Mededeling

Collapse
No announcement yet.

Veilig gevoel

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Veilig gevoel

    Beste mensen,

    Na een nieuwe SSD schijf in me laptop geduwd te hebben heb ik een frisse installatie van windows 7 moeten doen.
    Hierna alles geupdate en wat belangrijke progjes geïnstalleerd die ik vaak gebruik (photoshop,Vmware) en daarna een image gemaakt om deze te gebruiken wanneer het nodig is.
    Nu heeft MalwareBytes een aantal infecties gevonden nadat AVG die recent is niets kunnen vinden.
    Nu wide ik dit laten bekijken door de knappe koppen van alhier zodat ik zeker weet dat ik een schone image heb om terug te zetten wanneer dat nodig is .
    Dus ik heb malware gedraaid en infecties op laten ruimen.
    Opnieuw malware gedraaid en nu kon hij niets vinden .
    Daarna de bekende progjes van hier gedraaid en hier dan mijn logs.

    Malware log geinfecteerd.mbam-log-2013-12-08 (16-30-36).txt
    Makware log verwijderde infecties mbam-log-2013-12-08 (18-12-25) schoon.txt
    DDS LOG dds.txt

    GMER log kon ik niet als bijlage uploaden vandaar deze losse log.

    GMER 2.1.19163 -
    Rootkit scan 2013-12-08 18:37:35
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SanDisk_SDSSDHP256G rev.X2306RL 238,47GB
    Running: 2h5rvvbz.exe; Driver: C:\Users\Hans\AppData\Local\Temp\kxldipoc.sys


    ---- Threads - GMER 2.1 ----

    Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2428:3688] 000007fefac32a7c

    ---- EOF - GMER 2.1 ----


    Hoop dat dit voldoende is

  • #2
    Hoi sont en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.


    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scan
    • Klik op Clean
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Enkel de log na de "clean" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com



    Controle op updates...

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.

    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Bedankt voor de snelle reactie,
      AdwCleaner en Security check gedownd en geinstalleerd en de logjes gemaakt in de gevraagde volgorde.
      Kan alleen DDS niet met admin rechten openen. Word door windows geblokkeerd omdat het van een andere computer komt (via eigenschappen).
      Hier de logjes,

      AdwCleaner:
      # AdwCleaner v3.014 - Report created 08/12/2013 at 20:02:02
      # Updated 01/12/2013 by Xplode
      # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
      # Username : Hans - HANS-PC
      # Running from : D:\Hans\Bureaublad\adwcleaner.exe
      # Option : Clean

      ***** [ Services ] *****


      ***** [ Files / Folders ] *****


      ***** [ Shortcuts ] *****


      ***** [ Registry ] *****


      ***** [ Browsers ] *****

      -\\ Internet Explorer v11.0.9600.16428


      -\\ Mozilla Firefox v25.0.1 (nl)

      [ File : C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\byw28eqk.default\prefs.js ]


      *************************

      AdwCleaner[R0].txt - [1396 octets] - [08/12/2013 19:51:45]
      AdwCleaner[R1].txt - [883 octets] - [08/12/2013 20:01:36]
      AdwCleaner[S0].txt - [1356 octets] - [08/12/2013 19:53:35]
      AdwCleaner[S1].txt - [805 octets] - [08/12/2013 20:02:02]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [864 octets] ##########

      DDS:

      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 11.0.9600.16428
      Run by Hans at 20:04:22 on 2013-12-08
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3957.2788 [GMT 1:00]
      .
      AV: AVG Internet Security 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      SP: AVG Internet Security 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
      FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
      .
      ============== Running Processes ===============
      .
      C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
      C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\svchost.exe -k RPCSS
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Windows\system32\svchost.exe -k GPSvcGroup
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
      C:\Windows\system32\taskhost.exe
      C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
      C:\Windows\system32\Dwm.exe
      C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
      C:\Windows\Explorer.EXE
      C:\Program Files\Bonjour\mDNSResponder.exe
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
      C:\Windows\SysWOW64\vmnat.exe
      C:\Windows\SysWOW64\vmnetdhcp.exe
      C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
      C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
      C:\Program Files (x86)\iTunes\iTunesHelper.exe
      C:\Program Files (x86)\AVG\AVG2014\avgui.exe
      C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
      C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Windows\servicing\TrustedInstaller.exe
      C:\Windows\system32\SearchIndexer.exe
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\System32\svchost.exe -k LocalServicePeerNet
      C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
      C:\Windows\system32\SearchProtocolHost.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://www.google.com
      mWinlogon: Userinit = userinit.exe,
      uRun: [AdobeBridge] <no file>
      mRun: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
      mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
      mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
      mPolicies-Explorer: NoActiveDesktop = dword:1
      mPolicies-Explorer: NoActiveDesktopChanges = dword:1
      mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
      mPolicies-System: ConsentPromptBehaviorUser = dword:3
      mPolicies-System: EnableUIADesktopToggle = dword:0
      IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
      IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
      TCP: NameServer = 192.168.1.1
      TCP: Interfaces\{0757A038-EB72-4C13-A80C-DE14C6734D70} : DHCPNameServer = 192.168.1.1
      SSODL: WebCheck - <orphaned>
      x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
      x64-SSODL: WebCheck - <orphaned>
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\byw28eqk.default\
      FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/
      FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
      FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
      R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
      R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
      R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
      R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
      R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
      R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
      R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
      R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
      R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2013-9-24 1358944]
      R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
      R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
      R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-8 418376]
      R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-8 701512]
      R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-1-22 563760]
      R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
      R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-8-6 320040]
      R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-8 25928]
      R3 nuvotoncir;Nuvoton IR Transceiver;C:\Windows\System32\drivers\nuvotoncir.sys [2009-8-31 48128]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
      S3 DrvSnSht;DrvSnSht;C:\Program Files (x86)\R-Drive Image\DrvSnSht64.sys [2010-6-1 132432]
      S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-12-5 17480]
      S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-12-5 9800]
      S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-4 111616]
      S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-12-5 19152]
      S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-12-5 12504]
      S3 R-ImageDisk;R-ImageDisk;C:\Program Files (x86)\R-Drive Image\R-ImageDisk64.sys [2010-10-16 187600]
      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-4 19456]
      S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-12-4 57856]
      S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-12-4 30208]
      S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-12-4 1255736]
      .
      =============== Created Last 30 ================
      .
      2013-12-08 18:51:41 -------- d-----w- C:\AdwCleaner
      2013-12-08 15:26:18 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
      2013-12-08 15:26:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      2013-12-08 15:21:38 -------- d-----w- C:\Users\Hans\AppData\Roaming\uTorrent
      2013-12-08 13:47:13 -------- d-----w- C:\Users\Hans\AppData\Roaming\Malwarebytes
      2013-12-08 13:40:47 -------- d-----w- C:\ProgramData\Malwarebytes
      2013-12-08 13:40:36 -------- d-----w- C:\Users\Hans\AppData\Local\Programs
      2013-12-08 13:21:37 -------- d-----w- C:\Users\Hans\AppData\Roaming\AVG2014
      2013-12-08 13:21:02 -------- d--h--w- C:\$AVG
      2013-12-08 13:21:02 -------- d-----w- C:\ProgramData\AVG2014
      2013-12-08 13:20:52 -------- d-----w- C:\Program Files (x86)\AVG
      2013-12-08 13:18:45 -------- d-----w- C:\Users\Hans\AppData\Local\Avg2014
      2013-12-06 15:35:16 150392 ----a-w- C:\junction.exe
      2013-12-06 14:31:10 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
      2013-12-06 14:30:57 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
      2013-12-06 14:30:57 -------- d-----w- C:\Program Files\iTunes
      2013-12-06 14:30:57 -------- d-----w- C:\Program Files\iPod
      2013-12-06 14:30:57 -------- d-----w- C:\Program Files (x86)\iTunes
      2013-12-06 14:03:41 -------- d-----r- C:\Users\Hans\Mijn muziek
      2013-12-06 11:32:41 -------- d-----w- C:\Users\Hans\AppData\Local\Apple Computer
      2013-12-06 11:32:09 -------- d-----w- C:\Users\Hans\AppData\Local\Apple
      2013-12-06 11:31:48 -------- d-----w- C:\Program Files\Bonjour
      2013-12-06 11:31:48 -------- d-----w- C:\Program Files (x86)\Bonjour
      2013-12-06 11:00:33 -------- d-----w- C:\Users\Hans\AppData\Roaming\iFunbox_UserCache
      2013-12-06 11:00:25 -------- d-----w- C:\Program Files (x86)\i-Funbox DevTeam
      2013-12-05 22:14:09 9800 ----a-w- C:\Windows\System32\EuGdiDrv.sys
      2013-12-05 22:14:09 9160 ----a-w- C:\Windows\SysWow64\EuGdiDrv.sys
      2013-12-05 22:14:09 87112 ----a-w- C:\Windows\SysWow64\setupempdrv03.exe
      2013-12-05 22:14:09 3376640 ----a-w- C:\Windows\System32\BootMan.exe
      2013-12-05 22:14:09 2498216 ----a-w- C:\Windows\SysWow64\BootMan.exe
      2013-12-05 22:14:09 19840 ----a-w- C:\Windows\SysWow64\EuEpmGdi.dll
      2013-12-05 22:14:09 17480 ----a-w- C:\Windows\System32\epmntdrv.sys
      2013-12-05 22:14:09 16256 ----a-w- C:\Windows\System32\EuEpmGdi.dll
      2013-12-05 22:14:09 14920 ----a-w- C:\Windows\SysWow64\epmntdrv.sys
      2013-12-05 22:14:09 100936 ----a-w- C:\Windows\System32\setupempdrvx64.exe
      2013-12-05 22:14:02 -------- d-----w- C:\Program Files (x86)\EaseUS
      2013-12-05 19:39:42 3050808 ----a-w- C:\Windows\System32\pwNative.exe
      2013-12-05 19:39:41 19152 ------w- C:\Windows\System32\pwdrvio.sys
      2013-12-05 19:39:41 12504 ------w- C:\Windows\System32\pwdspio.sys
      2013-12-05 14:33:54 -------- d-----w- C:\Users\Hans\AppData\Local\Macromedia
      2013-12-05 14:21:18 1643520 ----a-w- C:\Windows\System32\DWrite.dll
      2013-12-05 14:21:18 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
      2013-12-05 00:53:02 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
      2013-12-05 00:21:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-12-05 00:21:40 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2013-12-05 00:07:49 -------- d-----w- C:\Users\Hans\AppData\Local\Adobe
      2013-12-04 22:49:44 -------- d-----w- C:\Users\Hans\AppData\Local\QuickPar
      2013-12-04 22:49:14 -------- d-----w- C:\Program Files (x86)\QuickPar
      2013-12-04 22:45:10 -------- d-----w- C:\Users\Hans\AppData\Roaming\NewsLeecher
      2013-12-04 22:44:36 -------- d-----w- C:\Program Files (x86)\NewsLeecher
      2013-12-04 22:25:49 -------- d-----w- C:\ProgramData\regid.2000-02.com.flashfxp
      2013-12-04 22:25:48 -------- d-----w- C:\Program Files (x86)\FlashFXP 4
      2013-12-04 22:25:47 -------- dc-h--w- C:\ProgramData\{8365DD82-D57E-4425-AD3C-24B9B3ECB038}
      2013-12-04 22:12:43 -------- d-----w- C:\Users\Hans\AppData\Roaming\FlashFXP
      2013-12-04 22:12:43 -------- d-----w- C:\ProgramData\FlashFXP
      2013-12-04 21:55:25 -------- d-----w- C:\Windows\Panther
      2013-12-04 20:49:30 15584 ----a-w- C:\Users\Hans\AppData\Roaming\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
      2013-12-04 20:46:48 -------- d-----w- C:\Program Files (x86)\MSECache
      2013-12-04 18:02:17 -------- d-----w- C:\Windows\PCHEALTH
      2013-12-04 18:01:13 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
      2013-12-04 18:00:59 -------- d-----w- C:\Users\Hans\AppData\Local\Microsoft Help
      2013-12-04 17:44:49 -------- d-----w- C:\Program Files (x86)\VMware
      2013-12-04 17:08:06 -------- d-----w- C:\Program Files (x86)\R-Drive Image
      2013-12-04 16:13:21 -------- d-----w- C:\Users\Hans\AppData\Roaming\TuneUp Software
      2013-12-04 16:09:48 -------- d--h--w- C:\ProgramData\Common Files
      2013-12-04 16:09:48 -------- d-----w- C:\Users\Hans\AppData\Local\MFAData
      2013-12-04 16:09:48 -------- d-----w- C:\ProgramData\MFAData
      2013-12-04 14:49:53 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
      2013-12-04 14:49:53 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
      2013-12-04 14:49:53 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
      2013-12-04 14:49:53 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
      2013-12-04 14:49:53 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
      2013-12-04 14:49:53 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
      2013-12-04 14:49:53 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
      2013-12-04 14:44:02 2871808 ----a-w- C:\Windows\explorer.exe
      2013-12-04 14:44:02 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
      2013-12-04 14:44:01 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
      2013-12-04 14:44:01 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
      2013-12-04 14:40:06 3584 ----a-w- C:\Windows\System32\drivers\nl-NL\tsusbflt.sys.mui
      2013-12-04 14:39:42 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
      2013-12-04 14:39:42 366592 ----a-w- C:\Windows\System32\qdvd.dll
      2013-12-04 14:31:14 -------- d-----w- C:\Windows\Migration
      2013-12-04 14:18:51 2560 ----a-w- C:\Windows\System32\drivers\nl-NL\wdf01000.sys.mui
      2013-12-04 14:07:17 -------- d-sh--w- C:\Windows\Installer
      2013-12-04 14:06:06 -------- d-----w- C:\Users\Hans\AppData\Local\Mozilla
      2013-12-04 14:02:58 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
      2013-12-04 13:53:55 294912 ----a-w- C:\Windows\System32\browserchoice.exe
      2013-12-04 13:52:04 -------- d-----w- C:\Windows\SysWow64\Wat
      2013-12-04 13:52:04 -------- d-----w- C:\Windows\System32\Wat
      2013-12-04 13:49:45 -------- d-----w- C:\Users\Hans\AppData\Local\Diagnostics
      2013-12-04 13:35:29 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
      2013-12-04 13:35:29 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
      2013-12-04 13:35:28 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
      2013-12-04 13:35:28 744448 ----a-w- C:\Windows\System32\WUDFx.dll
      2013-12-04 13:35:28 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
      2013-12-04 13:35:28 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
      2013-12-04 13:35:28 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
      2013-12-04 13:32:57 -------- d-----w- C:\Windows\System32\MRT
      2013-12-04 13:30:15 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
      2013-12-04 13:30:13 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{889DDFAF-5CA2-41A1-977A-97F7BFB1E23F}\mpengine.dll
      2013-12-04 13:29:38 81408 ----a-w- C:\Windows\System32\imagehlp.dll
      2013-12-04 13:29:38 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
      2013-12-04 13:29:38 5120 ----a-w- C:\Windows\System32\wmi.dll
      2013-12-04 13:29:38 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
      2013-12-04 13:29:38 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
      2013-12-04 13:24:59 1887232 ----a-w- C:\Windows\System32\d3d11.dll
      2013-12-04 13:23:59 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
      2013-12-04 13:21:50 723456 ----a-w- C:\Windows\System32\EncDec.dll
      2013-12-04 13:21:50 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
      2013-12-04 13:16:45 77312 ----a-w- C:\Windows\System32\packager.dll
      2013-12-04 13:16:45 67072 ----a-w- C:\Windows\SysWow64\packager.dll
      2013-12-04 13:12:04 2622464 ----a-w- C:\Windows\System32\wucltux.dll
      2013-12-04 13:12:01 99840 ----a-w- C:\Windows\System32\wudriver.dll
      2013-12-04 13:12:00 36864 ----a-w- C:\Windows\System32\wuapp.exe
      2013-12-04 13:12:00 186752 ----a-w- C:\Windows\System32\wuwebv.dll
      .
      ==================== Find3M ====================
      .
      2013-12-04 14:02:58 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
      2013-11-19 02:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe
      2013-11-05 20:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
      2013-11-04 20:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
      2013-10-31 22:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
      2013-10-31 21:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
      2013-10-24 21:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
      2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
      2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
      2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
      2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
      2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
      2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
      2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
      2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
      2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
      2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
      2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
      2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
      2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
      2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
      2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
      2013-09-30 23:52:08 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
      2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
      2013-09-26 08:44:54 57144 ----a-w- C:\Windows\System32\drivers\avgfwd6a.sys
      2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
      2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
      2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
      2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
      2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
      2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
      2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
      2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
      2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
      2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
      2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
      2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
      2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
      2013-09-11 20:21:54 863344 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
      2013-09-11 20:21:54 501872 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
      2013-09-11 20:21:54 28776 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
      2013-09-11 20:21:54 18000 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
      2013-09-11 18:39:06 855664 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
      2013-09-11 18:39:06 614000 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
      2013-09-11 18:39:06 30312 ----a-w- C:\Windows\System32\aspnet_counters.dll
      2013-09-11 18:39:06 18000 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
      2013-09-09 23:43:02 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
      .
      ============= FINISH: 20:04:44,37 ===============

      Security Check:

      Results of screen317's Security Check version 0.99.77
      Windows 7 Service Pack 1 x64 (UAC is enabled)
      Internet Explorer 11
      ``````````````Antivirus/Firewall Check:``````````````
      AVG Internet Security 2014
      Antivirus up to date!
      `````````Anti-malware/Other Utilities Check:`````````
      Adobe Flash Player 11.9.900.152
      Mozilla Firefox (25.0.1)
      ````````Process Check: objlist.exe by Laurent````````
      Malwarebytes Anti-Malware mbamservice.exe
      Malwarebytes Anti-Malware mbamgui.exe
      AVG avgwdsvc.exe
      Malwarebytes' Anti-Malware mbamscheduler.exe
      `````````````````System Health check`````````````````
      Total Fragmentation on Drive C: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)
      ````````````````````End of Log``````````````````````

      Comment


      • #4
        Download of Update Ccleaner

        Start CCleaner op.
        • Run Ccleaner en klik in de linkse kolom op Opties
        • Selecteer het tabblad Geavanceerd
        • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
        • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
        • Selecteer het tabblad Instellingen
        • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
        • Klik in de linkse kolom op Cleaner.
        • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
        • Klik vervolgens in de linkse kolom op Register
        • Klik op Scan naar problemen.
        • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen
        • Hier kan de vraag verschijnen of je je register wil backuppen.Antwoord met Ja en OK



        Download Combofix naar je bureaublad.

        Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
        Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.


        Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.


        Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
        Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

        Als Combofix vraagt om een update, dan staat je dit toe.

        Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
        Deze kan je vinden als C:\combofix.txt.

        Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

        * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
        • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
        • Illegal operation attempted on a registry key that has been marked for deletion.
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Combofix log:

          ComboFix 13-12-08.01 - Hans 09-12-2013 17:06:28.1.4 - x64
          Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3957.2327 [GMT 1:00]
          Gestart vanuit: e:\internet downloads\ComboFix.exe
          AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
          FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
          SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
          SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          * Nieuw herstelpunt werd aangemaakt
          .
          .
          (((((((((((((((((((( Bestanden Gemaakt van 2013-11-09 to 2013-12-09 ))))))))))))))))))))))))))))))
          .
          .
          2013-12-09 16:15 . 2013-12-09 16:15 -------- d-----w- c:\users\Default\AppData\Local\temp
          2013-12-09 15:58 . 2013-12-09 15:58 -------- d-----w- c:\program files\CCleaner
          2013-12-08 18:51 . 2013-12-08 19:02 -------- d-----w- C:\AdwCleaner
          2013-12-08 15:26 . 2013-12-08 15:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
          2013-12-08 15:26 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
          2013-12-08 13:40 . 2013-12-08 13:40 -------- d-----w- c:\programdata\Malwarebytes
          2013-12-08 13:21 . 2013-12-08 13:21 -------- d-----w- c:\programdata\AVG2014
          2013-12-08 13:21 . 2013-12-08 13:21 -------- d-----w- C:\$AVG
          2013-12-08 13:20 . 2013-12-08 13:20 -------- d-----w- c:\program files (x86)\AVG
          2013-12-06 15:35 . 2010-09-07 14:39 150392 ----a-w- C:\junction.exe
          2013-12-06 14:31 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
          2013-12-06 14:30 . 2013-12-06 14:31 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
          2013-12-06 14:30 . 2013-12-06 14:31 -------- d-----w- c:\program files\iTunes
          2013-12-06 14:30 . 2013-12-06 14:31 -------- d-----w- c:\program files (x86)\iTunes
          2013-12-06 14:30 . 2013-12-06 14:30 -------- d-----w- c:\program files\iPod
          2013-12-06 11:32 . 2013-12-06 14:31 -------- dc----w- c:\windows\system32\DRVSTORE
          2013-12-06 11:32 . 2013-12-06 11:32 -------- d-----w- c:\programdata\Apple Computer
          2013-12-06 11:32 . 2013-12-06 11:32 -------- d-----w- c:\program files (x86)\Apple Software Update
          2013-12-06 11:31 . 2013-12-06 11:31 -------- d-----w- c:\program files\Common Files\Apple
          2013-12-06 11:31 . 2013-12-06 11:31 -------- d-----w- c:\program files\Bonjour
          2013-12-06 11:31 . 2013-12-06 11:31 -------- d-----w- c:\program files (x86)\Bonjour
          2013-12-06 11:31 . 2013-12-06 14:30 -------- d-----w- c:\program files (x86)\Common Files\Apple
          2013-12-06 11:31 . 2013-12-06 11:32 -------- d-----w- c:\programdata\Apple
          2013-12-06 11:00 . 2013-12-06 11:00 -------- d-----w- c:\program files (x86)\i-Funbox DevTeam
          2013-12-05 22:14 . 2013-04-11 13:10 2498216 ----a-w- c:\windows\SysWow64\BootMan.exe
          2013-12-05 22:14 . 2013-03-28 18:02 3376640 ----a-w- c:\windows\system32\BootMan.exe
          2013-12-05 22:14 . 2013-03-07 08:49 9160 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys
          2013-12-05 22:14 . 2013-03-07 08:49 87112 ----a-w- c:\windows\SysWow64\setupempdrv03.exe
          2013-12-05 22:14 . 2013-03-07 08:49 14920 ----a-w- c:\windows\SysWow64\epmntdrv.sys
          2013-12-05 22:14 . 2013-03-07 08:49 9800 ----a-w- c:\windows\system32\EuGdiDrv.sys
          2013-12-05 22:14 . 2013-03-07 08:49 17480 ----a-w- c:\windows\system32\epmntdrv.sys
          2013-12-05 22:14 . 2013-03-07 08:49 100936 ----a-w- c:\windows\system32\setupempdrvx64.exe
          2013-12-05 22:14 . 2013-03-07 08:49 16256 ----a-w- c:\windows\system32\EuEpmGdi.dll
          2013-12-05 22:14 . 2013-03-07 08:49 19840 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll
          2013-12-05 22:14 . 2013-12-05 22:14 -------- d-----w- c:\program files (x86)\EaseUS
          2013-12-05 19:39 . 2013-09-30 15:26 3050808 ----a-w- c:\windows\system32\pwNative.exe
          2013-12-05 19:39 . 2013-09-30 15:26 19152 ------w- c:\windows\system32\pwdrvio.sys
          2013-12-05 19:39 . 2013-09-30 15:26 12504 ------w- c:\windows\system32\pwdspio.sys
          2013-12-05 14:21 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
          2013-12-05 14:21 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
          2013-12-05 00:53 . 2013-12-05 00:53 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
          2013-12-05 00:51 . 2013-12-05 00:52 -------- d-----w- c:\program files\Adobe
          2013-12-05 00:48 . 2013-12-05 00:52 -------- d-----w- c:\program files\Common Files\Adobe
          2013-12-05 00:21 . 2013-12-05 00:21 -------- d-----w- c:\programdata\McAfee
          2013-12-05 00:21 . 2013-12-05 00:21 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
          2013-12-05 00:21 . 2013-12-05 00:21 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
          2013-12-05 00:21 . 2013-12-05 00:21 -------- d-----w- c:\windows\SysWow64\Macromed
          2013-12-05 00:21 . 2013-12-05 00:21 -------- d-----w- c:\windows\system32\Macromed
          2013-12-05 00:09 . 2013-12-05 01:04 -------- d-----w- c:\program files (x86)\Common Files\Adobe
          2013-12-04 22:49 . 2013-12-04 22:49 -------- d-----w- c:\program files (x86)\QuickPar
          2013-12-04 22:44 . 2013-12-04 22:44 -------- d-----w- c:\program files (x86)\NewsLeecher
          2013-12-04 22:25 . 2013-12-04 22:25 -------- d-----w- c:\programdata\regid.2000-02.com.flashfxp
          2013-12-04 22:25 . 2013-12-04 22:25 -------- d-----w- c:\program files (x86)\FlashFXP 4
          2013-12-04 22:25 . 2013-12-04 22:25 -------- dc-h--w- c:\programdata\{8365DD82-D57E-4425-AD3C-24B9B3ECB038}
          2013-12-04 22:12 . 2013-12-04 22:12 -------- d-----w- c:\programdata\FlashFXP
          2013-12-04 21:55 . 2013-12-09 16:01 -------- d-----w- c:\windows\Panther
          2013-12-04 20:46 . 2013-12-04 20:46 -------- d-----w- c:\program files (x86)\MSECache
          2013-12-04 20:10 . 2013-12-04 20:10 -------- d-----w- c:\program files\Microsoft Silverlight
          2013-12-04 20:10 . 2013-12-04 20:10 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
          2013-12-04 18:02 . 2013-12-04 18:02 -------- d-----w- c:\program files (x86)\Microsoft Works
          2013-12-04 18:02 . 2013-12-04 18:02 -------- d-----w- c:\windows\PCHEALTH
          2013-12-04 18:01 . 2013-12-04 18:01 -------- d-----w- c:\program files\Microsoft Office
          2013-12-04 18:01 . 2013-12-04 18:01 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
          2013-12-04 18:00 . 2013-12-04 18:03 -------- d-----w- c:\programdata\Microsoft Help
          2013-12-04 18:00 . 2013-12-04 18:00 -------- d-----r- C:\MSOCache
          2013-12-04 17:44 . 2013-12-09 15:20 -------- d-----w- c:\programdata\VMware
          2013-12-04 17:44 . 2013-12-04 17:44 -------- d-----w- c:\program files (x86)\VMware
          2013-12-04 17:08 . 2013-12-06 17:07 -------- d-----w- c:\program files (x86)\R-Drive Image
          2013-12-04 16:09 . 2013-12-09 15:26 -------- d-----w- c:\programdata\MFAData
          2013-12-04 16:09 . 2013-12-04 16:09 -------- d--h--w- c:\programdata\Common Files
          2013-12-04 14:49 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
          2013-12-04 14:49 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
          2013-12-04 14:49 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
          2013-12-04 14:49 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
          2013-12-04 14:49 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
          2013-12-04 14:49 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
          2013-12-04 14:49 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
          2013-12-04 14:44 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
          2013-12-04 14:44 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
          2013-12-04 14:44 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
          2013-12-04 14:44 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
          2013-12-04 14:40 . 2012-08-23 15:28 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui
          2013-12-04 14:39 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
          2013-12-04 14:39 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
          2013-12-04 14:31 . 2013-12-04 14:31 -------- d-----w- c:\windows\Migration
          2013-12-04 14:30 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
          2013-12-04 14:18 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-NL\wdf01000.sys.mui
          2013-12-04 14:07 . 2013-12-04 18:02 -------- d-----w- c:\program files (x86)\Microsoft.NET
          2013-12-04 14:07 . 2013-12-08 13:21 -------- d-sh--w- c:\windows\Installer
          2013-12-04 13:53 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
          2013-12-04 13:52 . 2013-12-04 13:52 -------- d-----w- c:\windows\SysWow64\Wat
          2013-12-04 13:52 . 2013-12-04 13:52 -------- d-----w- c:\windows\system32\Wat
          2013-12-04 13:35 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
          2013-12-04 13:35 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
          2013-12-04 13:35 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
          2013-12-04 13:35 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
          2013-12-04 13:35 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
          2013-12-04 13:35 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
          2013-12-04 13:35 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
          2013-12-04 13:32 . 2013-12-04 13:33 -------- d-----w- c:\windows\system32\MRT
          2013-12-04 13:30 . 2013-11-18 00:28 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{889DDFAF-5CA2-41A1-977A-97F7BFB1E23F}\mpengine.dll
          2013-12-04 13:29 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
          2013-12-04 13:29 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
          2013-12-04 13:29 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
          2013-12-04 13:29 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
          2013-12-04 13:29 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
          2013-12-04 13:24 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
          2013-12-04 13:23 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll
          2013-12-04 13:21 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
          2013-12-04 13:21 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
          2013-12-04 13:16 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
          2013-12-04 13:16 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
          2013-12-04 13:12 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
          2013-12-04 13:12 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
          2013-12-04 13:12 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
          2013-12-04 13:12 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
          2013-12-04 13:12 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
          2013-12-04 13:12 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
          2013-12-04 13:12 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
          2013-12-04 13:12 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
          2013-12-04 13:12 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
          .
          .
          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2013-11-19 02:33 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
          2013-11-05 20:55 . 2013-11-05 20:55 150808 ----a-w- c:\windows\system32\drivers\avgdiska.sys
          2013-11-04 20:52 . 2013-11-04 20:52 240920 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
          2013-10-31 22:00 . 2013-10-31 22:00 212280 ----a-w- c:\windows\system32\drivers\avgldx64.sys
          2013-10-31 21:49 . 2013-10-31 21:49 294712 ----a-w- c:\windows\system32\drivers\avgloga.sys
          2013-10-24 21:25 . 2013-10-24 21:25 194872 ----a-w- c:\windows\system32\drivers\avgidsha.sys
          2013-09-30 23:52 . 2013-09-30 23:52 123704 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
          2013-09-26 08:44 . 2013-09-26 08:44 57144 ----a-w- c:\windows\system32\drivers\avgfwd6a.sys
          2013-09-11 20:21 . 2013-09-11 20:21 863344 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
          2013-09-11 20:21 . 2013-09-11 20:21 501872 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
          2013-09-11 20:21 . 2013-09-11 20:21 28776 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
          2013-09-11 20:21 . 2013-09-11 20:21 18000 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
          2013-09-11 18:39 . 2013-09-11 18:39 855664 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
          2013-09-11 18:39 . 2013-09-11 18:39 614000 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
          2013-09-11 18:39 . 2013-09-11 18:39 30312 ----a-w- c:\windows\system32\aspnet_counters.dll
          2013-09-11 18:39 . 2013-09-11 18:39 18000 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
          .
          .
          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
          REGEDIT4
          .
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
          "vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2010-01-22 129584]
          "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
          "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
          "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
          "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
          "AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-07 4956176]
          .
          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
          "ConsentPromptBehaviorAdmin"= 5 (0x5)
          "ConsentPromptBehaviorUser"= 3 (0x3)
          "EnableUIADesktopToggle"= 0 (0x0)
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
          "LoadAppInit_DLLs"=1 (0x1)
          .
          [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
          "aux1"=wdmaud.drv
          .
          R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
          R3 DrvSnSht;DrvSnSht;c:\program files (x86)\R-Drive Image\DrvSnSht64.sys;c:\program files (x86)\R-Drive Image\DrvSnSht64.sys [x]
          R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
          R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
          R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
          R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
          R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
          R3 R-ImageDisk;R-ImageDisk;c:\program files (x86)\R-Drive Image\R-ImageDisk64.sys;c:\program files (x86)\R-Drive Image\R-ImageDisk64.sys [x]
          R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
          R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
          R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
          R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
          R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
          S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
          S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
          S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
          S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
          S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
          S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
          S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS \avgidsdrivera.sys [x]
          S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
          S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
          S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2014\avgfws.exe;c:\program files (x86)\AVG\AVG2014\avgfws.exe [x]
          S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
          S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
          S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
          S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
          S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys;c:\windows\SYSNATIVE\drivers\vmci.sys [x]
          S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [x]
          S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
          S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
          S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
          S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys;c:\windows\SYSNATIVE\DRIVERS\nuvotoncir.sys [x]
          .
          .
          .
          --------- X64 Entries -----------
          .
          .
          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-09-25 472984]
          .
          ------- Bijkomende Scan -------
          .
          uLocal Page = c:\windows\system32\blank.htm
          uStart Page = hxxp://www.google.com
          mLocal Page = c:\windows\SysWOW64\blank.htm
          uInternet Settings,ProxyOverride = *.local
          IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
          TCP: DhcpNameServer = 192.168.1.1
          FF - ProfilePath - c:\users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\byw28eqk.default\
          FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/
          .
          - - - - ORPHANS VERWIJDERD - - - -
          .
          Wow6432Node-HKCU-Run-AdobeBridge - (no file)
          HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
          .
          .
          .
          --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
          .
          [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
          @Denied: (Full) (Everyone)
          .
          Voltooingstijd: 2013-12-09 17:17:21
          ComboFix-quarantined-files.txt 2013-12-09 16:17
          .
          Pre-Run: 229.860.274.176 bytes beschikbaar
          Post-Run: 229.701.599.232 bytes beschikbaar
          .
          - - End Of File - - B23CC71088982BFB3A91B11938886C35
          A36C5E4F47E84449FF07ED3517B43A31


          DDS log:

          DDS (Ver_2012-11-20.01) - NTFS_AMD64
          Internet Explorer: 11.0.9600.16428
          Run by Hans at 17:19:07 on 2013-12-09
          Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3957.2295 [GMT 1:00]
          .
          AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
          SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
          FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
          .
          ============== Running Processes ===============
          .
          C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
          C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          C:\Windows\system32\svchost.exe -k RPCSS
          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
          C:\Windows\system32\svchost.exe -k LocalService
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Windows\system32\svchost.exe -k GPSvcGroup
          C:\Windows\system32\svchost.exe -k NetworkService
          C:\Windows\System32\spoolsv.exe
          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
          C:\Windows\system32\taskhost.exe
          C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
          C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
          C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
          C:\Windows\system32\Dwm.exe
          C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
          C:\Program Files\Bonjour\mDNSResponder.exe
          C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
          C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
          C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
          C:\Windows\SysWOW64\vmnat.exe
          C:\Windows\SysWOW64\vmnetdhcp.exe
          C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
          C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
          C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
          C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
          C:\Program Files (x86)\iTunes\iTunesHelper.exe
          C:\Program Files (x86)\AVG\AVG2014\avgui.exe
          C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
          C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
          C:\Program Files\iPod\bin\iPodService.exe
          C:\Windows\system32\SearchIndexer.exe
          C:\Program Files\Windows Media Player\wmpnetwk.exe
          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
          C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
          C:\Windows\System32\svchost.exe -k LocalServicePeerNet
          C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
          C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
          C:\Program Files (x86)\AVG\AVG2014\avgcsrvx.exe
          C:\Windows\system32\SearchProtocolHost.exe
          C:\Windows\system32\SearchFilterHost.exe
          C:\Windows\explorer.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Windows\System32\cscript.exe
          .
          ============== Pseudo HJT Report ===============
          .
          uStart Page = hxxp://www.google.com
          mRun: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
          mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
          mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
          mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
          mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
          mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
          uPolicies-Explorer: NoDrives = dword:0
          mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
          mPolicies-Explorer: NoDrives = dword:0
          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
          mPolicies-System: ConsentPromptBehaviorUser = dword:3
          mPolicies-System: EnableUIADesktopToggle = dword:0
          IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
          IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
          TCP: NameServer = 192.168.1.1
          TCP: Interfaces\{0757A038-EB72-4C13-A80C-DE14C6734D70} : DHCPNameServer = 192.168.1.1
          SSODL: WebCheck - <orphaned>
          x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
          x64-SSODL: WebCheck - <orphaned>
          .
          ================= FIREFOX ===================
          .
          FF - ProfilePath - C:\Users\Hans\AppData\Roaming\Mozilla\Firefox\Profiles\byw28eqk.default\
          FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/
          FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
          FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
          .
          ============= SERVICES / DRIVERS ===============
          .
          R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
          R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
          R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
          R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
          R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
          R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
          R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
          R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
          R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
          R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2013-9-24 1358944]
          R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
          R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
          R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-8 418376]
          R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-8 701512]
          R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-1-22 563760]
          R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
          R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-8-6 320040]
          R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-8 25928]
          R3 nuvotoncir;Nuvoton IR Transceiver;C:\Windows\System32\drivers\nuvotoncir.sys [2009-8-31 48128]
          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
          S3 DrvSnSht;DrvSnSht;C:\Program Files (x86)\R-Drive Image\DrvSnSht64.sys [2010-6-1 132432]
          S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2013-12-5 17480]
          S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2013-12-5 9800]
          S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-4 111616]
          S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-12-5 19152]
          S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-12-5 12504]
          S3 R-ImageDisk;R-ImageDisk;C:\Program Files (x86)\R-Drive Image\R-ImageDisk64.sys [2010-10-16 187600]
          S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-4 19456]
          S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-12-4 57856]
          S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-12-4 30208]
          S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-12-4 1255736]
          .
          =============== Created Last 30 ================
          .
          2013-12-09 16:17:32 -------- d-sh--w- C:\$RECYCLE.BIN
          2013-12-09 15:58:03 -------- d-----w- C:\Program Files\CCleaner
          2013-12-09 15:57:29 98816 ----a-w- C:\Windows\sed.exe
          2013-12-09 15:57:29 256000 ----a-w- C:\Windows\PEV.exe
          2013-12-09 15:57:29 208896 ----a-w- C:\Windows\MBR.exe
          2013-12-08 18:51:41 -------- d-----w- C:\AdwCleaner
          2013-12-08 15:26:18 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
          2013-12-08 15:26:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
          2013-12-08 15:21:38 -------- d-----w- C:\Users\Hans\AppData\Roaming\uTorrent
          2013-12-08 13:47:13 -------- d-----w- C:\Users\Hans\AppData\Roaming\Malwarebytes
          2013-12-08 13:40:47 -------- d-----w- C:\ProgramData\Malwarebytes
          2013-12-08 13:40:36 -------- d-----w- C:\Users\Hans\AppData\Local\Programs
          2013-12-08 13:21:37 -------- d-----w- C:\Users\Hans\AppData\Roaming\AVG2014
          2013-12-08 13:21:02 -------- d-----w- C:\ProgramData\AVG2014
          2013-12-08 13:21:02 -------- d-----w- C:\$AVG
          2013-12-08 13:20:52 -------- d-----w- C:\Program Files (x86)\AVG
          2013-12-08 13:18:45 -------- d-----w- C:\Users\Hans\AppData\Local\Avg2014
          2013-12-06 15:35:16 150392 ----a-w- C:\junction.exe
          2013-12-06 14:31:10 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
          2013-12-06 14:30:57 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
          2013-12-06 14:30:57 -------- d-----w- C:\Program Files\iTunes
          2013-12-06 14:30:57 -------- d-----w- C:\Program Files\iPod
          2013-12-06 14:30:57 -------- d-----w- C:\Program Files (x86)\iTunes
          2013-12-06 14:03:41 -------- d-----r- C:\Users\Hans\Mijn muziek
          2013-12-06 11:32:41 -------- d-----w- C:\Users\Hans\AppData\Local\Apple Computer
          2013-12-06 11:32:09 -------- d-----w- C:\Users\Hans\AppData\Local\Apple
          2013-12-06 11:31:48 -------- d-----w- C:\Program Files\Bonjour
          2013-12-06 11:31:48 -------- d-----w- C:\Program Files (x86)\Bonjour
          2013-12-06 11:00:33 -------- d-----w- C:\Users\Hans\AppData\Roaming\iFunbox_UserCache
          2013-12-06 11:00:25 -------- d-----w- C:\Program Files (x86)\i-Funbox DevTeam
          2013-12-05 22:14:09 9800 ----a-w- C:\Windows\System32\EuGdiDrv.sys
          2013-12-05 22:14:09 9160 ----a-w- C:\Windows\SysWow64\EuGdiDrv.sys
          2013-12-05 22:14:09 87112 ----a-w- C:\Windows\SysWow64\setupempdrv03.exe
          2013-12-05 22:14:09 3376640 ----a-w- C:\Windows\System32\BootMan.exe
          2013-12-05 22:14:09 2498216 ----a-w- C:\Windows\SysWow64\BootMan.exe
          2013-12-05 22:14:09 19840 ----a-w- C:\Windows\SysWow64\EuEpmGdi.dll
          2013-12-05 22:14:09 17480 ----a-w- C:\Windows\System32\epmntdrv.sys
          2013-12-05 22:14:09 16256 ----a-w- C:\Windows\System32\EuEpmGdi.dll
          2013-12-05 22:14:09 14920 ----a-w- C:\Windows\SysWow64\epmntdrv.sys
          2013-12-05 22:14:09 100936 ----a-w- C:\Windows\System32\setupempdrvx64.exe
          2013-12-05 22:14:02 -------- d-----w- C:\Program Files (x86)\EaseUS
          2013-12-05 19:39:42 3050808 ----a-w- C:\Windows\System32\pwNative.exe
          2013-12-05 19:39:41 19152 ------w- C:\Windows\System32\pwdrvio.sys
          2013-12-05 19:39:41 12504 ------w- C:\Windows\System32\pwdspio.sys
          2013-12-05 14:33:54 -------- d-----w- C:\Users\Hans\AppData\Local\Macromedia
          2013-12-05 14:21:18 1643520 ----a-w- C:\Windows\System32\DWrite.dll
          2013-12-05 14:21:18 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
          2013-12-05 00:53:02 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
          2013-12-05 00:21:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
          2013-12-05 00:21:40 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
          2013-12-05 00:07:49 -------- d-----w- C:\Users\Hans\AppData\Local\Adobe
          2013-12-04 22:49:44 -------- d-----w- C:\Users\Hans\AppData\Local\QuickPar
          2013-12-04 22:49:14 -------- d-----w- C:\Program Files (x86)\QuickPar
          2013-12-04 22:45:10 -------- d-----w- C:\Users\Hans\AppData\Roaming\NewsLeecher
          2013-12-04 22:44:36 -------- d-----w- C:\Program Files (x86)\NewsLeecher
          2013-12-04 22:25:49 -------- d-----w- C:\ProgramData\regid.2000-02.com.flashfxp
          2013-12-04 22:25:48 -------- d-----w- C:\Program Files (x86)\FlashFXP 4
          2013-12-04 22:25:47 -------- dc-h--w- C:\ProgramData\{8365DD82-D57E-4425-AD3C-24B9B3ECB038}
          2013-12-04 22:12:43 -------- d-----w- C:\Users\Hans\AppData\Roaming\FlashFXP
          2013-12-04 22:12:43 -------- d-----w- C:\ProgramData\FlashFXP
          2013-12-04 21:55:25 -------- d-----w- C:\Windows\Panther
          2013-12-04 20:49:30 15584 ----a-w- C:\Users\Hans\AppData\Roaming\Microsoft\IdentityCRL\Production\ppcrlconfig.dll
          2013-12-04 20:46:48 -------- d-----w- C:\Program Files (x86)\MSECache
          2013-12-04 18:02:17 -------- d-----w- C:\Windows\PCHEALTH
          2013-12-04 18:01:13 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
          2013-12-04 18:00:59 -------- d-----w- C:\Users\Hans\AppData\Local\Microsoft Help
          2013-12-04 17:44:49 -------- d-----w- C:\Program Files (x86)\VMware
          2013-12-04 17:08:06 -------- d-----w- C:\Program Files (x86)\R-Drive Image
          2013-12-04 16:13:21 -------- d-----w- C:\Users\Hans\AppData\Roaming\TuneUp Software
          2013-12-04 16:09:48 -------- d--h--w- C:\ProgramData\Common Files
          2013-12-04 16:09:48 -------- d-----w- C:\Users\Hans\AppData\Local\MFAData
          2013-12-04 16:09:48 -------- d-----w- C:\ProgramData\MFAData
          2013-12-04 14:49:53 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
          2013-12-04 14:49:53 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
          2013-12-04 14:49:53 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
          2013-12-04 14:49:53 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
          2013-12-04 14:49:53 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
          2013-12-04 14:49:53 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
          2013-12-04 14:49:53 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
          2013-12-04 14:44:02 2871808 ----a-w- C:\Windows\explorer.exe
          2013-12-04 14:44:02 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
          2013-12-04 14:44:01 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
          2013-12-04 14:44:01 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
          2013-12-04 14:40:06 3584 ----a-w- C:\Windows\System32\drivers\nl-NL\tsusbflt.sys.mui
          2013-12-04 14:39:42 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
          2013-12-04 14:39:42 366592 ----a-w- C:\Windows\System32\qdvd.dll
          2013-12-04 14:31:14 -------- d-----w- C:\Windows\Migration
          2013-12-04 14:18:51 2560 ----a-w- C:\Windows\System32\drivers\nl-NL\wdf01000.sys.mui
          2013-12-04 14:07:17 -------- d-sh--w- C:\Windows\Installer
          2013-12-04 14:06:06 -------- d-----w- C:\Users\Hans\AppData\Local\Mozilla
          2013-12-04 14:02:58 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
          2013-12-04 13:53:55 294912 ----a-w- C:\Windows\System32\browserchoice.exe
          2013-12-04 13:52:04 -------- d-----w- C:\Windows\SysWow64\Wat
          2013-12-04 13:52:04 -------- d-----w- C:\Windows\System32\Wat
          2013-12-04 13:49:45 -------- d-----w- C:\Users\Hans\AppData\Local\Diagnostics
          2013-12-04 13:35:29 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
          2013-12-04 13:35:29 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
          2013-12-04 13:35:28 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
          2013-12-04 13:35:28 744448 ----a-w- C:\Windows\System32\WUDFx.dll
          2013-12-04 13:35:28 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
          2013-12-04 13:35:28 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
          2013-12-04 13:35:28 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
          2013-12-04 13:32:57 -------- d-----w- C:\Windows\System32\MRT
          2013-12-04 13:30:15 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
          2013-12-04 13:30:13 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{889DDFAF-5CA2-41A1-977A-97F7BFB1E23F}\mpengine.dll
          2013-12-04 13:29:38 81408 ----a-w- C:\Windows\System32\imagehlp.dll
          2013-12-04 13:29:38 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
          2013-12-04 13:29:38 5120 ----a-w- C:\Windows\System32\wmi.dll
          2013-12-04 13:29:38 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
          2013-12-04 13:29:38 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
          2013-12-04 13:24:59 1887232 ----a-w- C:\Windows\System32\d3d11.dll
          2013-12-04 13:23:59 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
          2013-12-04 13:21:50 723456 ----a-w- C:\Windows\System32\EncDec.dll
          2013-12-04 13:21:50 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
          2013-12-04 13:16:45 77312 ----a-w- C:\Windows\System32\packager.dll
          2013-12-04 13:16:45 67072 ----a-w- C:\Windows\SysWow64\packager.dll
          2013-12-04 13:12:04 2622464 ----a-w- C:\Windows\System32\wucltux.dll
          2013-12-04 13:12:01 99840 ----a-w- C:\Windows\System32\wudriver.dll
          2013-12-04 13:12:00 36864 ----a-w- C:\Windows\System32\wuapp.exe
          2013-12-04 13:12:00 186752 ----a-w- C:\Windows\System32\wuwebv.dll
          .
          ==================== Find3M ====================
          .
          2013-12-04 14:02:58 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
          2013-11-19 02:33:38 267936 ------w- C:\Windows\System32\MpSigStub.exe
          2013-11-05 20:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
          2013-11-04 20:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
          2013-10-31 22:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
          2013-10-31 21:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
          2013-10-24 21:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
          2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
          2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
          2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
          2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
          2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
          2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
          2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
          2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
          2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
          2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
          2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
          2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
          2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
          2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
          2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
          2013-09-30 23:52:08 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
          2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
          2013-09-26 08:44:54 57144 ----a-w- C:\Windows\System32\drivers\avgfwd6a.sys
          2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
          2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
          2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
          2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
          2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
          2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
          2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
          2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
          2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
          2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
          2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
          2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
          2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
          2013-09-11 20:21:54 863344 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
          2013-09-11 20:21:54 501872 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
          2013-09-11 20:21:54 28776 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
          2013-09-11 20:21:54 18000 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
          2013-09-11 18:39:06 855664 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
          2013-09-11 18:39:06 614000 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
          2013-09-11 18:39:06 30312 ----a-w- C:\Windows\System32\aspnet_counters.dll
          2013-09-11 18:39:06 18000 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
          .
          ============= FINISH: 17:19:21,50 ===============

          Alstu.

          Comment


          • #6
            Dit ziet er goed uit.
            Zijn er nog problemen?
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              Nee problemen zijn er niet,naar wat ik ervaar . Het feit dat het er iemand naar gekeken en advies heeft gegeven die er meer verstand van heeft dan ik, doet me goed . Ik kan er nu van uit gaan dat als de progjes zoals dds en cc cleaner verwijderd worden, de schijf als een veilige image weg kan zetten?

              Comment


              • #8
                Zeker

                Je pc is clean.

                1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                4) Allerlei tips en hints kan je hier raadplegen.


                Ik zet het topic op opgelost.

                Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden
                naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                Dit is gedaan om het forum netjes en overzichtelijk te houden.

                Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                Emphyrio
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Allereerst hartstikke bedankt voor het inzetten van jullie kennis.Ik ben er zeer blij mee en zal de losse tooltjes wel in een mapje bewaren op de externe schijf.
                  Ik zal de aanbevelingen doornemen en zal zeker overwegen om een donatie te doen! Nu eerst een image maken en dan kom ik terug.
                  Nogmaals bedankt voor jullie tomeloze inzet.TOP!!

                  Comment


                  • #10
                    Graag gedaan
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Was nog iets vergeten

                      Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

                      ComboFix /Uninstall

                      Zorg ervoor dat er dus een spatie is tussen Combofix en /
                      Daarna klik je op Enter.


                      Klik op de afbeelding om te vergroten....


                      Dit zal Combofix verwijderen+gerelateerde mappen en bestanden,
                      herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies,
                      gaat verborgen bestanden en systeembestanden terug verbergen
                      en reset je Systeemherstel opnieuw.



                      .
                      Emphyrio
                      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                      Comment


                      • #12
                        Donatie geregeld. 2Gb ram geheugen erbij gepropt en gaan met die banaan. Dit mag op slot wat mij betreft .
                        Bedankt nogmaals en misschien tot de volgende keer.

                        Comment


                        • #13
                          Op slot doen, doen we niet. Het topic staat op "Opgelost"

                          En...graag gedaan
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment

                          Sorry, you are not authorized to view this page
                          Working...
                          X