system32\svchost.exe -k RPCSS
          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
          C:\Windows\system32\svchost.exe -k LocalService
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Windows\system32\svchost.exe -k GPSvcGroup
          C:\Windows\system32\svchost.exe -k NetworkService
          C:\Windows\System32\spoolsv.exe
          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
          C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
          C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
          C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
          C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
          C:\Windows\system32\taskhost.exe
          C:\Windows\system32\Dwm.exe
          C:\Windows\Explorer.EXE
          C:\Windows\system32\taskeng.exe
          C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
          C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
          C:\Windows\WindowsMobile\wmdc.exe
          C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
          C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
          C:\Program Files (x86)\AVG\AVG2013\avgui.exe
          C:\Windows\system32\svchost.exe -k imgsvc
          C:\Windows\System32\svchost.exe -k WerSvcGroup
          C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
          C:\Program Files (x86)\iTunes\iTunesHelper.exe
          C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
          C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
          C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
          C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
          C:\Windows\system32\SearchIndexer.exe
          C:\Program Files\iPod\bin\iPodService.exe
          C:\Windows\system32\svchost.exe -k WindowsMobile
          C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
          C:\Program Files\Windows Media Player\wmpnetwk.exe
          C:\Windows\System32\svchost.exe -k LocalServicePeerNet
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          C:\Windows\system32\taskeng.exe
          C:\Windows\system32\SearchProtocolHost.exe
          C:\Windows\system32\SearchFilterHost.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Windows\System32\cscript.exe
          .
          ============== Pseudo HJT Report ===============
          .
          uStart Page = hxxp://www.google.nl/
          mStart Page = hxxp://www.msn.com
          mWinlogon: Userinit = userinit.exe,
          BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
          BHO: Gamers Unite! Snag Bar BHO: {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dll
          BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
          BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
          BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
          BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
          TB: Gamers Unite! Snag Bar: {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dll
          TB: Gamers Unite! Snag Bar: {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dll
          uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
          uRunOnce: [Shockwave Updater] C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64;

          Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C)"

          -"http://www8.agame.com/games/shockwave/m/My3DRoom/My3DRoom_girlsgogames_nl.htm"
          mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
          mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
          mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
          mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
          mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
          mRun: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
          mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
          mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
          mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
          uPolicies-Explorer: NoWindowsUpdate = dword:0
          uPolicies-Explorer: NoResolveTrack = dword:1
          uPolicies-Explorer: NoDevMgrUpdate = dword:1
          uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
          mPolicies-Explorer: NoActiveDesktop = dword:1
          mPolicies-Explorer: NoActiveDesktopChanges = dword:1
          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
          mPolicies-System: ConsentPromptBehaviorUser = dword:3
          mPolicies-System: EnableLUA = dword:0
          mPolicies-System: EnableUIADesktopToggle = dword:0
          IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
          IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
          .
          INFO: HKCU has more than 50 listed domains.
          If you wish to scan all of them, select the 'Force scan all domains' option.
          .
          DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
          DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
          DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
          TCP: Interfaces\{474F4330-CA30-4C04-948A-1366EC53D349} : NameServer =

          8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,15 6.154.71.1
          Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
          Handler: linkscanner - <Clsid value has no data>
          Handler: livecall - <Clsid value has no data>
          Handler: msnim - <Clsid value has no data>
          Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
          Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
          Notify: SDWinLogon - SDWinLogon.dll
          SSODL: WebCheck - <orphaned>
          SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
          x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
          x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
          x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
          x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
          x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
          x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
          x64-Handler: linkscanner - <Clsid value has no data>
          x64-Handler: livecall - <Clsid value has no data>
          x64-Handler: msnim - <Clsid value has no data>
          x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
          x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
          x64-SSODL: WebCheck - <orphaned>
          x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
          .
          ============= SERVICES / DRIVERS ===============
          .
          R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
          R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
          R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
          R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
          R0 johci;JMicron 1394 Filter Driver;C:\Windows\System32\drivers\johci.sys [2010-6-18 18784]
          R0 xfiltx64;VIA SATA IDE Hot-plug Driver;C:\Windows\System32\drivers\xfiltx64.sys [2010-6-18 26776]
          R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
          R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
          R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
          R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-4-1 45856]
          R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-3-25 283200]
          R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
          R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
          R2 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [2013-1-31 128000]
          R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-6-10 1817560]
          R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-6-10 1033688]
          R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-6-10 171928]
          R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2012-4-2 31216]
          R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-6-18 384552]
          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
          S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-5-8 161384]
          S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe --> C:\Program Files

          (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [?]
          S3 2310_00;2310_00;C:\Windows\System32\drivers\2310_00.sys [2010-6-18 170528]
          S3 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2010-6-18 231224]
          S3 arcm_a64;arcm_a64;C:\Windows\System32\drivers\arcm_a64.sys [2010-6-18 52768]
          S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
          S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-3-25 48488]
          S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
          S3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-6-18 56344]
          S3 hitmanpro35;Hitman Pro 3.5 Support Driver;C:\Windows\System32\drivers\hitmanpro36.sys [2012-7-18 27936]
          S3 hptiop;hptiop;C:\Windows\System32\drivers\hptiop.sys [2010-6-18 17440]
          S3 hptmv;hptmv;C:\Windows\System32\drivers\hptmv.sys [2010-6-18 93472]
          S3 hptmv6;hptmv6;C:\Windows\System32\drivers\hptmv6.sys [2010-6-18 152096]
          S3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTVE.sys [2010-6-18 43416]
          S3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTXPE.sys [2010-6-18 51096]
          S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-6-18 158976]
          S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2010-6-18 40144]
          S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2010-6-18 42192]
          S3 MegaSR1;MegaSR1;C:\Windows\System32\drivers\MegaSR1.sys [2010-6-18 461320]
          S3 nvamacpi;nvamacpi;C:\Windows\System32\drivers\nvamacpi.sys [2010-6-18 28192]
          S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
          S3 Pnp680;Pnp680;C:\Windows\System32\drivers\PnP680.sys [2010-6-18 80424]
          S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-3 19456]
          S3 rr172x;rr172x;C:\Windows\System32\drivers\rr172x.sys [2010-6-18 124448]
          S3 rr174x;rr174x;C:\Windows\System32\drivers\rr174x.sys [2010-6-18 159264]
          S3 rr2210;rr2210;C:\Windows\System32\drivers\rr2210.sys [2010-6-18 153632]
          S3 rr232x;rr232x;C:\Windows\System32\drivers\rr232x.sys [2010-6-18 152096]
          S3 rr2340;rr2340;C:\Windows\System32\drivers\rr2340.sys [2010-6-18 162400]
          S3 rr2522;rr2522;C:\Windows\System32\drivers\rr2522.sys [2010-6-18 168032]
          S3 rr62x;rr62x;C:\Windows\System32\drivers\rr62x.sys [2010-6-18 155232]
          S3 SI3112r;SI3112r;C:\Windows\System32\drivers\SI3112r.sys [2010-6-18 164656]
          S3 SI3114;SI3114;C:\Windows\System32\drivers\SI3114.sys [2010-6-18 99120]
          S3 SI3124;SI3124;C:\Windows\System32\drivers\SI3124.sys [2010-6-18 113456]
          S3 Si3124r5;Si3124r5;C:\Windows\System32\drivers\Si3124r5.sys [2010-6-18 334640]
          S3 Si3531;Si3531;C:\Windows\System32\drivers\Si3531.sys [2010-6-18 330544]
          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-3 57856]
          S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
          S3 viamrx64;viamrx64;C:\Windows\System32\drivers\viamrx64.sys [2010-6-18 158944]
          S3 videX64;videX64;C:\Windows\System32\drivers\videX64.sys [2010-6-18 15000]
          S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-29 1255736]
          S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-6-18 202752]
          S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-9-23 641832]
          .
          =============== Created Last 30 ================
          .
          2013-06-11 12:21:16 -------- d-----w- C:\Users\Krista\AppData\Local\{16B60272-37D9-4C5D-B10E-442A5EACADE5}
          2013-06-10 22:17:56 -------- d-----w- C:\Users\Krista\AppData\Local\{681EECAC-20EC-4954-9D20-54C214201115}
          2013-06-10 16:18:50 -------- d-----w- C:\Program Files\CCleaner
          2013-06-10 15:24:45 -------- d-----w- C:\Users\Krista\AppData\Roaming\Malwarebytes
          2013-06-10 15:24:26 -------- d-----w- C:\ProgramData\Malwarebytes
          2013-06-10 15:24:24 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
          2013-06-10 15:24:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
          2013-06-10 15:07:32 -------- d-----w- C:\Windows\ERUNT
          2013-06-10 15:07:26 -------- d-----w- C:\JRT
          2013-06-10 12:21:40 110080 ----a-r- C:\Users\Krista\AppData\Roaming\Microsoft\Installer\{BCD55450-77AC-4347-B24F-654B1189F8D4}\IconF7A21AF7.exe
          2013-06-10 12:21:40 110080 ----a-r- C:\Users\Krista\AppData\Roaming\Microsoft\Installer\{BCD55450-77AC-4347-B24F-654B1189F8D4}\IconD7F16134.exe
          2013-06-10 12:21:40 110080 ----a-r- C:\Users\Krista\AppData\Roaming\Microsoft\Installer\{BCD55450-77AC-4347-B24F-654B1189F8D4}\Icon1226A4C5.exe
          2013-06-10 12:21:39 -------- d-----w- C:\sh4ldr
          2013-06-10 12:21:39 -------- d-----w- C:\Program Files\Enigma Software Group
          2013-06-10 12:21:20 -------- d-----w- C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
          2013-06-10 12:21:17 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
          2013-06-09 23:26:25 -------- d-----w- C:\Users\Krista\AppData\Roaming\DailyMagic
          2013-06-09 23:26:25 -------- d-----w- C:\ProgramData\DailyMagic
          2013-06-09 22:37:03 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
          2013-06-09 22:36:50 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
          2013-06-09 22:36:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
          2013-05-22 20:36:51 -------- d-----w- C:\Users\Krista\AppData\Roaming\Minecraft Portable [cir]
          2013-05-16 13:50:07 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
          2013-05-16 13:50:06 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
          2013-05-16 13:50:06 144384 ----a-w- C:\Windows\System32\cdd.dll
          2013-05-16 13:49:46 1930752 ----a-w- C:\Windows\System32\authui.dll
          2013-05-16 13:49:43 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
          2013-05-16 13:49:43 111448 ----a-w- C:\Windows\System32\consent.exe
          2013-05-16 13:49:42 70144 ----a-w- C:\Windows\System32\appinfo.dll
          2013-05-16 13:49:20 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
          2013-05-16 13:49:20 230400 ----a-w- C:\Windows\System32\wwansvc.dll
          2013-05-16 13:49:18 3153920 ----a-w- C:\Windows\System32\win32k.sys
          .
          ==================== Find3M ====================
          .
          2013-05-21 16:15:58 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
          2013-05-15 13:50:41 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
          2013-05-15 13:50:41 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
          2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
          2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
          2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
          2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
          2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
          2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
          2013-04-12 22:30:28 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
          2013-04-12 22:30:27 19968 ----a-w- C:\Windows\System32\drivers\usb8023x.sys
          2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
          2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll
          2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll
          2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll
          2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll
          2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll
          2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
          2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
          2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
          2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
          2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
          2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
          2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
          2013-03-29 00:53:48 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
          2013-03-23 01:09:28 354656 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
          2013-03-21 01:08:24 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
          2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
          2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
          2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
          2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
          2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
          2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
          2013-03-14 19:13:58 6634052 ----a-w- C:\Minecraft 1 1 0 Cracked Full Installer.exe
          2012-12-22 06:13:42 2174976 ----a-w- C:\Program Files (x86)\Common Files\atimpenc.dll
          .
          ============= FINISH: 18:33:08,06 ===============

          Results of screen317's Security Check version 0.99.64
          Windows 7 Service Pack 1 x64 (UAC is disabled!)
          Internet Explorer 10
          ``````````````Antivirus/Firewall Check:``````````````
          AVG AntiVirus Free Edition 2013
          Antivirus up to date!
          `````````Anti-malware/Other Utilities Check:`````````
          Spybot - Search & Destroy
          Malwarebytes Anti-Malware versie 1.75.0.1300
          JavaFX 2.1.1
          Java 7 Update 9
          Java version out of Date!
          ````````Process Check: objlist.exe by Laurent````````
          Spybot Teatimer.exe is disabled!
          AVG avgwdsvc.exe
          `````````````````System Health check`````````````````
          Total Fragmentation on Drive C: 0%
          ````````````````````End of Log``````````````````````


          Hartelijk bedankt voor de moeite alvast

          KrisRik

          Comment


          • #6
            Java 7 Update 9 mag je verwijderen van je pc.
            Herstarten hierna.


            Download of Update Ccleaner

            Start CCleaner op.
            • Run Ccleaner en klik in de linkse kolom op Opties
            • Selecteer het tabblad Geavanceerd
            • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
            • Selecteer het tabblad Instellingen
            • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
            • Klik in de linkse kolom op Cleaner.
            • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
            • Klik vervolgens in de linkse kolom op Register
            • Klik op Scan naar problemen.
            • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK


            Hoe is het nu?
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              Het probleem van de startpagina was voor Ccleaner al opgelost, maar heb het programma nog wel laten draaien.
              Dank je wel voor je hulp.

              Comment


              • #8
                1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                4) Allerlei tips en hints kan je hier raadplegen.


                Ik zet het topic op opgelost.

                Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden
                naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                Dit is gedaan om het forum netjes en overzichtelijk te houden.

                Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                Emphyrio
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X