Mededeling

Collapse
No announcement yet.

Virus speelt geluid af.

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Virus speelt geluid af.

    Hallo,

    Sinds enige tijd hoor ik opeens rare geluiden uit mijn speaker. Het is volgens mij Russisch, en ik kan het niet uitkrijgen. Zelfs als mijn volume op 0 staat, blijf ik de geluiden horen. Ook wanneer mijn internetverbinding uitzet gaat het nog eventjes door. Ik heb mijn computer al gescand met Anti-malware, maar ik heb nog steeds het probleem. Mijn anti-virus is AVG, maar ook die detecteert niks. Ik hoop dat jullie mij kunnen helpen met dit vervelende probleem.

    Gr jeroen

    Hieronder mijn DSS.txt

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.9.2
    Run by Youro das at 16:26:43 on 2013-11-07
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.1965 [GMT 1:00]
    .
    AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\WinArchiver\WAService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\CBTWlanSrv.exe
    C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe
    C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\PixArt\PAC207\Monitor.exe
    C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
    C:\Program Files (x86)\Sitecom\Common\WLANUtil.exe
    C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    C:\Program Files (x86)\WinArchiver\WAHELPER.EXE
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    Q:\140066.nld\Office14\MSOSYNC.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
    C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe
    C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\sppsvc.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://packardbell.msn.com
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll
    uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE" /quietlaunch "MSOSYNC 9014006604130000"
    uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
    mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [WAHELPER.EXE] "C:\Program Files (x86)\WinArchiver\WAHELPER.EXE"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SITECO~1.LNK - C:\Program Files (x86)\Sitecom\Common\WLANUtil.exe
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
    DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.134.0.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab
    DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
    DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{1CD0502A-8736-4AE3-8536-04E097598EA8} : DHCPNameServer = 192.168.2.254
    TCP: Interfaces\{F6B57BB5-1057-440E-A32E-5679BAC816F5} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{F6B57BB5-1057-440E-A32E-5679BAC816F5}\441637D2759666960213 : DHCPNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
    TCP: Interfaces\{F6B57BB5-1057-440E-A32E-5679BAC816F5}\441637D2759666960223 : DHCPNameServer = 192.168.2.254
    TCP: Interfaces\{F6B57BB5-1057-440E-A32E-5679BAC816F5}\441637D275966696D213 : DHCPNameServer = 192.168.2.254
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
    x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
    x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Youro das\AppData\Roaming\Mozilla\Firefox\Profiles\9rxeza6k.default\
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-8-18 55024]
    R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2013-1-6 317808]
    R0 waemu;waemu;C:\Windows\System32\drivers\waemu.sys [2012-12-1 139744]
    R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2011-5-23 48992]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-4-11 384800]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 46368]
    R1 RapportCerberus_59849;RapportCerberus_59849;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerber us\baseline\RapportCerberus64_59849.sys [2013-10-29 606672]
    R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-10-17 284176]
    R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-10-17 399312]
    R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-3-30 202752]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-7-4 361984]
    R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
    R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-12-5 2321560]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
    R2 CBTWlanSrv;CBT Wlan Service;C:\Windows\CBTWlanSrv.exe [2011-8-18 106496]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
    R2 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-1-8 23584]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-6 418376]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-6 701512]
    R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
    R2 OfficeSvc;Microsoft Office-service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-9-22 1907896]
    R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe [2011-10-23 185632]
    R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe [2011-10-23 212256]
    R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-10-17 1444120]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
    R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-8-31 243232]
    R2 vToolbarUpdater17.0.1;vToolbarUpdater17.0.1;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe [2013-9-30 1734680]
    R2 WinArchiver Service;WinArchiver Service;C:\Program Files (x86)\WinArchiver\WAService.exe [2012-9-25 201824]
    R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-12-1 46136]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-6 25928]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
    S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-17 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
    S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2013-5-15 14448]
    S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\System32\drivers\netr7364.sys [2010-8-31 716800]
    S3 PAC207;Trust 100K Series Webcam;C:\Windows\System32\drivers\PFC027.SYS [2011-8-19 686592]
    S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-5-15 155824]
    S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
    S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
    S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
    S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-8-19 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-19 1255736]
    .
    =============== Created Last 30 ================
    .
    2013-11-07 14:11:39 -------- d-sh--w- C:\$RECYCLE.BIN
    2013-11-07 13:34:48 -------- d-----w- C:\ComboFix
    2013-11-07 09:46:52 -------- d-----w- C:\Users\Youro das\AppData\Local\{3598C93C-287E-4CBF-80AB-7BA84B1E14CC}
    2013-11-06 17:31:47 -------- d-----w- C:\Users\Youro das\AppData\Local\{6211EFFB-A1BC-4A80-9FED-93D39842E67D}
    2013-11-06 15:45:29 98816 ----a-w- C:\Windows\sed.exe
    2013-11-06 15:45:29 256000 ----a-w- C:\Windows\PEV.exe
    2013-11-06 15:45:29 208896 ----a-w- C:\Windows\MBR.exe
    2013-11-06 14:23:12 -------- d-----w- C:\Users\Youro das\AppData\Roaming\Malwarebytes
    2013-11-06 14:22:39 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-11-06 14:22:37 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-11-06 14:22:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-11-06 05:31:11 -------- d-----w- C:\Users\Youro das\AppData\Local\{DF1AF243-E023-43B3-81C4-E0B0896369EF}
    2013-11-05 06:25:29 -------- d-----w- C:\Users\Youro das\AppData\Local\{75443BC8-8137-4BB8-8EF3-FCBF4B437F08}
    2013-11-04 07:30:23 -------- d-----w- C:\Users\Youro das\AppData\Local\{029D5135-43B1-4C75-A3D3-9D0CD0A8058C}
    2013-11-03 06:49:23 -------- d-----w- C:\Users\Youro das\AppData\Local\{1A51E809-FA3E-457E-A9DB-5AD97B87804D}
    2013-11-02 07:24:57 -------- d-----w- C:\Users\Youro das\AppData\Local\{636CB352-5733-47E0-8ECA-9752A4628916}
    2013-11-01 09:31:05 -------- d-----w- C:\Users\Youro das\AppData\Local\{583BCABB-B5FF-4610-BC26-4A18F5FF389D}
    2013-10-31 15:14:08 -------- d-----w- C:\Users\Youro das\AppData\Local\Adobe
    2013-10-31 06:35:16 -------- d-----w- C:\Users\Youro das\AppData\Local\{0AE8694B-29AF-4DB2-A3A8-BFA1F0B40249}
    2013-10-30 13:46:59 -------- d-----w- C:\Users\Youro das\AppData\Local\{DE2243E0-9C24-4D10-88AD-5F94E60AB0F0}
    2013-10-29 09:31:47 -------- d-----w- C:\Users\Youro das\AppData\Local\{9D587F80-91D5-451B-AC04-FCF61BC8F91B}
    2013-10-28 05:31:00 -------- d-----w- C:\Users\Youro das\AppData\Local\{E5644E36-83B2-4F8C-B75E-717969AFAC06}
    2013-10-27 07:15:27 -------- d-----w- C:\Users\Youro das\AppData\Local\{10DF25EC-BBF3-4208-9E8F-CA2EEB5B37E1}
    2013-10-26 06:39:03 -------- d-----w- C:\Users\Youro das\AppData\Local\{29137C75-B8E2-4391-9E07-35F7E4F93A38}
    2013-10-25 05:48:04 -------- d-----w- C:\Users\Youro das\AppData\Local\{0B84A788-D014-428A-A9B8-161E39A61194}
    2013-10-24 05:33:42 -------- d-----w- C:\Users\Youro das\AppData\Local\{406BD515-3DF4-4C17-AAA9-9B9CF9EB436F}
    2013-10-23 06:08:27 -------- d-----w- C:\Users\Youro das\AppData\Local\{60775B72-354B-4227-9779-D92A07C91596}
    2013-10-22 06:33:42 -------- d-----w- C:\Users\Youro das\AppData\Local\{5268574E-C994-4199-A72E-0EF7ACEC71D3}
    2013-10-21 05:58:34 -------- d-----w- C:\Users\Youro das\AppData\Local\{A795DDEB-32FF-4C78-AACB-2A01F775372D}
    2013-10-20 08:16:43 -------- d-----w- C:\Users\Youro das\AppData\Local\{433E3DF2-F796-47C2-9B0D-AFF6FF2A0A54}
    2013-10-19 09:33:37 -------- d-----w- C:\Users\Youro das\AppData\Local\{EE162EA5-4FEF-4E1C-9A83-DF92760E2198}
    2013-10-16 16:05:46 -------- d-----w- C:\Program Files\Enigma Software Group
    2013-10-16 16:05:04 -------- d-----w- C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
    2013-10-16 16:05:02 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2013-10-16 06:33:36 -------- d-----w- C:\Users\Youro das\AppData\Local\{246150DC-CCC3-4230-BB2C-77B7FA04A525}
    2013-10-15 06:35:32 -------- d-----w- C:\Users\Youro das\AppData\Local\{6133A688-EC7B-4A22-8B0D-CFC0E5CC702C}
    2013-10-14 16:10:42 -------- d-----w- C:\Users\Youro das\AppData\Local\{FBC21A6C-DF9A-48D7-93F1-423807A1A7EF}
    2013-10-13 14:15:44 -------- d-----w- C:\Users\Youro das\AppData\Local\{C5DB22F5-BBB7-4965-A6D3-C1376D0EDCE8}
    2013-10-12 07:42:38 -------- d-----w- C:\Users\Youro das\AppData\Local\{419473AB-EF0C-4D2E-AFE8-2228B4F6326F}
    2013-10-11 06:07:56 -------- d-----w- C:\Users\Youro das\AppData\Local\{4459D42C-8FFD-406B-AA29-F2783E1ADCA5}
    2013-10-10 06:25:34 -------- d-----w- C:\Users\Youro das\AppData\Local\{E1244E12-B873-4CC0-8B63-23DB4A321E94}
    2013-10-09 15:04:00 633856 ----a-w- C:\Windows\System32\comctl32.dll
    2013-10-09 15:03:59 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll
    2013-10-09 15:03:02 368128 ----a-w- C:\Windows\System32\atmfd.dll
    2013-10-09 15:03:02 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2013-10-09 15:03:01 41472 ----a-w- C:\Windows\System32\lpk.dll
    2013-10-09 15:03:01 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
    2013-10-09 15:03:01 14336 ----a-w- C:\Windows\System32\dciman32.dll
    2013-10-09 15:03:01 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
    2013-10-09 15:03:01 100864 ----a-w- C:\Windows\System32\fontsub.dll
    2013-10-09 15:03:00 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
    2013-10-09 15:03:00 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2013-10-09 15:03:00 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2013-10-09 15:02:46 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
    2013-10-09 15:02:43 109824 ----a-w- C:\Windows\System32\drivers\USBAUDIO.sys
    2013-10-09 15:02:43 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys
    2013-10-09 15:02:42 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
    2013-10-09 15:02:42 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys
    2013-10-09 15:01:37 259584 ----a-w- C:\Windows\System32\WebClnt.dll
    2013-10-09 15:01:37 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll
    2013-10-09 15:01:36 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
    2013-10-09 15:01:36 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
    2013-10-09 15:01:36 102400 ----a-w- C:\Windows\System32\davclnt.dll
    2013-10-09 15:01:35 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-10-09 15:01:34 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
    2013-10-09 15:01:34 327168 ----a-w- C:\Windows\System32\mswsock.dll
    2013-10-09 15:01:33 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
    2013-10-09 15:01:30 3155968 ----a-w- C:\Windows\System32\win32k.sys
    2013-10-09 07:05:56 -------- d-----w- C:\Users\Youro das\AppData\Local\{195D7181-B533-49A8-A872-F2B99B3DE0B2}
    .
    ==================== Find3M ====================
    .
    2013-10-17 14:05:00 317808 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
    2013-10-10 07:09:17 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-10-10 07:09:17 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-09-30 16:05:31 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
    2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
    2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
    2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
    2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
    2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
    2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
    2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
    2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
    2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
    2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
    2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
    .
    ============= FINISH: 16:27:31,12 ===============

  • #2
    Mag ik de combofix uitslag ook zien aub.

    En wil je deze aub runnen.

    Download MBRCheck.exe naar je bureaublad.
    • Dubbelklik op MBRCheck.exe om het programma te openen.
    • Zo'n soort venster zal geopend worden:



    • Als je (zoals hierboven in de afbeelding) een melding krijgt, typ dan op N en druk op Enter.
    • Druk nogmaals op Enter.
    • Een kladblokbestand genaamd MBRCheck_mm.dd.yy_hh.mm.ss zal op je bureaublad worden opgeslagen. Post de inhoud van dit bestand in je volgende bericht.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Hieronder mijn uitslag van de combofix

      ComboFix 13-11-07.01 - Youro das 09-11-2013 11:50:37.3.4 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2558 [GMT 1:00]
      Gestart vanuit: c:\users\Youro das\Downloads\ComboFix.exe
      AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
      FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
      SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Nieuw herstelpunt werd aangemaakt
      .
      .
      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\programdata\29B
      c:\programdata\29B\{69D9C079-343C-4B61-AE60-9CE2EDA931AD}.swf
      c:\users\Youro das\AppData\Roaming\Waunw
      c:\users\Youro das\AppData\Roaming\Waunw\zodye.iqi
      .
      .
      (((((((((((((((((((( Bestanden Gemaakt van 2013-10-09 to 2013-11-09 ))))))))))))))))))))))))))))))
      .
      .
      2013-11-09 11:11 . 2013-11-09 11:11 -------- d-----w- c:\users\Default\AppData\Local\temp
      2013-11-06 14:23 . 2013-11-06 14:23 -------- d-----w- c:\users\Youro das\AppData\Roaming\Malwarebytes
      2013-11-06 14:22 . 2013-11-06 14:22 -------- d-----w- c:\programdata\Malwarebytes
      2013-11-06 14:22 . 2013-11-06 14:22 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2013-11-06 14:22 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
      2013-10-31 15:14 . 2013-10-31 15:14 -------- d-----w- c:\users\Youro das\AppData\Local\Adobe
      2013-10-16 16:05 . 2013-10-16 16:05 -------- d-----w- c:\program files\Enigma Software Group
      2013-10-16 16:05 . 2013-10-19 12:18 -------- d-----w- c:\windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
      2013-10-16 16:05 . 2013-10-16 16:05 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
      .
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-10-17 14:05 . 2013-01-06 17:11 317808 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
      2013-10-10 07:09 . 2012-05-19 18:39 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2013-10-10 07:09 . 2011-11-07 19:53 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-10-10 06:33 . 2011-10-24 09:08 80541720 ----a-w- c:\windows\system32\MRT.exe
      2013-09-30 16:05 . 2012-09-04 10:28 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
      2013-09-22 23:28 . 2013-10-10 06:43 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
      2013-09-22 23:27 . 2013-10-10 06:43 2876928 ----a-w- c:\windows\SysWow64\jscript9.dll
      2013-09-22 23:27 . 2013-10-10 06:43 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
      2013-09-22 23:27 . 2013-10-10 06:43 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
      2013-09-22 22:55 . 2013-10-10 06:43 51712 ----a-w- c:\windows\system32\ie4uinit.exe
      2013-09-22 22:55 . 2013-10-10 06:43 2241024 ----a-w- c:\windows\system32\wininet.dll
      2013-09-22 22:55 . 2013-10-10 06:43 1365504 ----a-w- c:\windows\system32\urlmon.dll
      2013-09-22 22:54 . 2013-10-10 06:43 603136 ----a-w- c:\windows\system32\msfeeds.dll
      2013-09-22 22:54 . 2013-10-10 06:43 19252224 ----a-w- c:\windows\system32\mshtml.dll
      2013-09-22 22:54 . 2013-10-10 06:43 855552 ----a-w- c:\windows\system32\jscript.dll
      2013-09-22 22:54 . 2013-10-10 06:43 3959296 ----a-w- c:\windows\system32\jscript9.dll
      2013-09-22 22:54 . 2013-10-10 06:43 53248 ----a-w- c:\windows\system32\jsproxy.dll
      2013-09-22 22:54 . 2013-10-10 06:43 526336 ----a-w- c:\windows\system32\ieui.dll
      2013-09-22 22:54 . 2013-10-10 06:43 67072 ----a-w- c:\windows\system32\iesetup.dll
      2013-09-22 22:54 . 2013-10-10 06:43 39936 ----a-w- c:\windows\system32\iernonce.dll
      2013-09-22 22:54 . 2013-10-10 06:43 136704 ----a-w- c:\windows\system32\iesysprep.dll
      2013-09-22 22:54 . 2013-10-10 06:43 2647552 ----a-w- c:\windows\system32\iertutil.dll
      2013-09-22 22:54 . 2013-10-10 06:43 15404544 ----a-w- c:\windows\system32\ieframe.dll
      2013-09-22 14:15 . 2013-09-22 14:16 564432 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
      2013-09-21 03:38 . 2013-10-10 06:43 2706432 ----a-w- c:\windows\system32\mshtml.tlb
      2013-09-21 03:30 . 2013-10-10 06:43 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
      2013-09-21 02:48 . 2013-10-10 06:43 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
      2013-09-21 02:39 . 2013-10-10 06:43 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
      2013-09-14 01:10 . 2013-10-09 15:01 497152 ----a-w- c:\windows\system32\drivers\afd.sys
      2013-09-08 02:30 . 2013-10-09 15:01 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2013-09-08 02:27 . 2013-10-09 15:01 327168 ----a-w- c:\windows\system32\mswsock.dll
      2013-09-08 02:03 . 2013-10-09 15:01 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
      2013-09-04 12:12 . 2013-10-09 14:58 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
      2013-09-04 12:11 . 2013-10-09 14:58 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
      2013-09-04 12:11 . 2013-10-09 14:58 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
      2013-09-04 12:11 . 2013-10-09 14:58 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
      2013-09-04 12:11 . 2013-10-09 14:58 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
      2013-09-04 12:11 . 2013-10-09 14:58 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
      2013-09-04 12:11 . 2013-10-09 14:58 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
      2013-08-29 02:17 . 2013-10-09 14:58 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
      2013-08-29 02:16 . 2013-10-09 14:58 1732032 ----a-w- c:\windows\system32\ntdll.dll
      2013-08-29 02:16 . 2013-10-09 14:58 243712 ----a-w- c:\windows\system32\wow64.dll
      2013-08-29 02:16 . 2013-10-09 14:58 859648 ----a-w- c:\windows\system32\tdh.dll
      2013-08-29 02:13 . 2013-10-09 14:58 878080 ----a-w- c:\windows\system32\advapi32.dll
      2013-08-29 01:51 . 2013-10-09 14:58 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
      2013-08-29 01:51 . 2013-10-09 14:58 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
      2013-08-29 01:50 . 2013-10-09 14:58 5120 ----a-w- c:\windows\SysWow64\wow32.dll
      2013-08-29 01:50 . 2013-10-09 14:58 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
      2013-08-29 01:50 . 2013-10-09 14:58 619520 ----a-w- c:\windows\SysWow64\tdh.dll
      2013-08-29 01:48 . 2013-10-09 14:58 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
      2013-08-29 01:48 . 2013-10-09 14:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2013-08-29 00:49 . 2013-10-09 14:58 25600 ----a-w- c:\windows\SysWow64\setup16.exe
      2013-08-29 00:49 . 2013-10-09 14:58 7680 ----a-w- c:\windows\SysWow64\instnm.exe
      2013-08-29 00:49 . 2013-10-09 14:58 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
      2013-08-29 00:49 . 2013-10-09 14:58 2048 ----a-w- c:\windows\SysWow64\user.exe
      2013-08-28 01:21 . 2013-10-09 15:01 3155968 ----a-w- c:\windows\system32\win32k.sys
      2013-08-28 01:12 . 2013-10-09 14:58 461312 ----a-w- c:\windows\system32\scavengeui.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
      2013-09-30 16:05 3353624 ----a-w- c:\program files (x86)\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\17.0.0.9\AVG Secure Search_toolbar.dll" [2013-09-30 3353624]
      .
      [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
      [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
      [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive1]
      @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
      [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
      2013-09-22 14:22 222712 ----a-w- c:\users\Youro das\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive2]
      @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
      [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
      2013-09-22 14:22 222712 ----a-w- c:\users\Youro das\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive3]
      @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
      [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
      2013-09-22 14:22 222712 ----a-w- c:\users\Youro das\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "OfficeSyncProcess"="c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE" [2013-07-23 3207912]
      "Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
      "Hotkey Utility"="c:\program files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe" [2010-08-04 611872]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
      "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
      "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-10-01 2404376]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
      "WAHELPER.EXE"="c:\program files (x86)\WinArchiver\WAHELPER.EXE" [2012-09-25 480352]
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      Sitecom Wireless Utility.lnk - c:\program files (x86)\Sitecom\Common\WLANUtil.exe -s [2011-10-23 1626112]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
      BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
      "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
      .
      R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe;c:\program files (x86)\AVG\AVG2012\avgfws.exe [x]
      R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [x]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
      R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
      R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
      R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
      R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
      R3 PAC207;Trust 100K Series Webcam;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
      R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys;c:\windows\SYSNATIVE\DRIVERS\Prot6Flt.sys [x]
      R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
      R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
      R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
      R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
      R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
      R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
      S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
      S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
      S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\Rap portKE64.sys [x]
      S0 waemu;waemu;c:\windows\system32\Drivers\waemu.sys;c:\windows\SYSNATIVE\Drivers\waemu.sys [x]
      S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
      S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
      S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
      S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
      S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
      S1 RapportCerberus_59849;RapportCerberus_59849;c:\programdata\Trusteer\Rapport\store\exts\RapportCerber us\baseline\RapportCerberus64_59849.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\b aseline\RapportCerberus64_59849.sys [x]
      S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
      S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
      S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
      S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
      S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
      S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x]
      S2 CBTWlanSrv;CBT Wlan Service;c:\windows\CBTWlanSrv.exe;c:\windows\CBTWlanSrv.exe [x]
      S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
      S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
      S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
      S2 OfficeSvc;Microsoft Office-service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
      S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Sitecom\Common\RaRegistry64.exe;c:\program files (x86)\Sitecom\Common\RaRegistry64.exe [x]
      S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
      S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
      S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
      S2 vToolbarUpdater17.0.1;vToolbarUpdater17.0.1;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe [x]
      S2 WinArchiver Service;WinArchiver Service;c:\program files (x86)\WinArchiver\WAService.exe;c:\program files (x86)\WinArchiver\WAService.exe [x]
      S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
      S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
      S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS \avgidsdrivera.sys [x]
      S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys;c:\windows\SYSNATIVE\DRIVERS \avgidsfiltera.sys [x]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
      S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
      S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
      S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh .sys [x]
      S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
      S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
      .
      .
      Inhoud van de 'Gedeelde Taken' map
      .
      2013-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-19 07:09]
      .
      2013-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-11 06:03]
      .
      2013-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-11 06:03]
      .
      2013-11-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853065180-2656899494-2483831078-1000Core.job
      - c:\users\Youro das\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-19 15:01]
      .
      2013-11-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853065180-2656899494-2483831078-1000UA.job
      - c:\users\Youro das\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-19 15:01]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
      @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
      [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
      2013-09-22 14:22 261624 ----a-w- c:\users\Youro das\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
      @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
      [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
      2013-09-22 14:22 261624 ----a-w- c:\users\Youro das\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
      @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
      [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
      2013-09-22 14:22 261624 ----a-w- c:\users\Youro das\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
      @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
      [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
      2013-09-22 14:17 2328776 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
      @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
      [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
      2013-09-22 14:17 2328776 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
      @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
      [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
      2013-09-22 14:17 2328776 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-17 9608224]
      "PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
      .
      ------- Bijkomende Scan -------
      .
      uStart Page = hxxp://packardbell.msn.com
      uLocal Page = c:\windows\system32\blank.htm
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = *.local
      IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
      IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
      TCP: DhcpNameServer = 192.168.1.1
      Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll
      FF - ProfilePath - c:\users\Youro das\AppData\Roaming\Mozilla\Firefox\Profiles\9rxeza6k.default\
      .
      - - - - ORPHANS VERWIJDERD - - - -
      .
      Toolbar-Locked - (no file)
      AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
      .
      .
      .
      --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
      .
      [HKEY_USERS\S-1-5-21-2853065180-2656899494-2483831078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="WindowsLiveMail.Email.1"
      .
      [HKEY_USERS\S-1-5-21-2853065180-2656899494-2483831078-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="WindowsLiveMail.VCard.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe ,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe ,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
      @Denied: (A) (Everyone)
      "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
      @Denied: (A) (Everyone)
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
      "Key"="ActionsPane3"
      "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Voltooingstijd: 2013-11-09 12:17:40
      ComboFix-quarantined-files.txt 2013-11-09 11:17
      ComboFix2.txt 2013-11-07 13:53
      .
      Pre-Run: 89.014.386.688 bytes beschikbaar
      Post-Run: 88.341.106.688 bytes beschikbaar
      .
      - - End Of File - - E184A57E7DA152EE862C01B421597D9E
      A36C5E4F47E84449FF07ED3517B43A31


      En hier het MBRCheck_mm.dd.yy_hh.mm.dd bestand

      MBRCheck, version 1.2.3
      (c) 2010, AD

      Command-line:
      Windows Version: Windows 7 Home Premium Edition
      Windows Information: Service Pack 1 (build 7601), 64-bit
      Base Board Manufacturer: Packard Bell
      BIOS Manufacturer: American Megatrends Inc.
      System Manufacturer: Packard Bell
      System Product Name: imedia S1300
      Logical Drives Mask: 0x000103fc

      Kernel Drivers (total 167):
      0x03067000 \SystemRoot\system32\ntoskrnl.exe
      0x0301E000 \SystemRoot\system32\hal.dll
      0x00BAE000 \SystemRoot\system32\kdcom.dll
      0x00C83000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
      0x00C90000 \SystemRoot\system32\PSHED.dll
      0x00CA4000 \SystemRoot\system32\CLFS.SYS
      0x00D02000 \SystemRoot\system32\CI.dll
      0x00EA2000 \SystemRoot\system32\drivers\Wdf01000.sys
      0x00F64000 \SystemRoot\system32\drivers\WDFLDR.SYS
      0x00F74000 \SystemRoot\system32\drivers\ACPI.sys
      0x00FCB000 \SystemRoot\system32\drivers\WMILIB.SYS
      0x00FD4000 \SystemRoot\system32\drivers\msisadrv.sys
      0x00E00000 \SystemRoot\system32\drivers\pci.sys
      0x00E33000 \SystemRoot\system32\drivers\vdrvroot.sys
      0x00E40000 \SystemRoot\System32\drivers\partmgr.sys
      0x00E55000 \SystemRoot\system32\drivers\volmgr.sys
      0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
      0x00E6A000 \SystemRoot\system32\drivers\pciide.sys
      0x00E71000 \SystemRoot\system32\drivers\PCIIDEX.SYS
      0x00E81000 \SystemRoot\System32\drivers\mountmgr.sys
      0x00FDE000 \SystemRoot\system32\drivers\atapi.sys
      0x00DC2000 \SystemRoot\system32\drivers\ataport.SYS
      0x010B6000 \SystemRoot\system32\drivers\nvstor.sys
      0x010E1000 \SystemRoot\system32\drivers\storport.sys
      0x01144000 \SystemRoot\system32\drivers\amdxata.sys
      0x0114F000 \SystemRoot\system32\drivers\fltmgr.sys
      0x0119B000 \SystemRoot\system32\drivers\fileinfo.sys
      0x011AF000 \SystemRoot\System32\Drivers\PxHlpa64.sys
      0x0124C000 \SystemRoot\System32\Drivers\Ntfs.sys
      0x01000000 \SystemRoot\System32\Drivers\msrpc.sys
      0x01200000 \SystemRoot\System32\Drivers\ksecdd.sys
      0x01408000 \SystemRoot\System32\Drivers\cng.sys
      0x0147A000 \SystemRoot\System32\drivers\pcw.sys
      0x0148B000 \SystemRoot\System32\Drivers\Fs_Rec.sys
      0x01495000 \SystemRoot\system32\drivers\ndis.sys
      0x01587000 \SystemRoot\system32\drivers\NETIO.SYS
      0x0121B000 \SystemRoot\System32\Drivers\ksecpkg.sys
      0x01601000 \SystemRoot\System32\drivers\tcpip.sys
      0x0105E000 \SystemRoot\System32\drivers\fwpkclnt.sys
      0x011BB000 \SystemRoot\system32\Drivers\waemu.sys
      0x01896000 \SystemRoot\system32\drivers\volsnap.sys
      0x018E2000 \SystemRoot\System32\Drivers\spldr.sys
      0x018EA000 \SystemRoot\System32\drivers\rdyboost.sys
      0x01924000 \SystemRoot\System32\Drivers\RapportKE64.sys
      0x01970000 \SystemRoot\System32\Drivers\mup.sys
      0x01982000 \SystemRoot\System32\drivers\hwpolicy.sys
      0x0198B000 \SystemRoot\System32\DRIVERS\fvevol.sys
      0x019C5000 \SystemRoot\system32\DRIVERS\disk.sys
      0x01800000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
      0x01830000 \SystemRoot\system32\DRIVERS\avgrkx64.sys
      0x0183C000 \SystemRoot\system32\DRIVERS\avgidsha.sys
      0x040EB000 \SystemRoot\system32\DRIVERS\cdrom.sys
      0x04115000 \SystemRoot\system32\DRIVERS\avgmfx64.sys
      0x04125000 \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys
      0x04000000 \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
      0x04060000 \SystemRoot\System32\Drivers\Null.SYS
      0x04069000 \SystemRoot\System32\Drivers\Beep.SYS
      0x04070000 \??\C:\Windows\system32\drivers\avgtpx64.sys
      0x0407F000 \SystemRoot\System32\drivers\vga.sys
      0x0408D000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
      0x040B2000 \SystemRoot\System32\drivers\watchdog.sys
      0x040C2000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
      0x040CB000 \SystemRoot\system32\drivers\rdpencdd.sys
      0x040D4000 \SystemRoot\system32\drivers\rdprefmp.sys
      0x040DD000 \SystemRoot\System32\Drivers\Msfs.SYS
      0x041B7000 \SystemRoot\System32\Drivers\Npfs.SYS
      0x041C8000 \SystemRoot\system32\DRIVERS\avgfwd6a.sys
      0x041D7000 \SystemRoot\system32\DRIVERS\tdx.sys
      0x019EE000 \SystemRoot\system32\DRIVERS\TDI.SYS
      0x04475000 \SystemRoot\system32\DRIVERS\avgtdia.sys
      0x044D7000 \SystemRoot\System32\DRIVERS\netbt.sys
      0x0451C000 \SystemRoot\system32\drivers\afd.sys
      0x045A5000 \SystemRoot\system32\drivers\ws2ifsl.sys
      0x045B0000 \SystemRoot\system32\DRIVERS\wfplwf.sys
      0x045B9000 \SystemRoot\system32\DRIVERS\pacer.sys
      0x045DF000 \SystemRoot\system32\DRIVERS\vwififlt.sys
      0x04400000 \SystemRoot\system32\DRIVERS\netbios.sys
      0x0440F000 \SystemRoot\system32\DRIVERS\wanarp.sys
      0x0442A000 \SystemRoot\system32\drivers\termdd.sys
      0x04A8A000 \SystemRoot\system32\DRIVERS\rdbss.sys
      0x04ADB000 \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
      0x04B1F000 \SystemRoot\system32\drivers\nsiproxy.sys
      0x04B2B000 \SystemRoot\system32\drivers\mssmbios.sys
      0x04B36000 \SystemRoot\System32\drivers\discache.sys
      0x04B45000 \SystemRoot\System32\Drivers\dfsc.sys
      0x04B63000 \SystemRoot\system32\DRIVERS\blbdrive.sys
      0x04B74000 \SystemRoot\system32\DRIVERS\avgldx64.sys
      0x04BC2000 \SystemRoot\system32\DRIVERS\tunnel.sys
      0x04BE8000 \SystemRoot\system32\DRIVERS\amdppm.sys
      0x04A00000 \SystemRoot\system32\drivers\i8042prt.sys
      0x04A1E000 \SystemRoot\system32\drivers\kbdclass.sys
      0x04A2D000 \SystemRoot\system32\DRIVERS\mouclass.sys
      0x04A3C000 \SystemRoot\system32\DRIVERS\usbohci.sys
      0x04CB0000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
      0x04D06000 \SystemRoot\system32\DRIVERS\usbehci.sys
      0x04D17000 \SystemRoot\system32\drivers\HDAudBus.sys
      0x04D3B000 \SystemRoot\system32\DRIVERS\nvmf6264.sys
      0x04D90000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
      0x04D97000 \SystemRoot\system32\DRIVERS\atikmpag.sys
      0x05618000 \SystemRoot\system32\DRIVERS\atipmdag.sys
      0x05C7E000 \SystemRoot\System32\drivers\dxgkrnl.sys
      0x05D72000 \SystemRoot\System32\drivers\dxgmms1.sys
      0x05DB8000 \SystemRoot\system32\drivers\wmiacpi.sys
      0x05DC1000 \SystemRoot\system32\drivers\CompositeBus.sys
      0x05DD1000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
      0x04DCB000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
      0x05DE7000 \SystemRoot\system32\DRIVERS\ndistapi.sys
      0x04C00000 \SystemRoot\system32\DRIVERS\ndiswan.sys
      0x04C2F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
      0x04C4A000 \SystemRoot\system32\DRIVERS\raspptp.sys
      0x04C6B000 \SystemRoot\system32\DRIVERS\rassstp.sys
      0x05DF3000 \SystemRoot\system32\drivers\swenum.sys
      0x04A47000 \SystemRoot\system32\drivers\ks.sys
      0x05600000 \SystemRoot\system32\DRIVERS\amdiox64.sys
      0x04C85000 \SystemRoot\system32\drivers\umbus.sys
      0x04EFA000 \SystemRoot\system32\DRIVERS\usbhub.sys
      0x04F54000 \SystemRoot\System32\Drivers\NDProxy.SYS
      0x0520A000 \SystemRoot\system32\drivers\RTKVHD64.sys
      0x04F69000 \SystemRoot\system32\drivers\portcls.sys
      0x04FA6000 \SystemRoot\system32\drivers\drmk.sys
      0x053FA000 \SystemRoot\system32\drivers\ksthunk.sys
      0x04FC8000 \SystemRoot\system32\drivers\AtihdW76.sys
      0x05E87000 \SystemRoot\system32\DRIVERS\netr28ux.sys
      0x05FBD000 \SystemRoot\system32\DRIVERS\vwifibus.sys
      0x05FCA000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
      0x05FE5000 \SystemRoot\system32\DRIVERS\USBD.SYS
      0x05FE7000 \SystemRoot\System32\Drivers\crashdmp.sys
      0x05FF5000 \SystemRoot\System32\Drivers\dump_diskdump.sys
      0x05E00000 \SystemRoot\System32\Drivers\dump_nvstor.sys
      0x05E2B000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
      0x000A0000 \SystemRoot\System32\win32k.sys
      0x05E3E000 \SystemRoot\System32\drivers\Dxapi.sys
      0x05E4A000 \SystemRoot\system32\DRIVERS\monitor.sys
      0x004E0000 \SystemRoot\System32\TSDDD.dll
      0x006F0000 \SystemRoot\System32\cdd.dll
      0x05E58000 \SystemRoot\system32\drivers\luafv.sys
      0x05E7B000 \??\C:\Windows\system32\drivers\mbam.sys
      0x04FE3000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
      0x04E00000 \SystemRoot\system32\DRIVERS\lltdio.sys
      0x04E15000 \SystemRoot\system32\DRIVERS\nwifi.sys
      0x04E68000 \SystemRoot\system32\DRIVERS\ndisuio.sys
      0x04E7B000 \SystemRoot\system32\DRIVERS\rspndr.sys
      0x05200000 \SystemRoot\system32\DRIVERS\vwifimp.sys
      0x06C09000 \SystemRoot\system32\drivers\HTTP.sys
      0x06CD2000 \SystemRoot\system32\DRIVERS\bowser.sys
      0x06CF0000 \SystemRoot\System32\drivers\mpsdrv.sys
      0x06D08000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
      0x06D35000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
      0x06D83000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
      0x06DA7000 \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
      0x06DD8000 \SystemRoot\system32\DRIVERS\avgidsfiltera.sys
      0x08457000 \SystemRoot\system32\drivers\peauth.sys
      0x084FD000 \SystemRoot\System32\Drivers\secdrv.SYS
      0x08508000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
      0x08400000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
      0x085CA000 \SystemRoot\System32\DRIVERS\srvnet.sys
      0x06DE3000 \SystemRoot\System32\drivers\tcpipreg.sys
      0x04E93000 \SystemRoot\system32\DRIVERS\avgidsdrivera.sys
      0x092DD000 \SystemRoot\System32\DRIVERS\srv2.sys
      0x09346000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
      0x09352000 \SystemRoot\System32\DRIVERS\srv.sys
      0x09236000 \SystemRoot\system32\drivers\WudfPf.sys
      0x0924F000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
      0x09285000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
      0x76DB0000 \Windows\System32\ntdll.dll
      0x47680000 \Windows\System32\smss.exe
      0xFF0D0000 \Windows\System32\apisetschema.dll

      Processes (total 90):
      0 System Idle Process
      4 System
      400 C:\Windows\System32\smss.exe
      812 csrss.exe
      892 C:\Windows\System32\wininit.exe
      904 csrss.exe
      944 C:\Windows\System32\services.exe
      976 C:\Windows\System32\winlogon.exe
      992 C:\Windows\System32\lsass.exe
      1016 C:\Windows\System32\lsm.exe
      832 C:\Windows\System32\svchost.exe
      996 C:\Program Files (x86)\WinArchiver\WAService.exe
      1068 C:\Windows\System32\svchost.exe
      1180 C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
      1324 C:\Windows\System32\atiesrxx.exe
      1360 C:\Windows\System32\svchost.exe
      1392 C:\Windows\System32\svchost.exe
      1436 C:\Windows\System32\svchost.exe
      1468 C:\Windows\System32\svchost.exe
      1628 C:\Windows\System32\atieclxx.exe
      1648 C:\Windows\System32\svchost.exe
      1796 C:\Windows\System32\wlanext.exe
      1808 C:\Windows\System32\conhost.exe
      1948 C:\Windows\System32\spoolsv.exe
      1984 C:\Windows\System32\svchost.exe
      1252 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
      1604 C:\Windows\System32\taskhost.exe
      2124 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
      2296 C:\Windows\System32\dwm.exe
      2312 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      2628 C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
      2640 C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
      2672 C:\Program Files\Bonjour\mDNSResponder.exe
      2728 C:\Windows\CBTWlanSrv.exe
      2860 C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
      2896 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      2980 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      2272 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      2352 C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
      2424 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      2456 C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
      2484 C:\Windows\PixArt\PAC207\Monitor.exe
      2844 C:\Windows\SysWOW64\PnkBstrA.exe
      2968 C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe
      1356 C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe
      3248 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
      3284 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
      3292 C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
      3704 C:\Windows\System32\svchost.exe
      3840 C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
      3864 C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
      3472 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe
      4032 C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
      4080 C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
      4108 C:\Program Files (x86)\AVG Secure Search\vprot.exe
      4116 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      4152 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      4180 C:\Program Files (x86)\WinArchiver\WAHELPER.EXE
      4192 C:\Program Files (x86)\iTunes\iTunesHelper.exe
      4284 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
      4376 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
      4568 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
      4620 C:\Windows\System32\conhost.exe
      4904 WmiPrvSE.exe
      5892 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
      5972 C:\Program Files\iPod\bin\iPodService.exe
      5376 C:\Windows\System32\SearchIndexer.exe
      5688 C:\Windows\System32\svchost.exe
      1140 WUDFHost.exe
      7076 C:\Program Files\Windows Media Player\wmpnetwk.exe
      1344 C:\Windows\System32\svchost.exe
      6944 Q:\140066.nld\Office14\MSOSYNC.EXE
      6676 C:\Windows\System32\svchost.exe
      5960 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
      5916 dllhost.exe
      6228 C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe
      5208 C:\Windows\System32\audiodg.exe
      2440 C:\Windows\explorer.exe
      6156 C:\Program Files\Siemens\Gigaset USB Adapter 108\GUI.exe
      1636 C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
      5528 C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
      780 C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
      5792 C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
      2460 C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
      6644 C:\Users\Youro das\AppData\Local\Google\Chrome\Application\chrome.exe
      6628 C:\Windows\System32\SearchProtocolHost.exe
      6116 C:\Windows\System32\SearchFilterHost.exe
      1536 C:\Users\Youro das\Downloads\MBRCheck.exe
      588 C:\Windows\System32\conhost.exe
      1776 C:\Windows\System32\dllhost.exe

      \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`46500000 (NTFS)
      \\.\D: --> \\.\PhysicalDrive0 at offset 0x0000003c`43300000 (NTFS)
      \\.\Q: --> error 5

      PhysicalDrive0 Model Number: ST3500418AS, Rev: CC44

      Size Device Name MBR Status
      --------------------------------------------
      465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
      SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


      Done!

      Comment


      • #4
        Download Zoek.zip naar het bureaublad.
        1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
        2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

        • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
        • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
        • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
        • Kopieer nu onderstaande code en plak die in het grote invulvenster:
        • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
          Code:
          torpigcheck;
          emptyclsid;
          emptyfolderscheck;delete
          firefoxlook; 
          Chromelook; 
          autoclean; 
          iedefaults; 
          filesrcm;
        • Klik nu op de knop "Run script".
        • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
        • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
        • Post het geopende logje in het volgende bericht als bijlage.

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Hier in de bijlage de zoekresults.
          Bijgevoegde Bestanden

          Comment


          • #6
            Keurig, en hoe gaat het nu?

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Tot nog toe geen last meer van gehad. Hartelijk bedankt!

              Comment


              • #8
                Download Delfix by Xplode naar het bureaublad.

                Dubbelklik op Delfix.exe om de tool te starten.
                Zet nu vinkjes voor de volgende items:
                • Activate UAC
                • Remove disinfection tools
                • Create registry backup
                • Purge System Restore
                • Reset system settings

                Klik nu op "Run" en wacht geduldig tot de tool gereed is.
                Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

                Windows 10 opstarten in Veilige Modus

                Comment


                • #9
                  Gedaan, nogmaals bedankt!

                  Comment


                  • #10
                    En het is er weer helaas, ik hoor weer telkens geluiden uit mijn speakers. Heel apart, ik hoor een liedje, en het geluid gaat soms hard, en dan weer heel zacht.

                    Comment


                    • #11
                      Download de Emsisoft Emergency Kit naar het bureaublad.
                      Klik hier voor de complete / uitgebreide handleiding van de Emsisoft Emergency Kit.

                      Emsisoft Emergency Kit uitvoeren
                      • Dubbelklik op "EmsisoftEmergencyKit.exe", wanneer u een melding krijgt van het gebruikersaccountbeheer staat u dit toe.
                      • Klik vervolgens op de knop "Accept & Extract" en de bestanden worden nu automatisch uitgepakt naar de systeemschijf "C:\EEK".
                      • Wanneer het uitpakken gereed is wordt er een snelkoppeling op het bureaublad aangemaakt en zal de Emsisoft Emergency Kit vanzelf openen.
                      • Klik nu op de optie "Emergency Kit Scanner" en wanneer u de melding "Wilt u nu updaten?" krijgt klikt u op "Ja".
                      • Wanneer de update gereed is klikt u in het linker menu op de optie "Computer Scannen".
                      • Kies vervolgens de optie "Diep", deze scan kan geruime tijd in beslag nemen en gebruik bij voorkeur de computer niet voor andere bezigheden tijdens de scan.
                      • Wanneer de scan gereed is zorg dat alle items staan aangevinkt en klik op de knop "Quarantaine".
                      • Klik vervolgens op de knop "Rapport bekijken" en plaats de inhoud van dit bestand in uw volgende bericht.


                      Emsisoft Emergency Kit logbestand plaatsen
                      • Voeg het logbestand met de naam "a2scan_130711-154142.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map "C:\EEK\Run\Reports")

                      Windows 10 opstarten in Veilige Modus

                      Comment


                      • #12
                        Wil je daarna deze tool doen aub.
                        Het zou zomaar eens een rootkit kunnen zijn, maar ik zie die niet terug in het logje.



                        Ik wil nog even een diepe Analyse doen met een Franstalig tooltje.
                        Als je onderstaande instructies precies leest en opvolgt dan zou dat geen probleem moeten zijn

                        Download zhpdiag.exe vanaf deze website: http://en.kioskea.net/download/download-23176-zhpdiag
                        • KLIK HIER voor een vergroting! 
                        1. XP gebruikers: dubbelklik zhpdiag.exe om het te installeren.
                          Voor Windows Vista en hoger: rechtsklik zhpdiag.exe en kies voor "Uitvoeren als administrator".
                        2. Klik meerdere keren op "Suivant" om het installatieproces te doorlopen.
                        3. Klik op "Installer" wanneer daar om gevraagd wordt en op "Terminer" wanneer de installatie voltooid is.
                        4. Er zijn nu 2 pictogrammen op je bureaublad verschenen: ZHPDiag en ZHPFix.
                        5. Dubbelklik nu op de snelkoppeling met de naam ZHPDiag
                        6. Het startvenster verschijnt, klik nu op "Configurer".
                        7. Klik rechts onderaan op het icoontje met het huisje "Sélectionner une langue" en kies "Anglais"(Engels).
                        8. Klik daarna links onderaan op het middelste icoontje(een vergrootglas en een + symbool) "Diagnostic options".
                        9. Er wordt nu een scan van je systeem gemaakt wacht geduldig tot deze voltooid is.
                        10. Na afloop staat er een tekstbestand met de naam ZHPDiag.txt op je bureaublad, post deze als bijlage in je volgende bericht.
                        Last edited by Juisterr; 11-11-13, 17:30.

                        Windows 10 opstarten in Veilige Modus

                        Comment


                        • #13
                          Lukt het ?

                          Windows 10 opstarten in Veilige Modus

                          Comment


                          • #14
                            Duurde even maar het is nu wel gelukt, in de bijlage staat het a2scan_130711-154142.txt bestand.
                            Ook het Zhpdiag.txt bestand staat er in.
                            Bijgevoegde Bestanden

                            Comment


                            • #15
                              Daar het een nogal groot logje is kan het even duren voor ik het gelezen heb.

                              Windows 10 opstarten in Veilige Modus

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X