Mededeling

Collapse
No announcement yet.

coupon dropdown

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • coupon dropdown

    Beste mensen, sinds kort heb ik last van (denk ik) 'coupon dropdown'. Dat betekent dat ik in elke willekeurige tekst op internet 'links' krijg met coupon aanbiedingen. Zien jullie in onderstaande scan wat ik dan weg moet halen? Of is er een andere oplossing? Volgens mij zijn er meerdere dingen die ik weg kan halen, zoals '010- unkown file(...)' maar weet het niet zeker.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 14:34:26, on 29-7-2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16496)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files (x86)\AVG\AVG2013\avgui.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kpnvandaag.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - (no file)
    R3 - URLSearchHook: (no name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://verkopen.marktplaats.nl/js/wi...eUploader5.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
    O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
    O20 - AppInit_DLLs:
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: Web Assistant - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10643 bytes

  • #2
    Hoi Cisca1973 en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Stap 1:

    Malware scannen en verwijderen....


    Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links: Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    ___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Opmerking:Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    Beveiligingssoftware uitschakelen.

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner en klik op Verwijderen

    • KLIK HIER voor een vergroting! 
    • Klik bij AdwCleaner – Information op OK
    • Klik bij AdwCleaner – Restart Required op OK

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

    ___________________________________________________________

    Stap 4:

    Controle op updates...

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.

    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Beste Emphyrio, dank voor je hulp.
      Bij deze eerst de logs van stap 1, de rest ga ik nu doen:

      Malwarebytes Anti-Malware 1.75.0.1300
      Protect your home and business PCs, Macs, iOS and Android devices from malware, viruses & cyber threats with our comprehensive cyber security solutions. Free trials available.


      Databaseversie: v2013.07.29.05

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      W7 :: W7-PC [administrator]

      29-7-2013 22:38:45
      mbam-log-2013-07-29 (22-38-45).txt

      Scan type: Volledige scan (C:\|D:\|I:\|)
      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
      Uitgeschakelde scan opties: P2P
      Objecten gescand: 371335
      Verstreken tijd: 59 minuut/minuten, 45 seconde(n)

      Geheugenprocessen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Geheugenmodulen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registersleutels gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerwaarden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerdata gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Mappen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Bestanden gedetecteerd: 2
      C:\Users\W7\Music\Shared\Mijn documenten\photoshop_cs2_keygen.zip (RiskWare.Tool.CK) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\W7\Music\Shared\Mijn documenten\photoshop_cs2_keygen\photoshop_cs2_keygen.exe (RiskWare.Tool.CK) -> Succesvol in quarantaine geplaatst en verwijderd.

      (einde)

      alwarebytes Anti-Malware 1.75.0.1300
      Protect your home and business PCs, Macs, iOS and Android devices from malware, viruses & cyber threats with our comprehensive cyber security solutions. Free trials available.


      Databaseversie: v2013.07.29.05

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      W7 :: W7-PC [administrator]

      29-7-2013 23:46:30
      mbam-log-2013-07-29 (23-46-30).txt

      Scan type: Snelle scan
      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
      Uitgeschakelde scan opties: P2P
      Objecten gescand: 219357
      Verstreken tijd: 5 minuut/minuten, 51 seconde(n)

      Geheugenprocessen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Geheugenmodulen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registersleutels gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerwaarden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerdata gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Mappen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Bestanden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      (einde)

      Comment


      • #4
        Bij deze de logfile van stap 2, nu zonder smileys:

        # AdwCleaner v2.306 - Verslag gemaakt op 30/07/2013 om 00:08:38
        # Geactualiseerd op 19/07/2013 door Xplode
        # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
        # Gebruiker : W7 - W7-PC
        # Opstarten Modus : Normale modus
        # Gelanceerd vanaf : C:\Users\W7\Desktop\adwcleaner.exe
        # Optie [Verwijderen]


        ***** [Diensten] *****

        Gestopt & Verwijdert : Web Assistant

        ***** [Files / Mappen] *****

        Map Verwijderd : C:\Program Files (x86)\Conduit
        Map Verwijderd : C:\Program Files\Web Assistant
        Map Verwijderd : C:\ProgramData\ssafe, seaave
        Map Verwijderd : C:\Users\W7\AppData\Local\Conduit
        Map Verwijderd : C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
        Map Verwijderd : C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
        Map Verwijderd : C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
        Map Verwijderd : C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojknihllgfakgpjaobeknddloneocbon
        Map Verwijderd : C:\Users\W7\AppData\LocalLow\Conduit
        Map Verwijderd : C:\Users\W7\AppData\LocalLow\PriceGong
        Map Verwijderd : C:\Users\W7\AppData\LocalLow\ssafe, seaave
        Map Verwijderd : C:\Users\W7\AppData\Roaming\dvdvideosoftiehelpers
        Map Verwijderd : C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\9dfszpe8.default\CT2865317
        Map Verwijderd : C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\9dfszpe8.default\extensions\{87775fdb-6972-41f9-ae51-8326e38cb206}
        Map Verwijderd : C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\9dfszpe8.default\extensions\staged
        Map Verwijderd : C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\9dfszpe8.default\Smartbar

        ***** [Register] *****

        Sleutel Verwijderd : HKCU\Software\APN PIP
        Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong
        Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
        Sleutel Verwijderd : HKCU\Software\AppDataLow\SProtector
        Sleutel Verwijderd : HKCU\Software\Conduit
        Sleutel Verwijderd : HKCU\Software\IM
        Sleutel Verwijderd : HKCU\Software\ImInstaller
        Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Sleutel Verwijderd : HKCU\Software\Softonic
        Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
        Sleutel Verwijderd : HKLM\Software\AVG Secure Search
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
        Sleutel Verwijderd : HKLM\Software\Conduit
        Sleutel Verwijderd : HKLM\Software\ImInstaller
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
        Sleutel Verwijderd : HKLM\Software\SProtector
        Sleutel Verwijderd : HKLM\Software\Web Assistant
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
        Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
        Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
        Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
        Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
        Sleutel Verwijderd : HKLM\SOFTWARE\Web Assistant
        Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

        ***** [Browsers] *****

        -\\ Internet Explorer v9.0.8112.16496

        [OK] Het register bevat geen enkele ongeoorloofde invoer.

        -\\ Mozilla Firefox v15.0.1 (nl)

        File : C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\9dfszpe8.default\prefs.js

        Verwijderd : user_pref("CT2865317.1000234.TWC_TMP_city", "AMERSFOORT");
        Verwijderd : user_pref("CT2865317.1000234.TWC_TMP_country", "NL");
        Verwijderd : user_pref("CT2865317.1000234.TWC_country", "NETHERLANDS");
        Verwijderd : user_pref("CT2865317.1000234.TWC_locId", "NLXX0056");
        Verwijderd : user_pref("CT2865317.1000234.TWC_location", "Amersfoort, Netherlands");
        Verwijderd : user_pref("CT2865317.1000234.TWC_region", "OT");
        Verwijderd : user_pref("CT2865317.1000234.TWC_temp_dis", "c");
        Verwijderd : user_pref("CT2865317.1000234.TWC_wind_dis", "kmh");
        Verwijderd : user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"32.png\",\"temperature\":\"24°C\",\"temperat
        Verwijderd : user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
        Verwijderd : user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru
        Verwijderd : user_pref("CT2865317.FirstTime", "true");
        Verwijderd : user_pref("CT2865317.FirstTimeFF3", "true");
        Verwijderd : user_pref("CT2865317.LoginRevertSettingsEnabled", true);
        Verwijderd : user_pref("CT2865317.PG_ENABLE", "dHJ1ZQ==");
        Verwijderd : user_pref("CT2865317.PG_ENABLE.enc", "dHJ1ZQ==");
        Verwijderd : user_pref("CT2865317.RevertSettingsEnabled", true);
        Verwijderd : user_pref("CT2865317.SF_JUST_INSTALLED.enc", "RkFMU0U=");
        Verwijderd : user_pref("CT2865317.SF_STATUS.enc", "RU5BQkxFRA==");
        Verwijderd : user_pref("CT2865317.SF_USER_ID.enc", "Y2lkXzI0NTIwMTMyMzUzMzI2NDUxNjMw");
        Verwijderd : user_pref("CT2865317.UserID", "UN67372390139992771");
        Verwijderd : user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true");
        Verwijderd : user_pref("CT2865317.autoDisableScopes", -1);
        Verwijderd : user_pref("CT2865317.cbfirsttime.enc", "RnJpIE1heSAyNCAyMDEzIDIzOjUzOjM3IEdNVCswMjAw");
        Verwijderd : user_pref("CT2865317.defaultSearch", "false");
        Verwijderd : user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"cross
        Verwijderd : user_pref("CT2865317.enableAlerts", "always");
        Verwijderd : user_pref("CT2865317.enableFix404ByUser", "FALSE");
        Verwijderd : user_pref("CT2865317.enableSearchFromAddressBar", "false");
        Verwijderd : user_pref("CT2865317.firstTimeDialogOpened", "true");
        Verwijderd : user_pref("CT2865317.fixPageNotFoundError", "true");
        Verwijderd : user_pref("CT2865317.fixPageNotFoundErrorByUser", "true");
        Verwijderd : user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true");
        Verwijderd : user_pref("CT2865317.fixUrls", true);
        Verwijderd : user_pref("CT2865317.installDate", "5/2/2013 16:32:24");
        Verwijderd : user_pref("CT2865317.installType", "xpe");
        Verwijderd : user_pref("CT2865317.isCheckedStartAsHidden", true);
        Verwijderd : user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
        Verwijderd : user_pref("CT2865317.isFirstTimeToolbarLoading", "false");
        Verwijderd : user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
        Verwijderd : user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
        Verwijderd : user_pref("CT2865317.lastVersion", "10.15.0.562");
        Verwijderd : user_pref("CT2865317.mam_gk_appStateReportTime.enc", "MTM3MTQ5Mjc4MjU1MA==");
        Verwijderd : user_pref("CT2865317.mam_gk_appState_CouponBuddy.enc", "b24=");
        Verwijderd : user_pref("CT2865317.mam_gk_appState_PriceGong.enc", "b24=");
        Verwijderd : user_pref("CT2865317.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w
        Verwijderd : user_pref("CT2865317.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
        Verwijderd : user_pref("CT2865317.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGF
        Verwijderd : user_pref("CT2865317.mam_gk_currentVersion.enc", "MS44LjAuNA==");
        Verwijderd : user_pref("CT2865317.mam_gk_first_time.enc", "MQ==");
        Verwijderd : user_pref("CT2865317.mam_gk_installer_preapproved.enc", "dHJ1ZQ==");
        Verwijderd : user_pref("CT2865317.mam_gk_lastLoginTime.enc", "MTM3MTQ5Mjc3OTA1Mg==");
        Verwijderd : user_pref("CT2865317.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJCZWxlaWQg
        Verwijderd : user_pref("CT2865317.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
        Verwijderd : user_pref("CT2865317.mam_gk_settings1.4.3.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd
        Verwijderd : user_pref("CT2865317.mam_gk_settings1.4.3.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd
        Verwijderd : user_pref("CT2865317.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd
        Verwijderd : user_pref("CT2865317.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd
        Verwijderd : user_pref("CT2865317.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd
        Verwijderd : user_pref("CT2865317.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
        Verwijderd : user_pref("CT2865317.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
        Verwijderd : user_pref("CT2865317.mam_gk_userId.enc", "MmZjNThmYzUtNmVmNS00ZDJjLWJiZWQtOTcxNjlhMTRhZWI4");
        Verwijderd : user_pref("CT2865317.mam_gk_user_apps_selection.enc", "");
        Verwijderd : user_pref("CT2865317.migrateAppsAndComponents", true);
        Verwijderd : user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%
        Verwijderd : user_pref("CT2865317.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
        Verwijderd : user_pref("CT2865317.openThankYouPage", "true");
        Verwijderd : user_pref("CT2865317.openUninstallPage", "false");
        Verwijderd : user_pref("CT2865317.price-gong.isManagedApp", "true");
        Verwijderd : user_pref("CT2865317.revertSettingsEnabled", "false");
        Verwijderd : user_pref("CT2865317.search.searchAppId", "129363015615338104");
        Verwijderd : user_pref("CT2865317.search.searchCount", "0");
        Verwijderd : user_pref("CT2865317.searchInNewTabEnabledByUser", "false");
        Verwijderd : user_pref("CT2865317.searchInNewTabEnabledInHidden", "true");
        Verwijderd : user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
        Verwijderd : user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d
        Verwijderd : user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\
        Verwijderd : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d
        Verwijderd : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin
        Verwijderd : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin
        Verwijderd : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data
        Verwijderd : user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1371492961016");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1371492961027");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1371492961145");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_location_lastUpdate", "1371492962373");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364815770345");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_login_10.14.42.7_lastUpdate", "1363633737159");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_login_10.15.0.562_lastUpdate", "1371492960879");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1371492961262");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1371492962364");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1371492956594");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1371492961039");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1371492961615");
        Verwijderd : user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1371492960979");
        Verwijderd : user_pref("CT2865317.settingsINI", true);
        Verwijderd : user_pref("CT2865317.shouldFirstTimeDialog", "false");
        Verwijderd : user_pref("CT2865317.showToolbarPermission", "false");
        Verwijderd : user_pref("CT2865317.smartbar.CTID", "CT2865317");
        Verwijderd : user_pref("CT2865317.smartbar.Uninstall", "0");
        Verwijderd : user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL ");
        Verwijderd : user_pref("CT2865317.startPage", "false");
        Verwijderd : user_pref("CT2865317.toolbarBornServerTime", "6-3-2013");
        Verwijderd : user_pref("CT2865317.toolbarCurrentServerTime", "17-6-2013");
        Verwijderd : user_pref("CT2865317.toolbarLoginClientTime", "Wed Mar 20 2013 00:13:44 GMT+0100");
        Verwijderd : user_pref("CT2865317.url_history0001.enc", "aHR0cDovL3d3dy5iZWF1dHlub2xkZXJ3b3VkLm5sLzo6OmNsaWNraGFu
        Verwijderd : user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"
        Verwijderd : user_pref("ct2865317.UserID", "UN67372390139992771");
        Verwijderd : user_pref("smartbar.machineId", "AEI/NOVHTVV9HTDZBCXJMIKCIWF41XSTI5EPFBJHVCHO20IUOVEFUV2VKXDTLF5D0YO

        -\\ Google Chrome v [Onmogelijk de versie te verkrijgen]

        File : C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Preferences

        [OK] De file bevat geen enkele ongeoorloofde invoer.

        *************************

        AdwCleaner[S1].txt - [15803 octets] - [30/07/2013 00:08:38]

        ########## EOF - C:\AdwCleaner[S1].txt - [15864 octets] ##########

        Comment


        • #5
          Stap 3, de inhoud van DDS.txt

          DDS (Ver_2012-11-20.01) - NTFS_AMD64
          Internet Explorer: 9.0.8112.16496 BrowserJavaVersion: 10.7.2
          Run by W7 at 0:29:20 on 2013-07-30
          Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3710.2221 [GMT 2:00]
          .
          AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
          SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
          .
          ============== Running Processes ===============
          .
          C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
          C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          C:\Windows\system32\svchost.exe -k RPCSS
          C:\Windows\system32\atiesrxx.exe
          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Windows\system32\svchost.exe -k LocalService
          C:\Windows\system32\svchost.exe -k NetworkService
          C:\Windows\system32\atieclxx.exe
          C:\Windows\System32\spoolsv.exe
          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
          C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
          C:\Windows\system32\taskhost.exe
          C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
          C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
          C:\Windows\system32\Dwm.exe
          C:\Windows\Explorer.EXE
          C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
          C:\Windows\system32\IProsetMonitor.exe
          C:\Windows\system32\svchost.exe -k imgsvc
          C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
          C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
          C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
          C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
          C:\Windows\system32\NOTEPAD.EXE
          C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
          C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
          C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
          C:\Program Files (x86)\AVG\AVG2013\avgui.exe
          C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
          C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
          C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
          C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
          C:\Windows\System32\WUDFHost.exe
          C:\Windows\system32\SearchIndexer.exe
          C:\Program Files\Windows Media Player\wmpnetwk.exe
          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
          C:\Windows\System32\svchost.exe -k LocalServicePeerNet
          C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
          C:\Program Files (x86)\Internet Explorer\iexplore.exe
          C:\Program Files (x86)\Internet Explorer\iexplore.exe
          C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
          C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
          C:\Windows\system32\wuauclt.exe
          C:\Windows\system32\svchost.exe -k SDRSVC
          C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
          C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
          C:\Program Files (x86)\Internet Explorer\iexplore.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Windows\System32\cscript.exe
          .
          ============== Pseudo HJT Report ===============
          .
          uStart Page = hxxp://www.kpnvandaag.nl/
          uSearch Bar = hxxp://www.google.com/ie
          uSearch Page = hxxp://www.google.com
          uDefault_Search_URL = hxxp://www.google.com/ie
          uSearchAssistant = hxxp://www.google.com/ie
          uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
          uURLSearchHooks: {95324e44-4b0a-47a9-8f77-9c6415e51c29} - <orphaned>
          uURLSearchHooks: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - <orphaned>
          mWinlogon: Userinit = userinit.exe,
          BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
          BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
          TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
          TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
          uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
          uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
          mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
          mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
          mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
          mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
          mRun: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
          mRun: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
          mRun: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
          mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
          mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
          mPolicies-Explorer: NoActiveDesktop = dword:1
          mPolicies-Explorer: NoActiveDesktopChanges = dword:1
          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
          mPolicies-System: ConsentPromptBehaviorUser = dword:3
          mPolicies-System: EnableUIADesktopToggle = dword:0
          IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
          IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
          IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
          DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
          DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
          DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab
          DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
          DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
          DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
          DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
          TCP: NameServer = 192.168.2.254
          TCP: Interfaces\{07000A18-84FE-46C8-A63A-1B674A90AE3D} : DHCPNameServer = 192.168.2.254
          TCP: Interfaces\{07000A18-84FE-46C8-A63A-1B674A90AE3D}\4656D696261627472756E637 : DHCPNameServer = 192.168.2.254
          TCP: Interfaces\{2F5A9128-446E-442F-A03F-4561886BBD03} : DHCPNameServer = 192.168.2.254
          TCP: Interfaces\{3F0889FA-47E8-4C10-89FE-06F4BA4A4385} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
          TCP: Interfaces\{66037489-544E-44FD-BD37-3521170040A0} : DHCPNameServer = 192.168.2.254
          TCP: Interfaces\{66037489-544E-44FD-BD37-3521170040A0}\4586F6D637F6E6332433832454 : DHCPNameServer = 192.168.2.254
          TCP: Interfaces\{66037489-544E-44FD-BD37-3521170040A0}\4656D696261627472756E637 : DHCPNameServer = 192.168.2.254
          TCP: Interfaces\{7ED53C43-E5FA-41C6-8DD8-A48799B8F482} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
          TCP: Interfaces\{D2902558-8DCF-431F-B636-ACA9D99D7D05} : DHCPNameServer = 192.168.2.254
          Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
          Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
          Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
          Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
          SSODL: WebCheck - <orphaned>
          x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
          x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
          x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
          x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
          x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
          x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
          x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
          x64-DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
          x64-DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
          x64-DPF: {60677965-AB8B-464F-9B04-4BA871A2F17F} - hxxps://tobias.edutopics.nl/Main_Financien/Reserved.ReportViewerWebPart.axd?ReportSession=znijmcytnzju4sqrzibmzruc&ControlID=bb86c5221a0d4bcf83 fd8f52e5b58427&Culture=1043&UICulture=1043&ReportStack=1&OpType=PrintCab&Arch=X64
          x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
          x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
          x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
          x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
          x64-Notify: igfxcui - igfxdev.dll
          x64-SSODL: WebCheck - <orphaned>
          .
          ============= SERVICES / DRIVERS ===============
          .
          R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
          R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
          R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
          R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
          R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-10-1 302120]
          R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
          R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
          R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
          R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-29 241152]
          R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-3-28 361984]
          R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
          R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
          R2 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2010-11-1 38144]
          R2 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2010-11-1 62080]
          R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-10 13592]
          R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2011-7-12 171176]
          R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-17 2984832]
          R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-10 2656536]
          R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
          R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-17 344680]
          R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-4-3 58536]
          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
          S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2009-11-16 40144]
          S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2009-11-16 42192]
          S3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;C:\Windows\System32\drivers\netr7364.sys [2009-6-10 707072]
          S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-10 91648]
          S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-10 208896]
          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
          S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
          S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-12 1255736]
          .
          =============== Created Last 30 ================
          .
          2013-07-22 23:07:37 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
          2013-07-22 23:07:37 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
          2013-07-22 23:07:37 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
          2013-07-22 23:07:37 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
          2013-07-22 23:07:37 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
          2013-07-22 23:07:37 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
          2013-07-22 23:07:37 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
          2013-07-22 23:07:31 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
          2013-07-22 23:07:31 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
          2013-07-22 23:06:54 1545728 ----a-w- C:\Windows\System32\DWrite.dll
          2013-07-22 23:06:54 1077760 ----a-w- C:\Windows\SysWow64\DWrite.dll
          2013-07-22 20:40:23 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
          2013-07-22 20:40:23 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
          2013-07-22 20:40:23 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
          2013-07-22 20:40:22 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
          2013-07-22 20:40:22 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
          2013-07-22 20:39:21 624128 ----a-w- C:\Windows\System32\qedit.dll
          2013-07-22 20:39:21 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
          2013-07-22 20:39:06 3153920 ----a-w- C:\Windows\System32\win32k.sys
          2013-07-22 20:20:56 -------- d--h--w- C:\$AVG
          2013-07-17 09:26:33 -------- d-----w- C:\Program Files (x86)\RoosRoos Loon 2013
          2013-07-09 13:40:17 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
          2013-07-03 07:56:26 -------- d-----w- C:\Program Files (x86)\SafeSaver
          2013-07-03 07:54:58 -------- d-----w- C:\ProgramData\StarApp
          2013-07-03 07:54:11 -------- d-----w- C:\ProgramData\InstallMate
          .
          ==================== Find3M ====================
          .
          2013-07-23 21:24:44 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
          2013-07-23 21:24:44 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
          2013-05-29 05:43:16 2312704 ----a-w- C:\Windows\System32\jscript9.dll
          2013-05-29 05:35:44 1392128 ----a-w- C:\Windows\System32\wininet.dll
          2013-05-29 05:34:14 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
          2013-05-29 05:29:56 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
          2013-05-29 05:29:02 599040 ----a-w- C:\Windows\System32\vbscript.dll
          2013-05-29 05:25:09 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
          2013-05-29 01:50:14 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
          2013-05-29 01:41:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
          2013-05-29 01:41:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
          2013-05-29 01:37:15 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
          2013-05-29 01:36:09 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
          2013-05-29 01:33:22 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
          2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
          2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
          2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
          2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
          2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
          2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
          2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
          2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
          2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
          2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
          2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
          2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
          2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
          .
          ============= FINISH: 0:29:59,43 ===============

          Comment


          • #6
            En nu stap 4, Checkup.txt:

            Results of screen317's Security Check version 0.99.71
            Windows 7 Service Pack 1 x64 (UAC is enabled)
            Internet Explorer 10
            ``````````````Antivirus/Firewall Check:``````````````
            AVG AntiVirus Free Edition 2013
            Antivirus up to date!
            `````````Anti-malware/Other Utilities Check:`````````
            Java(TM) 6 Update 22
            Java(TM) 6 Update 32
            Java 7 Update 7
            Java version out of Date!
            Adobe Flash Player 11.7.700.224
            Adobe Reader 10.1.7 Adobe Reader out of Date!
            Mozilla Firefox 15.0.1 Firefox out of Date!
            ````````Process Check: objlist.exe by Laurent````````
            AVG avgwdsvc.exe
            `````````````````System Health check`````````````````
            Total Fragmentation on Drive C: 2%
            ````````````````````End of Log``````````````````````

            Comment


            • #7
              De volgende tools mag je eerst updaten, hoe je dit precies doet staat aangegeven in de links:
              .
              • Java
              • Adobe Reader (Vergeet niet om de gratis Google Tool Bar uit te vinken voor je installeert !)


              .
              Je PC herstarten hierna.


              Update je Firefox.


              Download of Update Ccleaner

              Start CCleaner op.
              • Run Ccleaner en klik in de linkse kolom op Opties
              • Selecteer het tabblad Geavanceerd
              • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
              • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
              • Selecteer het tabblad Instellingen
              • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
              • Klik in de linkse kolom op Cleaner.
              • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
              • Klik vervolgens in de linkse kolom op Register
              • Klik op Scan naar problemen.
              • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK



              Plaatst een verse log van Security Check.
              Last edited by Emphyrio; 31-07-13, 02:48.
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                Wilt het lukken?
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Ja zeker, had wat problemen met het updaten van Mozilla, maar het is gelukt, ben nu bij de volgende stap: CCleaner

                  Comment


                  • #10
                    Mooi zo
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Hier de verse Security Check, al begrijp ik niet dat Adobe Reader niet up to date is.

                      Results of screen317's Security Check version 0.99.71
                      Windows 7 Service Pack 1 x64 (UAC is enabled)
                      Internet Explorer 10
                      ``````````````Antivirus/Firewall Check:``````````````
                      AVG AntiVirus Free Edition 2013
                      Antivirus up to date!
                      `````````Anti-malware/Other Utilities Check:`````````
                      Java 7 Update 25
                      Adobe Flash Player 11.7.700.224
                      Adobe Reader 10.1.7 Adobe Reader out of Date!
                      Mozilla Firefox (22.0)
                      ````````Process Check: objlist.exe by Laurent````````
                      AVG avgwdsvc.exe
                      `````````````````System Health check`````````````````
                      Total Fragmentation on Drive C: 3%
                      ````````````````````End of Log``````````````````````

                      Comment


                      • #12
                        Post eens een verse DDS log en post de ATTACHED.txt als bijlage.

                        De laatste Adobe is 11.0.3
                        Je moet wel eerst 11.0.0 installeren en daarna deze upgraden naar 11.0.3.
                        Last edited by Emphyrio; 31-07-13, 02:47.
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          DDS (Ver_2012-11-20.01) - NTFS_AMD64
                          Internet Explorer: 9.0.8112.16496 BrowserJavaVersion: 10.25.2
                          Run by W7 at 9:48:02 on 2013-07-31
                          Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3710.1962 [GMT 2:00]
                          .
                          AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
                          SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                          SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
                          .
                          ============== Running Processes ===============
                          .
                          C:\Windows\system32\lsm.exe
                          C:\Windows\system32\svchost.exe -k DcomLaunch
                          C:\Windows\system32\svchost.exe -k RPCSS
                          C:\Windows\system32\atiesrxx.exe
                          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                          C:\Windows\system32\svchost.exe -k netsvcs
                          C:\Windows\system32\svchost.exe -k LocalService
                          C:\Windows\system32\atieclxx.exe
                          C:\Windows\system32\svchost.exe -k NetworkService
                          C:\Windows\System32\spoolsv.exe
                          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                          C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
                          C:\Windows\system32\taskhost.exe
                          C:\Windows\system32\Dwm.exe
                          C:\Windows\Explorer.EXE
                          C:\Windows\system32\IProsetMonitor.exe
                          C:\Windows\system32\svchost.exe -k imgsvc
                          C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
                          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                          C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
                          C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
                          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                          C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                          C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
                          C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                          C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
                          C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
                          C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                          C:\Windows\System32\WUDFHost.exe
                          C:\Program Files\Windows Media Player\wmpnetwk.exe
                          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                          C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                          C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
                          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                          C:\Program Files (x86)\Internet Explorer\iexplore.exe
                          C:\Program Files (x86)\Internet Explorer\iexplore.exe
                          C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
                          C:\Program Files (x86)\Internet Explorer\iexplore.exe
                          C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
                          C:\Windows\system32\wuauclt.exe
                          C:\Windows\system32\svchost.exe -k SDRSVC
                          C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
                          C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
                          C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
                          C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
                          C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
                          C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
                          C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
                          C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
                          C:\Program Files (x86)\AVG\AVG2013\avgui.exe
                          C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
                          C:\Program Files (x86)\Internet Explorer\iexplore.exe
                          C:\Windows\system32\msiexec.exe
                          C:\Program Files (x86)\Internet Explorer\iexplore.exe
                          C:\Windows\system32\taskeng.exe
                          C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                          C:\Windows\system32\SearchIndexer.exe
                          C:\Windows\system32\wbem\wmiprvse.exe
                          C:\Windows\system32\SearchProtocolHost.exe
                          C:\Windows\system32\SearchFilterHost.exe
                          C:\Windows\System32\cscript.exe
                          .
                          ============== Pseudo HJT Report ===============
                          .
                          uStart Page = hxxp://www.kpnvandaag.nl/
                          uSearch Bar = hxxp://www.google.com/ie
                          uSearch Page = hxxp://www.google.com
                          uDefault_Search_URL = hxxp://www.google.com/ie
                          uSearchAssistant = hxxp://www.google.com/ie
                          uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
                          uURLSearchHooks: {95324e44-4b0a-47a9-8f77-9c6415e51c29} - <orphaned>
                          uURLSearchHooks: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - <orphaned>
                          mWinlogon: Userinit = userinit.exe,
                          BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
                          BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                          BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
                          TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                          TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                          uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
                          uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
                          mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
                          mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                          mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
                          mRun: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
                          mRun: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
                          mRun: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
                          mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
                          mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
                          mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                          mPolicies-Explorer: NoActiveDesktop = dword:1
                          mPolicies-Explorer: NoActiveDesktopChanges = dword:1
                          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                          mPolicies-System: ConsentPromptBehaviorUser = dword:3
                          mPolicies-System: EnableUIADesktopToggle = dword:0
                          IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
                          IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
                          IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
                          DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
                          DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
                          DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab
                          DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
                          DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
                          DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
                          TCP: NameServer = 192.168.2.254
                          TCP: Interfaces\{07000A18-84FE-46C8-A63A-1B674A90AE3D} : DHCPNameServer = 192.168.2.254
                          TCP: Interfaces\{07000A18-84FE-46C8-A63A-1B674A90AE3D}\4656D696261627472756E637 : DHCPNameServer = 192.168.2.254
                          TCP: Interfaces\{2F5A9128-446E-442F-A03F-4561886BBD03} : DHCPNameServer = 192.168.2.254
                          TCP: Interfaces\{3F0889FA-47E8-4C10-89FE-06F4BA4A4385} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
                          TCP: Interfaces\{66037489-544E-44FD-BD37-3521170040A0} : DHCPNameServer = 192.168.2.254
                          TCP: Interfaces\{66037489-544E-44FD-BD37-3521170040A0}\4586F6D637F6E6332433832454 : DHCPNameServer = 192.168.2.254
                          TCP: Interfaces\{66037489-544E-44FD-BD37-3521170040A0}\4656D696261627472756E637 : DHCPNameServer = 192.168.2.254
                          TCP: Interfaces\{7ED53C43-E5FA-41C6-8DD8-A48799B8F482} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
                          TCP: Interfaces\{D2902558-8DCF-431F-B636-ACA9D99D7D05} : DHCPNameServer = 192.168.2.254
                          Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
                          Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
                          Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
                          Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
                          SSODL: WebCheck - <orphaned>
                          x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
                          x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
                          x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                          x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
                          x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
                          x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
                          x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
                          x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
                          x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
                          x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
                          x64-DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
                          x64-DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
                          x64-DPF: {60677965-AB8B-464F-9B04-4BA871A2F17F} - hxxps://tobias.edutopics.nl/Main_Financien/Reserved.ReportViewerWebPart.axd?ReportSession=znijmcytnzju4sqrzibmzruc&ControlID=bb86c5221a0d4bcf83 fd8f52e5b58427&Culture=1043&UICulture=1043&ReportStack=1&OpType=PrintCab&Arch=X64
                          x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
                          x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
                          x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
                          x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
                          x64-Notify: igfxcui - igfxdev.dll
                          x64-SSODL: WebCheck - <orphaned>
                          .
                          ================= FIREFOX ===================
                          .
                          FF - ProfilePath - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\jbee1n07.default-1375229200611\
                          FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
                          FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
                          FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
                          FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
                          FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
                          FF - plugin: C:\Users\W7\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
                          FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
                          FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
                          FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
                          FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
                          FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
                          FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
                          FF - plugin: D:\Picasa3\npPicasa3.dll
                          .
                          ============= SERVICES / DRIVERS ===============
                          .
                          R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
                          R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
                          R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
                          R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-7-10 45880]
                          R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-10-1 302120]
                          R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072]
                          R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
                          R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
                          R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-29 241152]
                          R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-3-28 361984]
                          R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
                          R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
                          R2 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2010-11-1 38144]
                          R2 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2010-11-1 62080]
                          R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
                          R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-17 344680]
                          R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-4-3 58536]
                          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
                          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
                          S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2009-11-16 40144]
                          S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2009-11-16 42192]
                          S3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;C:\Windows\System32\drivers\netr7364.sys [2009-6-10 707072]
                          S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-10 91648]
                          S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-10 208896]
                          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
                          S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
                          .
                          =============== Created Last 30 ================
                          .
                          2013-07-30 23:31:33 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
                          2013-07-30 23:25:01 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                          2013-07-22 23:07:37 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
                          2013-07-22 23:07:37 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
                          2013-07-22 23:07:37 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
                          2013-07-22 23:07:37 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
                          2013-07-22 23:07:37 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
                          2013-07-22 23:07:37 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
                          2013-07-22 23:07:37 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
                          2013-07-22 23:07:31 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
                          2013-07-22 23:07:31 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
                          2013-07-22 23:06:54 1545728 ----a-w- C:\Windows\System32\DWrite.dll
                          2013-07-22 23:06:54 1077760 ----a-w- C:\Windows\SysWow64\DWrite.dll
                          2013-07-22 20:40:23 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
                          2013-07-22 20:40:23 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
                          2013-07-22 20:40:23 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
                          2013-07-22 20:40:22 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
                          2013-07-22 20:40:22 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
                          2013-07-22 20:39:21 624128 ----a-w- C:\Windows\System32\qedit.dll
                          2013-07-22 20:39:21 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
                          2013-07-22 20:39:06 3153920 ----a-w- C:\Windows\System32\win32k.sys
                          2013-07-22 20:20:56 -------- d--h--w- C:\$AVG
                          2013-07-19 23:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys
                          2013-07-19 23:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
                          2013-07-19 23:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
                          2013-07-19 23:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
                          2013-07-17 09:26:33 -------- d-----w- C:\Program Files (x86)\RoosRoos Loon 2013
                          2013-07-09 23:32:38 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
                          2013-07-09 13:40:17 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
                          2013-07-03 07:56:26 -------- d-----w- C:\Program Files (x86)\SafeSaver
                          2013-07-03 07:54:58 -------- d-----w- C:\ProgramData\StarApp
                          2013-07-03 07:54:11 -------- d-----w- C:\ProgramData\InstallMate
                          .
                          ==================== Find3M ====================
                          .
                          2013-07-30 23:31:22 972712 ----a-w- C:\Windows\System32\deployJava1.dll
                          2013-07-30 23:31:22 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll
                          2013-07-30 23:24:49 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
                          2013-07-30 23:24:49 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
                          2013-07-23 21:24:44 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                          2013-07-23 21:24:44 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                          2013-06-30 23:45:28 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
                          2013-05-29 05:43:16 2312704 ----a-w- C:\Windows\System32\jscript9.dll
                          2013-05-29 05:35:44 1392128 ----a-w- C:\Windows\System32\wininet.dll
                          2013-05-29 05:34:14 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
                          2013-05-29 05:29:56 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
                          2013-05-29 05:29:02 599040 ----a-w- C:\Windows\System32\vbscript.dll
                          2013-05-29 05:25:09 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
                          2013-05-29 01:50:14 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
                          2013-05-29 01:41:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                          2013-05-29 01:41:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
                          2013-05-29 01:37:15 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
                          2013-05-29 01:36:09 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
                          2013-05-29 01:33:22 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                          2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
                          2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
                          2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
                          2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
                          2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
                          2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
                          2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
                          2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
                          2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
                          2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
                          2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
                          2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
                          2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
                          .
                          ============= FINISH: 9:49:58,71 ===============



                          attach.txt

                          Comment


                          • #14
                            Prima



                            Download TFC en sla deze op je Bureaublad op.
                            • Dubbelklik op TFC.exe om het programma te openen.
                            • Het programma zal alle andere programma's sluiten, zorg er dus voor dat je al je werk hebt opgeslagen voordat je verder gaat.
                            • Klik op de knop Start om het programma te starten.
                            • Als het programma klaar is, dan zal het je computer opnieuw opstarten.
                              Als dit niet gebeurt, start dan je computer handmatig opnieuw op.


                            _____________________________________________________________

                            Download Combofix en plaats het op je bureaublad.

                            Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                            Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.


                            Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.


                            Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                            Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                            Als Combofix vraagt om een update, dan staat je dit toe.

                            Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                            Deze kan je vinden als C:\combofix.txt.

                            Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                            * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                            • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                            • Illegal operation attempted on a registry key that has been marked for deletion.
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment


                            • #15
                              ComboFix 13-07-31.02 - W7 31-07-2013 21:45:26.2.2 - x64
                              Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3710.2512 [GMT 2:00]
                              Gestart vanuit: c:\users\W7\Desktop\ComboFix.exe
                              AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
                              SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
                              SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                              .
                              .
                              (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                              .
                              .
                              c:\users\W7\AppData\Roaming\Okupav
                              c:\users\W7\AppData\Roaming\Okupav\qyefa.syh
                              .
                              .
                              (((((((((((((((((((( Bestanden Gemaakt van 2013-06-28 to 2013-07-31 ))))))))))))))))))))))))))))))
                              .
                              .
                              2013-07-31 19:54 . 2013-07-31 19:54 -------- d-----w- c:\users\Default\AppData\Local\temp
                              2013-07-30 23:31 . 2013-07-30 23:31 312232 ----a-w- c:\windows\system32\javaws.exe
                              2013-07-30 23:31 . 2013-07-30 23:31 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
                              2013-07-30 23:31 . 2013-07-30 23:31 189352 ----a-w- c:\windows\system32\javaw.exe
                              2013-07-30 23:31 . 2013-07-30 23:31 188840 ----a-w- c:\windows\system32\java.exe
                              2013-07-30 23:25 . 2013-07-30 23:25 -------- d-----w- c:\program files (x86)\Common Files\Java
                              2013-07-30 23:25 . 2013-07-30 23:24 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                              2013-07-30 23:24 . 2013-07-30 23:24 -------- d-----w- c:\program files (x86)\Java
                              2013-07-22 23:07 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
                              2013-07-22 23:07 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
                              2013-07-22 23:07 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
                              2013-07-22 23:07 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
                              2013-07-22 23:07 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
                              2013-07-22 23:07 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
                              2013-07-22 23:07 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
                              2013-07-22 23:07 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
                              2013-07-22 23:07 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
                              2013-07-22 23:06 . 2013-04-10 05:45 1545728 ----a-w- c:\windows\system32\DWrite.dll
                              2013-07-22 23:06 . 2013-04-10 05:02 1077760 ----a-w- c:\windows\SysWow64\DWrite.dll
                              2013-07-22 20:40 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
                              2013-07-22 20:40 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
                              2013-07-22 20:40 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
                              2013-07-22 20:40 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
                              2013-07-22 20:40 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
                              2013-07-22 20:39 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
                              2013-07-22 20:39 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
                              2013-07-22 20:39 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
                              2013-07-22 20:20 . 2013-07-31 07:03 -------- d-----w- C:\$AVG
                              2013-07-19 23:51 . 2013-07-19 23:51 311608 ----a-w- c:\windows\system32\drivers\avgloga.sys
                              2013-07-19 23:50 . 2013-07-19 23:50 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
                              2013-07-19 23:50 . 2013-07-19 23:50 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
                              2013-07-19 23:50 . 2013-07-19 23:50 206648 ----a-w- c:\windows\system32\drivers\avgldx64.sys
                              2013-07-17 09:26 . 2013-07-17 09:26 -------- d-----w- c:\program files (x86)\RoosRoos Loon 2013
                              2013-07-09 23:32 . 2013-07-09 23:32 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
                              2013-07-09 13:40 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
                              2013-07-03 08:14 . 2013-07-03 08:51 -------- d-----w- c:\users\W7\AppData\Roaming\Audacity
                              2013-07-03 07:56 . 2013-07-09 14:15 -------- d-----w- c:\program files (x86)\SafeSaver
                              2013-07-03 07:54 . 2013-07-03 07:54 -------- d-----w- c:\programdata\StarApp
                              2013-07-03 07:54 . 2013-07-03 07:56 -------- d-----w- c:\programdata\InstallMate
                              .
                              .
                              .
                              ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                              .
                              2013-07-30 23:31 . 2012-10-01 10:46 972712 ----a-w- c:\windows\system32\deployJava1.dll
                              2013-07-30 23:31 . 2012-10-01 10:46 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
                              2013-07-30 23:24 . 2012-06-01 06:54 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
                              2013-07-30 23:24 . 2011-12-17 09:48 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
                              2013-07-23 21:24 . 2012-06-25 12:03 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                              2013-07-23 21:24 . 2011-12-17 09:48 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                              2013-07-22 20:54 . 2011-07-12 14:57 78185248 ----a-w- c:\windows\system32\MRT.exe
                              2013-06-30 23:45 . 2013-06-30 23:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
                              2013-05-17 04:50 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
                              .
                              .
                              ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                              .
                              .
                              *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                              REGEDIT4
                              .
                              [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                              "IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2013-03-08 367016]
                              "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-18 39408]
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                              "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
                              "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
                              "SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
                              "PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
                              "PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
                              "IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
                              "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
                              "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]
                              "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
                              .
                              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                              "ConsentPromptBehaviorAdmin"= 5 (0x5)
                              "ConsentPromptBehaviorUser"= 3 (0x3)
                              "EnableUIADesktopToggle"= 0 (0x0)
                              .
                              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
                              "LoadAppInit_DLLs"=1 (0x1)
                              .
                              R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
                              R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                              R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
                              R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
                              R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys;c:\windows\SYSNATIVE\Drivers\qd162x64.sys [x]
                              R3 ioatdma2;Intel(R) QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys;c:\windows\SYSNATIVE\Drivers\qd262x64.sys [x]
                              R3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
                              R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
                              R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
                              R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                              R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\dr ivers\TsUsbGD.sys [x]
                              R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                              S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
                              S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
                              S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
                              S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
                              S0 mv91xx;mv91xx;c:\windows\system32\drivers\mv91xx.sys;c:\windows\SYSNATIVE\drivers\mv91xx.sys [x]
                              S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS \avgidsdrivera.sys [x]
                              S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
                              S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
                              S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
                              S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
                              S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
                              S2 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
                              S2 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
                              S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
                              S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
                              S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
                              S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                              S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
                              S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
                              S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
                              .
                              .
                              Inhoud van de 'Gedeelde Taken' map
                              .
                              2013-07-31 c:\windows\Tasks\Adobe Flash Player Updater.job
                              - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 21:24]
                              .
                              2013-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                              - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-18 10:17]
                              .
                              2013-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                              - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-18 10:17]
                              .
                              .
                              --------- X64 Entries -----------
                              .
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                              "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-10 167256]
                              "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-10 391512]
                              "Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-10 415064]
                              "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-07 12558440]
                              .
                              ------- Bijkomende Scan -------
                              .
                              uLocal Page = c:\windows\system32\blank.htm
                              uStart Page = hxxp://www.kpnvandaag.nl/
                              uDefault_Search_URL = hxxp://www.google.com/ie
                              mLocal Page = c:\windows\SysWOW64\blank.htm
                              uSearchAssistant = hxxp://www.google.com/ie
                              uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
                              IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
                              IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
                              TCP: DhcpNameServer = 192.168.2.254
                              FF - ProfilePath - c:\users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\jbee1n07.default-1375229200611\
                              .
                              - - - - ORPHANS VERWIJDERD - - - -
                              .
                              URLSearchHooks-{95324e44-4b0a-47a9-8f77-9c6415e51c29} - (no file)
                              URLSearchHooks-{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file)
                              WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
                              .
                              .
                              .
                              --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                              .
                              [HKEY_USERS\S-1-5-21-634450995-3655590467-1663320118-1000\Software\SecuROM\License information*]
                              "datasecu"=hex:79,20,af,54,6b,6f,6b,34,b7,47,8f,f2,ad,e3,82,3a,ef,36,27,d8,ab,
                              44,7d,72,4e,3d,99,b2,70,33,5d,c2,50,f5,44,e7,11,a9,4a,ad,ca,cf,4a,c8,a1,de,\
                              "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                              @Denied: (A 2) (Everyone)
                              @="FlashBroker"
                              "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                              "Enabled"=dword:00000001
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                              @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                              @Denied: (A 2) (Everyone)
                              @="IFlashBroker5"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                              @="{00020424-0000-0000-C000-000000000046}"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                              "Version"="1.0"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                              @Denied: (A 2) (Everyone)
                              @="FlashBroker"
                              "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                              "Enabled"=dword:00000001
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                              @Denied: (A 2) (Everyone)
                              @="Shockwave Flash Object"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
                              "ThreadingModel"="Apartment"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                              @="0"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                              @="ShockwaveFlash.ShockwaveFlash.11"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                              @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                              @="1.0"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                              @="ShockwaveFlash.ShockwaveFlash"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                              @Denied: (A 2) (Everyone)
                              @="Macromedia Flash Factory Object"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
                              "ThreadingModel"="Apartment"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                              @="FlashFactory.FlashFactory.1"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                              @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                              @="1.0"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                              @="FlashFactory.FlashFactory"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                              @Denied: (A 2) (Everyone)
                              @="IFlashBroker5"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                              @="{00020424-0000-0000-C000-000000000046}"
                              .
                              [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                              "Version"="1.0"
                              .
                              [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
                              @Denied: (Full) (Everyone)
                              .
                              Voltooingstijd: 2013-07-31 21:57:59
                              ComboFix-quarantined-files.txt 2013-07-31 19:57
                              .
                              Pre-Run: 147.089.068.032 bytes beschikbaar
                              Post-Run: 146.930.507.776 bytes beschikbaar
                              .
                              - - End Of File - - 6E12853F08DAB19E7B673CF97C2D0C98
                              A36C5E4F47E84449FF07ED3517B43A31


                              DDS (Ver_2012-11-20.01) - NTFS_AMD64
                              Internet Explorer: 9.0.8112.16496 BrowserJavaVersion: 10.25.2
                              Run by W7 at 22:02:06 on 2013-07-31
                              Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3710.2231 [GMT 2:00]
                              .
                              AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
                              SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                              SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
                              .
                              ============== Running Processes ===============
                              .
                              C:\Windows\system32\lsm.exe
                              C:\Windows\system32\svchost.exe -k DcomLaunch
                              C:\Windows\system32\svchost.exe -k RPCSS
                              C:\Windows\system32\atiesrxx.exe
                              C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                              C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                              C:\Windows\system32\svchost.exe -k netsvcs
                              C:\Windows\system32\svchost.exe -k LocalService
                              C:\Windows\system32\atieclxx.exe
                              C:\Windows\system32\svchost.exe -k NetworkService
                              C:\Windows\System32\spoolsv.exe
                              C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                              C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                              C:\Windows\system32\taskhost.exe
                              C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
                              C:\Windows\system32\Dwm.exe
                              C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
                              C:\Windows\Explorer.EXE
                              C:\Windows\system32\IProsetMonitor.exe
                              C:\Windows\system32\svchost.exe -k imgsvc
                              C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
                              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                              C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
                              C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                              C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
                              C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                              C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
                              C:\Program Files (x86)\AVG\AVG2013\avgui.exe
                              C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                              C:\Windows\system32\SearchIndexer.exe
                              C:\Program Files\Windows Media Player\wmpnetwk.exe
                              C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                              C:\Windows\System32\WUDFHost.exe
                              C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                              C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
                              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                              C:\Windows\system32\wuauclt.exe
                              C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
                              C:\Windows\system32\svchost.exe -k SDRSVC
                              C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
                              C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
                              C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
                              C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
                              C:\Program Files (x86)\Internet Explorer\iexplore.exe
                              C:\Program Files (x86)\Internet Explorer\iexplore.exe
                              C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
                              C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
                              C:\Windows\system32\wbem\wmiprvse.exe
                              C:\Windows\System32\cscript.exe
                              .
                              ============== Pseudo HJT Report ===============
                              .
                              uStart Page = hxxp://www.kpnvandaag.nl/
                              uDefault_Search_URL = hxxp://www.google.com/ie
                              uSearchAssistant = hxxp://www.google.com/ie
                              uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
                              BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
                              BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                              BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                              BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
                              TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                              TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                              uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
                              uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
                              mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
                              mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                              mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
                              mRun: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
                              mRun: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
                              mRun: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
                              mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
                              mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
                              mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                              uPolicies-Explorer: NoDrives = dword:0
                              mPolicies-Explorer: NoDrives = dword:0
                              mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                              mPolicies-System: ConsentPromptBehaviorUser = dword:3
                              mPolicies-System: EnableUIADesktopToggle = dword:0
                              IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
                              IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
                              IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
                              DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
                              DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
                              DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab
                              DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
                              DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
                              DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
                              TCP: NameServer = 192.168.2.254
                              TCP: Interfaces\{07000A18-84FE-46C8-A63A-1B674A90AE3D} : DHCPNameServer = 192.168.2.254
                              TCP: Interfaces\{07000A18-84FE-46C8-A63A-1B674A90AE3D}\4656D696261627472756E637 : DHCPNameServer = 192.168.2.254
                              TCP: Interfaces\{2F5A9128-446E-442F-A03F-4561886BBD03} : DHCPNameServer = 192.168.2.254
                              TCP: Interfaces\{3F0889FA-47E8-4C10-89FE-06F4BA4A4385} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
                              TCP: Interfaces\{66037489-544E-44FD-BD37-3521170040A0} : DHCPNameServer = 192.168.2.254
                              TCP: Interfaces\{66037489-544E-44FD-BD37-3521170040A0}\4586F6D637F6E6332433832454 : DHCPNameServer = 192.168.2.254
                              TCP: Interfaces\{66037489-544E-44FD-BD37-3521170040A0}\4656D696261627472756E637 : DHCPNameServer = 192.168.2.254
                              TCP: Interfaces\{7ED53C43-E5FA-41C6-8DD8-A48799B8F482} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
                              TCP: Interfaces\{D2902558-8DCF-431F-B636-ACA9D99D7D05} : DHCPNameServer = 192.168.2.254
                              Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
                              Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
                              Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
                              Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
                              SSODL: WebCheck - <orphaned>
                              x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
                              x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
                              x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                              x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
                              x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
                              x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
                              x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
                              x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
                              x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
                              x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
                              x64-DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
                              x64-DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
                              x64-DPF: {60677965-AB8B-464F-9B04-4BA871A2F17F} - hxxps://tobias.edutopics.nl/Main_Financien/Reserved.ReportViewerWebPart.axd?ReportSession=znijmcytnzju4sqrzibmzruc&ControlID=bb86c5221a0d4bcf83 fd8f52e5b58427&Culture=1043&UICulture=1043&ReportStack=1&OpType=PrintCab&Arch=X64
                              x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
                              x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
                              x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
                              x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
                              x64-Notify: igfxcui - igfxdev.dll
                              x64-SSODL: WebCheck - <orphaned>
                              .
                              ================= FIREFOX ===================
                              .
                              FF - ProfilePath - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\jbee1n07.default-1375229200611\
                              .
                              ============= SERVICES / DRIVERS ===============
                              .
                              R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
                              R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
                              R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
                              R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-7-10 45880]
                              R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-10-1 302120]
                              R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072]
                              R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
                              R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
                              R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-29 241152]
                              R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-3-28 361984]
                              R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
                              R2 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2010-11-1 38144]
                              R2 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2010-11-1 62080]
                              R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-10 13592]
                              R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2011-7-12 171176]
                              R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-17 2984832]
                              R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-10 2656536]
                              R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
                              R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-17 344680]
                              R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-4-3 58536]
                              S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
                              S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
                              S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
                              S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2009-11-16 40144]
                              S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2009-11-16 42192]
                              S3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;C:\Windows\System32\drivers\netr7364.sys [2009-6-10 707072]
                              S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-10 91648]
                              S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-10 208896]
                              S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
                              S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
                              S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-12 1255736]
                              .
                              =============== Created Last 30 ================
                              .
                              2013-07-31 19:23:51 98816 ----a-w- C:\Windows\sed.exe
                              2013-07-31 19:23:51 256000 ----a-w- C:\Windows\PEV.exe
                              2013-07-31 19:23:51 208896 ----a-w- C:\Windows\MBR.exe
                              2013-07-30 23:31:33 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
                              2013-07-30 23:25:01 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                              2013-07-22 23:07:37 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
                              2013-07-22 23:07:37 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
                              2013-07-22 23:07:37 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
                              2013-07-22 23:07:37 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
                              2013-07-22 23:07:37 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
                              2013-07-22 23:07:37 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
                              2013-07-22 23:07:37 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
                              2013-07-22 23:07:31 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
                              2013-07-22 23:07:31 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
                              2013-07-22 23:06:54 1545728 ----a-w- C:\Windows\System32\DWrite.dll
                              2013-07-22 23:06:54 1077760 ----a-w- C:\Windows\SysWow64\DWrite.dll
                              2013-07-22 20:40:23 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
                              2013-07-22 20:40:23 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
                              2013-07-22 20:40:23 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
                              2013-07-22 20:40:22 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
                              2013-07-22 20:40:22 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
                              2013-07-22 20:39:21 624128 ----a-w- C:\Windows\System32\qedit.dll
                              2013-07-22 20:39:21 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
                              2013-07-22 20:39:06 3153920 ----a-w- C:\Windows\System32\win32k.sys
                              2013-07-22 20:20:56 -------- d-----w- C:\$AVG
                              2013-07-19 23:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys
                              2013-07-19 23:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
                              2013-07-19 23:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
                              2013-07-19 23:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
                              2013-07-17 09:26:33 -------- d-----w- C:\Program Files (x86)\RoosRoos Loon 2013
                              2013-07-09 23:32:38 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
                              2013-07-09 13:40:17 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
                              2013-07-03 07:56:26 -------- d-----w- C:\Program Files (x86)\SafeSaver
                              2013-07-03 07:54:58 -------- d-----w- C:\ProgramData\StarApp
                              2013-07-03 07:54:11 -------- d-----w- C:\ProgramData\InstallMate
                              .
                              ==================== Find3M ====================
                              .
                              2013-07-30 23:31:22 972712 ----a-w- C:\Windows\System32\deployJava1.dll
                              2013-07-30 23:31:22 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll
                              2013-07-30 23:24:49 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
                              2013-07-30 23:24:49 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
                              2013-07-23 21:24:44 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                              2013-07-23 21:24:44 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                              2013-06-30 23:45:28 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
                              2013-05-29 05:43:16 2312704 ----a-w- C:\Windows\System32\jscript9.dll
                              2013-05-29 05:35:44 1392128 ----a-w- C:\Windows\System32\wininet.dll
                              2013-05-29 05:34:14 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
                              2013-05-29 05:29:56 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
                              2013-05-29 05:29:02 599040 ----a-w- C:\Windows\System32\vbscript.dll
                              2013-05-29 05:25:09 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
                              2013-05-29 01:50:14 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
                              2013-05-29 01:41:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                              2013-05-29 01:41:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
                              2013-05-29 01:37:15 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
                              2013-05-29 01:36:09 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
                              2013-05-29 01:33:22 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                              2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
                              2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
                              2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
                              2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
                              2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
                              2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
                              2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
                              2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
                              2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
                              2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
                              2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
                              2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
                              2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
                              .
                              ============= FINISH: 22:02:28,04 ===============

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X