Mededeling

Collapse
No announcement yet.

Twitter links overgenomen door Adfly

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Twitter links overgenomen door Adfly

    Beste experts,

    sinds gisteren word ik elke keer als ik in een link in mijn twitter feed klik doorverwezen naar Adfly, voordat ik naar de gewenste website kan. betekent dit dat ik geinfecteerd ben? Ik heb gegoogled en verschillende websites claimen dat ik geinfecteerd ben met een Adfly virus. Tot nu toe gebeurt het alleen met mijn twitter feed.

    Ik post alle logs die ik heb gekregen na het runnen van Malware anti Malware, DDS en Gmer.

    Gaarne jullie hulp bij dit probleem.

    Alvast heel erg bedankt!

    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.12.07.08

    Windows 7 x64 NTFS
    Internet Explorer 8.0.7600.16385
    user :: USER-PC [administrator]

    Protection: Enabled

    08/12/2013 9:19:43
    MBAM-log-2013-12-08 (09-27-42).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 231958
    Time elapsed: 7 minute(s), 43 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 2
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} (PUP.Optional.ZuluGames) -> No action taken.
    HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn (PUP.Optional.Zulagames.A) -> No action taken.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 1
    C:\Users\user\AppData\Roaming\zulagames (PUP.Optional.Zulagames.A) -> No action taken.

    Files Detected: 1
    C:\Users\user\AppData\Roaming\zulagames\zulagames.crx (PUP.Optional.Zulagames.A) -> No action taken.

    (end)

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.45.2
    Run by user at 9:29:16 on 2013-12-08
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.62.1033.18.1952.521 [GMT 7:00]
    .
    AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
    SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\FBAgent.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Smartfren Connex CE682 UI\HEject.exe
    D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Modem AC2726 UI\bin\MonServiceUDisk64.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\EscSvc64.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
    D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files\P4G\BatteryLife.exe
    C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
    C:\Windows\SysWOW64\ACEngSvr.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\AsScrPro.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Users\user\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uDefault_Page_URL = about:blank
    mStart Page = about:blank
    mDefault_Page_URL = about:blank
    mWinlogon: Userinit = userinit.exe,
    BHO: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
    BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - <orphaned>
    BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
    BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
    EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
    uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
    uRun: [Facebook Update] "C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [SkyDrive] "C:\Users\user\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
    uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
    mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
    mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
    mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
    mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
    mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
    mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    dRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BINUSS~1.LNK - D:\Binus Script\Binus Script.bat
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
    IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
    TCP: NameServer = 119.235.248.60 202.134.0.155
    TCP: Interfaces\{039079D3-71AC-4456-8097-641DFBA3337F} : DHCPNameServer = 119.235.248.60 202.134.0.155
    TCP: Interfaces\{F07F716C-AFD6-436C-A9B7-2ADEABC227E6} : DHCPNameServer = 10.29.3.131 10.29.3.130
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    AppInit_DLLs= acaptuser32.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    x64-mStart Page = about:blank
    x64-mDefault_Page_URL = about:blank
    x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
    x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
    x64-Run: [SynAsusAcpi] C:\Program Files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
    x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\1f7ze86j.default-1386426370500\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.nu.nl/
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
    FF - plugin: C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\user\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
    FF - ExtSQL: 2013-10-09 15:48; [email protected]; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
    FF - ExtSQL: 2013-10-09 15:48; [email protected]; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
    FF - ExtSQL: 2013-10-09 15:48; [email protected]; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
    FF - ExtSQL: 2013-10-09 15:48; [email protected]; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
    FF - ExtSQL: 2013-10-09 15:48; [email protected]; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\[email protected]
    FF - ExtSQL: !HIDDEN! 2012-12-23 18:05; [email protected]; C:\Users\user\AppData\Roaming\Mozilla\Extensions\[email protected]
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-5-23 28992]
    R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504]
    R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54368]
    R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
    R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2008-2-1 32240]
    R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-5-23 379520]
    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
    R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-9-29 92800]
    R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -r [?]
    R2 CDROM_Eject_H;CDROM_Eject_H;C:\Program Files\Smartfren Connex CE682 UI\HEject.exe [2012-5-22 267776]
    R2 EpsonScanSvc;Epson Scanner Service;C:\Windows\System32\escsvc64.exe [2013-6-25 135824]
    R2 MBAMScheduler;MBAMScheduler;D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-8 418376]
    R2 MBAMService;MBAMService;D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-8 701512]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
    R2 UDisk Monitor;UDisk Monitor;C:\Program Files\Modem AC2726 UI\bin\MonServiceUDisk64.exe [2012-12-25 407040]
    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-10-3 129512]
    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-10-3 394728]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-2-16 317440]
    R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-5-25 29280]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-7-25 29280]
    R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-5-23 108656]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-8 25928]
    S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-16 412264]
    S3 USB_BusEnum_H;EVDO Telecom USB Bus Enumerator h;C:\Windows\System32\drivers\USB_BusEnum_H.sys [2012-5-22 44544]
    S3 USB_ETS_H;EVDO Rev A Service USB port h;C:\Windows\System32\drivers\USB_ETS_H.sys [2012-5-22 21760]
    S3 USB_WinMux_H;EVDO Telecom USB MUX Serial Port h;C:\Windows\System32\drivers\USB_WinMux_H.sys [2012-5-22 37376]
    S3 UsbModemDriver;EVDO Rev A USB Modem h;C:\Windows\System32\drivers\USB_MODEM_H.sys [2012-5-22 28160]
    S3 ztemtusbser;ZTEMT Legacy Serial Communication;C:\Windows\System32\drivers\CT_ZTEMT_U_USBSER.sys [2012-12-25 119168]
    .
    =============== Created Last 30 ================
    .
    2013-12-08 01:15:06 -------- d-----w- C:\Users\user\AppData\Roaming\Malwarebytes
    2013-12-08 01:14:49 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-12-08 01:14:47 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-12-07 14:55:38 -------- d-----w- C:\Users\user\AppData\Roaming\Curiolab
    2013-12-07 14:39:21 -------- d-----w- C:\Users\user\AppData\Roaming\eCyber
    2013-12-07 14:35:38 -------- d-----w- C:\Windows\System32\log
    2013-12-07 14:35:14 -------- d-----w- C:\Users\user\AppData\Roaming\iSafe
    2013-12-07 14:35:14 -------- d-----w- C:\Program Files (x86)\iSafe
    2013-12-07 14:16:13 388096 ----a-r- C:\Users\user\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2013-12-07 14:16:13 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2013-12-04 07:17:11 -------- d-----w- C:\Program Files (x86)\IZArc
    2013-12-04 07:16:27 -------- d-----w- C:\Users\user\AppData\Local\Programs
    2013-12-04 06:36:03 -------- d-----w- C:\Program Files\CCleaner
    2013-12-03 00:48:31 467456 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpcpp117.DLL
    2013-12-03 00:39:54 476160 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpcpp130.dll
    2013-12-02 14:29:36 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2013-12-01 14:45:13 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FAF322B8-7717-4496-AD8F-1B7E0571629D}\offreg.dll
    .
    ==================== Find3M ====================
    .
    2013-12-08 01:37:33 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe
    2013-11-20 00:09:39 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-11-20 00:09:39 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-10-16 13:04:44 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-10-09 08:48:39 29280 ----a-w- C:\Windows\System32\drivers\klmouflt.sys
    2013-10-09 08:48:38 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys
    2013-10-09 08:48:29 7717984 ----a-w- C:\Windows\System32\drivers\kl1.sys
    .
    ============= FINISH: 9:30:49,07 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 16/02/2012 3:35:20
    System Uptime: 08/12/2013 8:36:42 (1 hours ago)
    .
    Motherboard: ASUSTeK Computer Inc. | | K43SD
    Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz | CPU 1 | 792/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 98 GiB total, 21,707 GiB free.
    D: is FIXED (NTFS) - 368 GiB total, 328,349 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP145: 07/12/2013 21:15:34 - Installed HiJackThis
    .
    ==== Installed Programs ======================
    .
    64 Bit HP CIO Components Installer
    Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
    Adobe Acrobat 9 Pro Extended 64-bit Add-On
    Adobe Acrobat 9.5.5 - CPSID_83708
    Adobe Anchor Service CS3
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge Start Meeting
    Adobe Camera Raw 4.0
    Adobe CMaps
    Adobe Color - Photoshop Specific
    Adobe Color Common Settings
    Adobe Color EU Extra Settings
    Adobe Color JA Extra Settings
    Adobe Color NA Recommended Settings
    Adobe Default Language CS3
    Adobe Device Central CS3
    Adobe ExtendScript Toolkit 2
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Linguistics CS3
    Adobe PDF Library Files
    Adobe Photoshop CS3
    Adobe Reader XI (11.0.05)
    Adobe Setup
    Adobe Shockwave Player 12.0
    Adobe Stock Photos CS3
    Adobe Type Support
    Adobe Update Manager CS3
    Adobe Version Cue CS3 Client
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS3
    Alcor Micro USB Card Reader
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Asmedia ASM104x USB 3.0 Host Controller Driver
    ASUS AI Recovery
    ASUS FaceLogon
    ASUS LifeFrame3
    ASUS Live Update
    ASUS Power4Gear Hybrid
    ASUS Sonic Focus
    ASUS Splendid Video Enhancement Technology
    ASUS Virtual Camera
    AsusScr_K3 Series_ENG
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    ATK Package
    Bigasoft RealPlayer Converter 3.6.18.4499
    BitTorrent
    Bluetooth Stack for Windows by Toshiba
    Bonjour
    Canon MP140 series
    CCleaner
    ConvertHelper 2.2
    CorelDRAW Graphics Suite X3
    CyberLink PowerDVD 8
    CyberLink YouCam
    D3DX10
    Dell Touchpad
    Dell WLAN and Bluetooth Client Installation
    EN
    Epson E-Web Print
    Epson Event Manager
    EPSON L210 Series Printer Uninstall
    EPSON Scan
    Epson User's Guide L210 Series
    Facebook Video Calling 1.2.0.287
    Fast Boot
    FontNav
    GameHouse Super Games AIO®
    Google Chrome
    Google Drive
    Google Update Helper
    HiJackThis
    InstantOn for NB
    Intel(R) Control Center
    Intel(R) Processor Graphics
    IZArc 4.1.8
    Java 7 Update 45
    Java Auto Updater
    K-Lite Codec Pack 7.2.0 (Full)
    Kaspersky Internet Security 2013
    Malwarebytes Anti-Malware version 1.75.0.1300
    Men of War. Assault Squad
    Microsoft .NET Framework 1.1
    Microsoft Application Error Reporting
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft SkyDrive
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual J# .NET Redistributable Package 1.1
    Modem AC2726 UI
    Mozilla Firefox 25.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT110
    MSVCRT110_amd64
    Nero 7 Essentials
    neroxml
    NVIDIA Control Panel 285.64
    NVIDIA Graphics Driver 285.64
    NVIDIA Install Application
    NVIDIA Optimus 1.5.20
    NVIDIA Update Components
    PDF Settings
    Qualcomm Atheros WiFi Driver Installation
    QuickTime
    RealDownloader
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealNetworks - Microsoft Visual C++ 2010 Runtime
    RealPlayer
    Realtek High Definition Audio Driver
    Safari
    Skype™ 6.3
    Smartfren Connex CE682 UI
    Software Updater
    swMSM
    Synaptics Pointing Device Driver
    Torch
    Update Manager
    VBA
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    WinFlash
    WinRAR archiver
    Wireless Console 3
    Yahoo! Messenger
    ZSoft Uninstaller 2.5
    .
    ==== Event Viewer Messages From Past Week ========
    .
    06/12/2013 16:09:20, Error: NetBT [4321] - The name "USER-PC :0" could not be registered on the interface with IP address 10.29.135.90. The computer with the IP address 202.58.182.102 did not allow the name to be claimed by this computer.
    06/12/2013 15:36:17, Error: NetBT [4321] - The name "USER-PC :0" could not be registered on the interface with IP address 10.29.135.90. The computer with the IP address 10.200.200.201 did not allow the name to be claimed by this computer.
    06/12/2013 15:08:10, Error: NetBT [4321] - The name "USER-PC :20" could not be registered on the interface with IP address 10.29.135.90. The computer with the IP address 10.200.200.201 did not allow the name to be claimed by this computer.
    05/12/2013 11:04:20, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{F07F716C-AFD6-436C-A9B7-2ADEABC227E6} because another computer on the network has the same name. The server could not start.
    05/12/2013 11:04:20, Error: NetBT [4321] - The name "USER-PC :20" could not be registered on the interface with IP address 10.29.135.90. The computer with the IP address 10.29.135.88 did not allow the name to be claimed by this computer.
    05/12/2013 10:47:43, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
    04/12/2013 14:27:46, Error: NetBT [4321] - The name "USER-PC :0" could not be registered on the interface with IP address 10.29.152.237. The computer with the IP address 10.29.3.131 did not allow the name to be claimed by this computer.
    04/12/2013 14:06:11, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{039079D3-71AC-4456-8097-641DFBA3337F} because another computer on the network has the same name. The server could not start.
    04/12/2013 14:06:11, Error: NetBT [4321] - The name "USER-PC :20" could not be registered on the interface with IP address 10.29.152.237. The computer with the IP address 10.29.3.131 did not allow the name to be claimed by this computer.
    03/12/2013 15:00:58, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.
    03/12/2013 14:49:54, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.
    03/12/2013 14:49:54, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
    .
    ==== End Of File ===========================

    GMER 2.1.19163 - http://www.gmer.net
    Rootkit scan 2013-12-08 09:55:18
    Windows 6.1.7600 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JE3O 465,76GB
    Running: ug70bijn.exe; Driver: C:\Users\user\AppData\Local\Temp\kwtdapoc.sys


    ---- Threads - GMER 2.1 ----

    Thread C:\Windows\System32\spoolsv.exe [1560:3520] 000007fef6ee00dc
    Thread C:\Windows\System32\spoolsv.exe [1560:3540] 000007fef6eda7b0
    Thread C:\Windows\System32\spoolsv.exe [1560:3728] 000007fef6eb10c8
    Thread C:\Windows\System32\spoolsv.exe [1560:3948] 000007fef6bc6144
    Thread C:\Windows\System32\spoolsv.exe [1560:4012] 000007fef6bf5fd0
    Thread C:\Windows\System32\spoolsv.exe [1560:4068] 000007fef6ea3438
    Thread C:\Windows\System32\spoolsv.exe [1560:4076] 000007fef6bf63ec
    Thread C:\Windows\System32\spoolsv.exe [1560:3196] 000007fef7105e5c
    Thread C:\Windows\System32\spoolsv.exe [1560:3464] 000007fef6da4828
    Thread C:\Windows\System32\spoolsv.exe [1560:3400] 000007fef6f5e088
    Thread C:\Windows\System32\spoolsv.exe [1560:3596] 000007fef6c48760
    Thread C:\Windows\Explorer.EXE [4028:4088] 000007fefbd72154
    Thread C:\Windows\Explorer.EXE [4028:4248] 000007fefb566204
    Thread C:\Windows\Explorer.EXE [4028:4364] 000007fef11a2118
    Thread C:\Windows\Explorer.EXE [4028:2780] 000007fef0432f9c
    Thread C:\Windows\Explorer.EXE [4028:4380] 000007fef99e1010
    Thread C:\Windows\system32\svchost.exe [2148:4988] 000007fef6bf5fd0
    Thread C:\Windows\system32\svchost.exe [2148:4112] 000007fef6bf63ec
    Thread C:\Windows\system32\svchost.exe [2148:4868] 000007fef0068470
    Thread C:\Windows\system32\svchost.exe [2148:4776] 000007fef0072418
    Thread C:\Windows\system32\svchost.exe [2148:2684] 000007feef965b84
    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5116:5040] 000007fefb7b2a74
    Thread C:\Windows\System32\svchost.exe [4920:3832] 000007feefba9688

    ---- EOF - GMER 2.1 ----

  • #2
    Hoi Filipo1976,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Stap 1:

    Malware scannen en verwijderen....

    Start MBAM
    Zodra het programma gestart is, ga je naar het tabblad "Instellingen"
    .
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
      Indien het veel items zijn, kan je in het venster rechtsklikken en "alle items selecteren" kiezen.
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    .
    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!
    .
    .
    ___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scan
    • Klik op Clean
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Enkel de log na de "clean" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

    ___________________________________________________________

    Stap 4:

    Controle op updates...

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.

    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Wilt het lukken?
      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

      Comment


      • #4
        Bij gebrek aan feedback zet ik dit topic op opgelost.

        Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
        Dit is gedaan om het forum netjes en overzichtelijk te houden.

        Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een direct bericht met verzoek om heropening.


        Emphyrio

        Update: Probleem opgelost (DM van TS)
        Last edited by Emphyrio; 16-12-13, 12:01.
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment

        Sorry, you are not authorized to view this page
        Working...
        X