Mededeling

Collapse
No announcement yet.

PC loopt vaak vast

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • PC loopt vaak vast

    Hallo,

    Recentelijk komt het steeds vaker voor dat mijn computer vast loopt en dat ik de computer wel geforceerd moet afsluiten door op het aan-/uitknopje te drukken. Ik kan echter wel wachten, maar dit kan een aantal uur duren en daar ik heb simpelweg niet de tijd voor.

    Het begint meestal met dat internet het niet meer doet, sites willen niet meer laden. Een aantal minuten later kan ik geen programma's meer aanklikken en uiteindelijk kleurt de (taak?)balk onderin het scherm lichtblauw en kan ik die ook niet meer aanklikken. Er is dan altijd 1 programma dat aangeeft dat het 'niet reageert'. Soms geeft hij de melding dat 'Windows' is vastgelopen en dat je het proces kunt stoppen of wachten tot het reageert. Ik heb geen enkel idee wat de oorzaak van dit probleem zou kunnen zijn, maar ik wil het wel graag weg hebben aangezien het me zwaar hindert.

    Ik weet trouwens niet zeker of dit een virusinfectie is of een fout in Windows zelf.

    In de bijlage heb ik de drie bestanden bijgevoegd. Een MBAM-logje, een DDS-logje en een GMER-logje.

    Als er nog vragen zijn, dan hoor ik het wel.

    Met vriendelijke groet,

    Mick Tuit
    Bijgevoegde Bestanden
    Last edited by leeuw00100; 29-12-13, 22:45.

  • #2
    Hoi leeuw00100 en welkom op Nucia Security Forum,

    Zoals je zelf al aangeeft bestaat de kans dat we hier eerder te maken hebben met een Windows probleem.
    Voor de goede orde echter kunnen we voor de zekerheid je pc even grondig analyzeren zodat we die piste (malware) kunnen uitsluiten.

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Stap 1:

    Malware scannen en verwijderen....

    Heb je MBAM reeds op je pc staan, moet je niet downloaden uiteraard.

    Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links:
    .
    .
    Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    .
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

    .
    Zodra het programma gestart is, ga je naar het tabblad "Instellingen"
    .
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
      Indien het veel items zijn, kan je in het venster rechtsklikken en "alle items selecteren" kiezen.
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    .
    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!
    .
    .
    ___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scan
    • Klik op Clean
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner\AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Enkel de log na de "clean" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

    ___________________________________________________________

    Stap 4:

    Controle op updates...

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.

    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Hallo, hier de bestandjes.

      MBAM Log:

      Malwarebytes Anti-Malware 1.75.0.1300
      www.malwarebytes.org

      Databaseversie: v2013.12.30.08

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 10.0.9200.16750
      Mick :: MICK-PC [administrator]

      31-12-2013 1:03:36
      mbam-log-2013-12-31 (01-03-36).txt

      Scan type: Volledige scan (C:\|D:\|)
      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
      Uitgeschakelde scan opties: P2P
      Objecten gescand: 528786
      Verstreken tijd: 1 uur/uren, 51 minuut/minuten, 50 seconde(n)

      Geheugenprocessen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Geheugenmodulen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registersleutels gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerwaarden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerdata gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Mappen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Bestanden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      (einde)




      AdwCleaner Log:

      # AdwCleaner v3.016 - Report created 31/12/2013 at 00:37:04
      # Updated 23/12/2013 by Xplode
      # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
      # Username : Mick - MICK-PC
      # Running from : C:\Users\Mick\Downloads\adwcleaner (1).exe
      # Option : Clean

      ***** [ Services ] *****


      ***** [ Files / Folders ] *****

      Folder Deleted : C:\ProgramData\Ask
      Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
      Folder Deleted : C:\ProgramData\AVG Security Toolbar
      Folder Deleted : C:\ProgramData\Partner
      Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
      Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
      Folder Deleted : C:\Users\Mick\AppData\Local\AVG SafeGuard toolbar
      Folder Deleted : C:\Users\Mick\AppData\LocalLow\AVG SafeGuard toolbar
      Folder Deleted : C:\Users\Mick\AppData\Roaming\Search Protection
      Folder Deleted : C:\Users\Mick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
      File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
      File Deleted : C:\Users\Mick\AppData\Roaming\Mozilla\Firefox\Profiles\ryuokhsl.default\user.js

      ***** [ Shortcuts ] *****


      ***** [ Registry ] *****

      Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
      Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
      Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
      Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
      Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
      Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
      Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
      Key Deleted : HKLM\SOFTWARE\Classes\S
      Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
      Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
      Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
      Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
      Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
      Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
      Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_grabit_RASAPI32
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_grabit_RASMANCS
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_sony-vegas_RASAPI32
      Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_sony-vegas_RASMANCS
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
      Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
      Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Key Deleted : HKCU\Software\APN PIP
      Key Deleted : HKCU\Software\AVG SafeGuard toolbar
      Key Deleted : HKCU\Software\AVG Secure Search
      Key Deleted : HKCU\Software\Softonic
      Key Deleted : HKLM\Software\AVG SafeGuard toolbar
      Key Deleted : HKLM\Software\AVG Security Toolbar
      Key Deleted : HKLM\Software\PIP
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

      ***** [ Browsers ] *****

      -\\ Internet Explorer v10.0.9200.16750


      -\\ Mozilla Firefox v26.0 (nl)

      [ File : C:\Users\Mick\AppData\Roaming\Mozilla\Firefox\Profiles\ryuokhsl.default\prefs.js ]

      Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|m ysearch\\.avg\\.com");
      Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
      Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

      *************************

      AdwCleaner[R0].txt - [8407 octets] - [31/12/2013 00:36:08]
      AdwCleaner[S0].txt - [8004 octets] - [31/12/2013 00:37:04]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8064 octets] ##########




      DDS Log:

      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 10.0.9200.16750 BrowserJavaVersion: 10.45.2
      Run by Mick at 0:57:38 on 2013-12-31
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6055.3693 [GMT 1:00]
      .
      AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
      .
      ============== Running Processes ===============
      .
      C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
      C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\nvvsvc.exe
      C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
      C:\Windows\system32\svchost.exe -k RPCSS
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Program Files\Protector Suite\upeksvr.exe
      C:\Windows\system32\svchost.exe -k GPSvcGroup
      C:\Windows\System32\WUDFHost.exe
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
      C:\Windows\system32\WLANExt.exe
      C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\svchost.exe -k WbioSvcGroup
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
      C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
      C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
      C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
      C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      C:\Windows\system32\taskhost.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files (x86)\PHotkey\PHotkey.exe
      C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
      C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
      C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
      C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
      c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
      C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Windows\System32\hkcmd.exe
      C:\Windows\System32\igfxpers.exe
      C:\Users\Mick\Local Settings\Apps\F.lux\flux.exe
      C:\Program Files (x86)\Secunia\PSI\PSIA.exe
      C:\Users\Mick\AppData\Roaming\uTorrent\uTorrent.exe
      C:\Program Files\Protector Suite\psqltray.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
      C:\Windows\system32\svchost.exe -k imgsvc
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
      C:\Program Files (x86)\AVG\AVG2014\avgui.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
      C:\Windows\system32\svchost.exe -k bthsvcs
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Windows\servicing\TrustedInstaller.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
      C:\Program Files (x86)\PHotkey\HCSynApi.exe
      C:\Program Files (x86)\PHotkey\PVDesktop.exe
      C:\Program Files (x86)\PHotkey\PVDAgent.exe
      C:\Program Files (x86)\PHotkey\POSD.exe
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Windows\System32\svchost.exe -k LocalServicePeerNet
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Program Files (x86)\Secunia\PSI\sua.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
      C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      C:\Windows\system32\sppsvc.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\system32\svchost.exe -k SDRSVC
      C:\Windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://nl.search.yahoo.com?type=714647&fr=spigot-yhp-ie
      uDefault_Page_URL = hxxp://www.aldi.com
      mWinlogon: Userinit = userinit.exe,
      BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
      BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
      uRun: [F.lux] "C:\Users\Mick\Local Settings\Apps\F.lux\flux.exe" /noshow
      uRun: [AVG-Secure-Search-Update_1213b] C:\Users\Mick\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=8f93e8dd48d047d38bb99dc9d5fcdfec-5ab5d92e8cd47bcc93d4d1d5e8f290f7bd4afb40 /CMPID=1213b
      uRun: [uTorrent] "C:\Users\Mick\AppData\Roaming\uTorrent\uTorrent.exe"
      mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
      mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
      mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
      mPolicies-Explorer: NoActiveDesktop = dword:1
      mPolicies-Explorer: NoActiveDesktopChanges = dword:1
      mPolicies-System: ConsentPromptBehaviorUser = dword:3
      mPolicies-System: EnableUIADesktopToggle = dword:0
      IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
      IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
      IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
      IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
      DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
      DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
      DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
      TCP: NameServer = 213.46.228.196 62.179.104.196
      TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B} : DHCPNameServer = 213.46.228.196 62.179.104.196
      TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B}\14256573531393434354433464 : DHCPNameServer = 192.168.2.254
      TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B}\24162657 : DHCPNameServer = 213.46.228.196 62.179.104.196
      TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B}\2616265786F6E646 : DHCPNameServer = 192.168.1.1
      TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B}\65746573531393638363936454 : DHCPNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
      TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B}\E4544574541425D27457563747025424 : DHCPNameServer = 192.168.1.1
      TCP: Interfaces\{1D838C3F-ADE8-4D2B-BB7E-BE9E93EA2479} : DHCPNameServer = 192.168.42.129
      TCP: Interfaces\{4A2CDD39-7788-4F1E-AA9B-0DF0375A335C} : DHCPNameServer = 192.168.1.1
      Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
      SSODL: WebCheck - <orphaned>
      SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
      LSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dll
      mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
      x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
      x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
      x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
      x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
      x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
      x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
      x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
      x64-Run: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startup
      x64-IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
      x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
      x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
      x64-DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
      x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
      x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
      x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
      x64-Notify: igfxcui - igfxdev.dll
      x64-Notify: psfus - C:\Program Files\Protector Suite\psqlpwd.dll
      x64-SSODL: WebCheck - <orphaned>
      x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - C:\Users\Mick\AppData\Roaming\Mozilla\Firefox\Profiles\ryuokhsl.default\
      FF - prefs.js: browser.startup.homepage - hxxp://mysearch.avg.com?pid=safeguard&sg=&cid=%7B2a7936aa-e50d-480e-91f1-048ff62d4070%7D&mid=8f93e8dd48d047d38bb99dc9d5fcdfec-5ab5d92e8cd47bcc93d4d1d5e8f290f7bd4afb40&ds=AVG&coid=avgtbavg&cmpid=&v=17.2.0.38&lang=nl&pr=fr&d=201 3-12-25%2023%3A32%3A45&sap=hp
      FF - prefs.js: keyword.URL -
      FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
      FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
      FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
      FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\npsitesafety.dll
      FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
      FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
      FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
      FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
      FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
      FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
      FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
      FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
      FF - plugin: C:\Users\Mick\AppData\Roaming\raidcall\plugins\nprcplugin.dll
      FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
      FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
      FF - ExtSQL: 2013-11-27 00:01; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Mick\AppData\Roaming\Mozilla\Firefox\Profiles\ryuokhsl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
      R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
      R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
      R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
      R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-12-19 30056]
      R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
      R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
      R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
      R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
      R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-12-25 46368]
      R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-5-20 283200]
      R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-1 659976]
      R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
      R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
      R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-3-8 135952]
      R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-4-14 70952]
      R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-4-14 312616]
      R2 GFNEXSrv;GFNEX Service;C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2012-11-22 156672]
      R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-22 13592]
      R2 PEGAGFN;PEGAGFN;C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2012-11-22 14344]
      R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-11-4 1228504]
      R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-11-4 660184]
      R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
      R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-22 2655768]
      R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584]
      R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-19 51712]
      R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-5-19 53248]
      R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-7-20 282624]
      R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-11-22 31216]
      R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-7-20 59904]
      R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-11-20 317440]
      R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-9-9 25496]
      R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-10 91648]
      R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-10 208896]
      R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-11-4 18456]
      R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-11-25 769168]
      R3 WSDScan;Ondersteuning voor WSD-scan via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
      S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
      S2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-9-28 25824]
      S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-4-17 2671376]
      S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584]
      S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2012-11-1 36328]
      S3 cpuz134;cpuz134;C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2012-1-28 21480]
      S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-8-20 103576]
      S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-9-9 34200]
      S3 IT9135BDA;IT9135 BDA Devices;C:\Windows\System32\drivers\IT9135BDA.sys [2011-11-22 158464]
      S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2012-5-24 115272]
      S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-4-17 273168]
      S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-14 19456]
      S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-11-22 250984]
      S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2012-11-1 157672]
      S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2012-11-1 16872]
      S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2012-11-1 177640]
      S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-8-20 204568]
      S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-14 57856]
      S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-14 30208]
      S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-9-18 14112]
      S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-26 1255736]
      S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
      S4 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-19 921664]
      S4 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-19 1335360]
      S4 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-19 995392]
      S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-11-22 386344]
      S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
      S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-30 2099000]
      S4 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [?]
      S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
      .
      =============== Created Last 30 ================
      .
      2013-12-30 23:36:01 -------- d-----w- C:\AdwCleaner
      2013-12-25 22:32:53 -------- d-----w- C:\Users\Mick\AppData\Local\AVG SafeGuard toolbar
      2013-12-25 22:32:45 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
      2013-12-22 16:11:39 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2
      2013-12-22 16:11:25 -------- d-----w- C:\Program Files (x86)\VstPlugins
      2013-12-22 16:11:07 -------- d-----w- C:\Users\Mick\AppData\Roaming\Image-Line
      2013-12-22 16:11:06 -------- d-----w- C:\Program Files\Image-Line
      2013-12-22 16:10:34 -------- d-----w- C:\Users\Mick\AppData\Roaming\FlowStone
      2013-12-22 16:10:32 -------- d-----w- C:\Program Files (x86)\DSPRobotics
      2013-12-22 16:05:15 -------- d-----w- C:\Program Files (x86)\Image-Line
      2013-12-22 15:03:00 -------- d-----w- C:\ProgramData\PopCap Games
      2013-12-22 15:01:47 -------- d-----w- C:\Program Files\Zylom Games
      2013-12-20 17:24:58 -------- d-----w- C:\ProgramData\Oracle
      2013-12-20 16:45:49 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
      2013-12-13 14:37:07 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
      2013-12-13 14:37:07 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
      2013-12-13 14:37:06 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
      2013-12-13 14:37:05 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
      2013-12-11 18:45:32 335360 ----a-w- C:\Windows\System32\msieftp.dll
      2013-12-11 15:24:55 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
      2013-12-11 15:24:55 2048 ----a-w- C:\Windows\System32\tzres.dll
      .
      ==================== Find3M ====================
      .
      2013-12-15 13:44:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-12-15 13:44:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
      2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
      2013-11-17 17:48:59 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
      2013-11-11 04:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe
      2013-11-05 20:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
      2013-11-04 20:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
      2013-11-04 12:42:02 18456 ----a-w- C:\Windows\System32\drivers\psi_mf_amd64.sys
      2013-10-31 22:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
      2013-10-31 21:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
      2013-10-30 10:27:10 40248 ----a-w- C:\Windows\System32\TURegOpt.exe
      2013-10-30 10:27:00 42808 ----a-w- C:\Windows\System32\uxtuneup.dll
      2013-10-30 10:27:00 35640 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
      2013-10-30 10:27:00 29496 ----a-w- C:\Windows\System32\authuitu.dll
      2013-10-30 10:27:00 25400 ----a-w- C:\Windows\SysWow64\authuitu.dll
      2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
      2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
      2013-10-25 06:19:22 2241536 ----a-w- C:\Windows\System32\wininet.dll
      2013-10-25 06:17:57 3959808 ----a-w- C:\Windows\System32\jscript9.dll
      2013-10-25 06:17:52 67072 ----a-w- C:\Windows\System32\iesetup.dll
      2013-10-25 06:17:52 136704 ----a-w- C:\Windows\System32\iesysprep.dll
      2013-10-25 04:45:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
      2013-10-25 04:43:42 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
      2013-10-25 04:43:38 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
      2013-10-25 04:43:38 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
      2013-10-25 04:07:48 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
      2013-10-25 03:41:01 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
      2013-10-25 03:17:49 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
      2013-10-25 02:49:34 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
      2013-10-24 21:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
      2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
      2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
      2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
      2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll
      2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
      2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
      2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
      2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
      2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
      2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
      2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
      2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
      2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
      2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
      2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
      2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
      2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
      2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
      2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
      2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
      2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
      2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
      2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
      2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
      2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
      .
      ============= FINISH: 0:59:06,13 ===============




      Bij de Security Check heb ik een probleempje, hij geeft namelijk deze 'error':

      Bijgevoegde Bestanden
      Last edited by Emphyrio; 31-12-13, 02:15. Reden: IMG ingekort

      Comment


      • #4
        Logjes lijken me in orde (buiten de error van Security Check)
        Zijn er nog problemen?
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Nee, nog niet meer gehad dat hij vastloopt, maar dat zou nog kunnen gebeuren. Zo gauw dat het weer gebeurt (wat waarschijnlijk binnen nu en het einde van morgen is) dan zal ik het hier gelijk doorgeven!

          Comment


          • #6
            Prima

            Ka je ondertussen onderstaande reeds uitvoeren

            Download of Update Ccleaner

            Start CCleaner op.
            • Run Ccleaner en klik in de linkse kolom op Opties
            • Selecteer het tabblad Geavanceerd
            • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
            • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
            • Selecteer het tabblad Instellingen
            • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
            • Klik in de linkse kolom op Cleaner.
            • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
            • Klik vervolgens in de linkse kolom op Register
            • Klik op Scan naar problemen.
            • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen
            • Hier kan de vraag verschijnen of je je register wil backuppen.Antwoord met Ja en OK
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              Dat heb ik ook gedaan, dat doe ik trouwens regelmatig!

              Helaas heeft het niet geholpen, vanmiddag liep die weer een keer vast. Zeer waarschijnlijk ligt het aan Windows dan, neem ik aan?

              Comment


              • #8
                Dat is idd zeer goed mogelijk.
                Ik wil nog even kijken met Combofix.....

                Download Combofix naar je bureaublad.

                Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.


                Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.


                Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                Als Combofix vraagt om een update, dan staat je dit toe.

                Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                Deze kan je vinden als C:\combofix.txt.

                Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                • Illegal operation attempted on a registry key that has been marked for deletion.
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Sorry voor mijn late reactie. Ik ben erg druk geweest de afgelopen dagen.
                  Ik ga nu beginnen met Combofix.

                  Later komt Combofixlogje hier te staan.

                  Comment


                  • #10
                    Best je bericht niet editten want dan krijg ik hier géén bericht van
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Oké dan plaats hierbij een nieuw bericht.

                      Het logje van Combofix. (Ging verrassend snel nog):

                      ComboFix 14-01-01.01 - Mick 03-01-2014 20:10:32.1.8 - x64
                      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6055.4109 [GMT 1:00]
                      Gestart vanuit: c:\users\Mick\Desktop\ComboFix.exe
                      AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
                      SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
                      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                      * Nieuw herstelpunt werd aangemaakt
                      .
                      .
                      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                      .
                      .
                      c:\programdata\Roaming
                      c:\users\Mick\Documents\~WRL2507.tmp
                      c:\users\Mick\Documents\~WRL3107.tmp
                      c:\windows\SysWow64\frapsvid.dll
                      .
                      .
                      (((((((((((((((((((( Bestanden Gemaakt van 2013-12-03 to 2014-01-03 ))))))))))))))))))))))))))))))
                      .
                      .
                      2014-01-03 19:19 . 2014-01-03 19:19 -------- d-----w- c:\users\Default\AppData\Local\temp
                      2014-01-03 19:19 . 2014-01-03 19:19 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
                      2013-12-30 23:36 . 2013-12-30 23:37 -------- d-----w- C:\AdwCleaner
                      2013-12-25 22:32 . 2013-12-30 23:50 -------- d-----w- c:\users\Mick\AppData\Local\AVG SafeGuard toolbar
                      2013-12-25 22:32 . 2013-12-25 22:32 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
                      2013-12-22 16:11 . 2013-12-22 16:11 -------- d-----w- c:\program files (x86)\ASIO4ALL v2
                      2013-12-22 16:11 . 2013-12-22 16:11 -------- d-----w- c:\program files (x86)\VstPlugins
                      2013-12-22 16:11 . 2013-12-22 16:11 -------- d-----w- c:\users\Mick\AppData\Roaming\Image-Line
                      2013-12-22 16:11 . 2013-12-22 16:11 -------- d-----w- c:\program files\Image-Line
                      2013-12-22 16:10 . 2013-12-22 16:10 -------- d-----w- c:\users\Mick\AppData\Roaming\FlowStone
                      2013-12-22 16:10 . 2013-12-22 16:10 -------- d-----w- c:\program files (x86)\DSPRobotics
                      2013-12-22 16:05 . 2013-12-22 16:11 -------- d-----w- c:\program files (x86)\Image-Line
                      2013-12-22 15:03 . 2013-12-22 15:03 -------- d-----w- c:\programdata\PopCap Games
                      2013-12-22 15:01 . 2013-12-22 15:01 -------- d-----w- c:\program files\Zylom Games
                      2013-12-20 17:24 . 2013-12-20 17:24 -------- d-----w- c:\programdata\Oracle
                      2013-12-20 16:46 . 2013-12-20 16:46 -------- d-----w- c:\program files (x86)\Common Files\Java
                      2013-12-20 16:45 . 2013-12-20 16:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                      2013-12-20 16:45 . 2013-12-20 16:45 -------- d-----w- c:\program files (x86)\Java
                      2013-12-13 14:37 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
                      2013-12-13 14:37 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
                      2013-12-13 14:37 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
                      2013-12-13 14:37 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
                      2013-12-13 14:37 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
                      2013-12-11 18:45 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
                      2013-12-11 15:24 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
                      2013-12-11 15:24 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
                      .
                      .
                      .
                      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                      .
                      2013-12-15 13:44 . 2012-04-16 13:39 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                      2013-12-15 13:44 . 2011-11-19 21:02 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                      2013-12-14 19:22 . 2011-11-19 19:22 90708896 ----a-w- c:\windows\system32\MRT.exe
                      2013-11-18 00:28 . 2013-11-26 19:31 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9CC51030-EFA6-44C9-B25D-188727B0B19F}\mpengine.dll
                      2013-11-17 17:48 . 2013-11-17 17:49 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
                      2013-11-17 17:48 . 2013-11-17 17:49 312744 ----a-w- c:\windows\system32\javaws.exe
                      2013-11-17 17:48 . 2013-11-17 17:49 189352 ----a-w- c:\windows\system32\javaw.exe
                      2013-11-17 17:48 . 2013-11-17 17:49 189352 ----a-w- c:\windows\system32\java.exe
                      2013-11-11 04:50 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
                      2013-11-05 20:55 . 2013-11-05 20:55 150808 ----a-w- c:\windows\system32\drivers\avgdiska.sys
                      2013-11-04 20:52 . 2013-11-04 20:52 240920 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
                      2013-11-04 12:42 . 2013-11-04 12:42 18456 ----a-w- c:\windows\system32\drivers\psi_mf_amd64.sys
                      2013-10-31 22:00 . 2013-10-31 22:00 212280 ----a-w- c:\windows\system32\drivers\avgldx64.sys
                      2013-10-31 21:49 . 2013-10-31 21:49 294712 ----a-w- c:\windows\system32\drivers\avgloga.sys
                      2013-10-30 10:27 . 2013-11-26 20:05 40248 ----a-w- c:\windows\system32\TURegOpt.exe
                      2013-10-30 10:27 . 2013-11-26 20:53 42808 ----a-w- c:\windows\system32\uxtuneup.dll
                      2013-10-30 10:27 . 2013-11-26 20:53 35640 ----a-w- c:\windows\SysWow64\uxtuneup.dll
                      2013-10-30 10:27 . 2013-11-26 20:05 29496 ----a-w- c:\windows\system32\authuitu.dll
                      2013-10-30 10:27 . 2013-11-26 20:05 25400 ----a-w- c:\windows\SysWow64\authuitu.dll
                      2013-10-24 21:25 . 2013-10-24 21:25 194872 ----a-w- c:\windows\system32\drivers\avgidsha.sys
                      2013-10-12 02:30 . 2013-11-13 19:03 830464 ----a-w- c:\windows\system32\nshwfp.dll
                      2013-10-12 02:29 . 2013-11-13 19:03 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
                      2013-10-12 02:29 . 2013-11-13 19:03 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
                      2013-10-12 02:03 . 2013-11-13 19:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
                      2013-10-12 02:01 . 2013-11-13 19:03 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
                      2013-10-05 20:25 . 2013-11-13 19:03 1474048 ----a-w- c:\windows\system32\crypt32.dll
                      2013-10-05 19:57 . 2013-11-13 19:03 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
                      .
                      .
                      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                      .
                      .
                      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                      REGEDIT4
                      .
                      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt1]
                      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                      2013-05-25 00:36 130736 ----a-w- c:\users\Mick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                      .
                      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt2]
                      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                      2013-05-25 00:36 130736 ----a-w- c:\users\Mick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                      .
                      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt3]
                      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                      2013-05-25 00:36 130736 ----a-w- c:\users\Mick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                      .
                      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt4]
                      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                      2013-05-25 00:36 130736 ----a-w- c:\users\Mick\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
                      .
                      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                      "F.lux"="c:\users\Mick\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
                      "uTorrent"="c:\users\Mick\AppData\Roaming\uTorrent\uTorrent.exe" [2013-11-16 900440]
                      "Spotify Web Helper"="c:\users\Mick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-04 1168896]
                      .
                      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                      "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
                      "AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-07 4956176]
                      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
                      .
                      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                      "ConsentPromptBehaviorUser"= 3 (0x3)
                      "EnableUIADesktopToggle"= 0 (0x0)
                      .
                      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
                      "LoadAppInit_DLLs"=1 (0x1)
                      "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
                      .
                      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
                      "aux4"=wdmaud.drv
                      .
                      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
                      Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
                      .
                      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
                      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                      .
                      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                      R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe;c:\windows\SYSNATIVE\libusbd-nt.exe [x]
                      R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
                      R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
                      R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
                      R3 cpuz134;cpuz134;c:\program files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [x]
                      R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
                      R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
                      R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
                      R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
                      R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
                      R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
                      R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
                      R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
                      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
                      R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
                      R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys;c:\windows\SYSNATIVE\Drivers\RTSUVSTOR.sys [x]
                      R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
                      R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
                      R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
                      R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
                      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
                      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
                      R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
                      R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                      R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
                      R4 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
                      R4 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
                      R4 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
                      R4 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
                      R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                      R4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
                      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
                      S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
                      S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
                      S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
                      S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
                      S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
                      S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
                      S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS \avgidsdrivera.sys [x]
                      S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
                      S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
                      S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
                      S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
                      S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
                      S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
                      S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
                      S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
                      S2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [x]
                      S2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [x]
                      S2 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe;c:\program files (x86)\PHotkey\GFNEXSrv.exe [x]
                      S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
                      S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
                      S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys;c:\program files (x86)\PHotkey\PEGAGFN.sys [x]
                      S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
                      S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
                      S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
                      S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                      S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
                      S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
                      S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
                      S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
                      S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
                      S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFlt Coex.sys [x]
                      S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
                      S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
                      S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
                      S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
                      S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
                      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
                      S3 WSDScan;Ondersteuning voor WSD-scan via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
                      .
                      .
                      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                      2013-12-06 14:10 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
                      .
                      Inhoud van de 'Gedeelde Taken' map
                      .
                      2014-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
                      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 13:44]
                      .
                      2014-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-25 14:37]
                      .
                      2014-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-25 14:37]
                      .
                      .
                      --------- X64 Entries -----------
                      .
                      .
                      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
                      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                      2013-05-25 00:36 164016 ----a-w- c:\users\Mick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                      .
                      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
                      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                      2013-05-25 00:36 164016 ----a-w- c:\users\Mick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                      .
                      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
                      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                      2013-05-25 00:36 164016 ----a-w- c:\users\Mick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                      .
                      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
                      @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                      [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                      2013-05-25 00:36 164016 ----a-w- c:\users\Mick\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
                      .
                      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UE AFOverlay]
                      @="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
                      [HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
                      2010-12-10 10:59 5267792 ----a-w- c:\program files\Protector Suite\farchns.dll
                      .
                      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UE AFOverlayOpen]
                      @="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
                      [HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
                      2010-12-10 10:59 5267792 ----a-w- c:\program files\Protector Suite\farchns.dll
                      .
                      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
                      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
                      "Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
                      "PSQLLauncher"="c:\program files\Protector Suite\launcher.exe" [2010-12-10 84816]
                      .
                      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
                      "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
                      .
                      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
                      UxTuneUp
                      .
                      ------- Bijkomende Scan -------
                      .
                      uLocal Page = c:\windows\system32\blank.htm
                      uStart Page = hxxp://nl.search.yahoo.com?type=714647&fr=spigot-yhp-ie
                      mLocal Page = c:\windows\SysWOW64\blank.htm
                      IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
                      IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
                      IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
                      TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
                      FF - ProfilePath - c:\users\Mick\AppData\Roaming\Mozilla\Firefox\Profiles\ryuokhsl.default\
                      FF - prefs.js: browser.startup.homepage - hxxp://mysearch.avg.com?pid=safeguard&sg=&cid=%7B2a7936aa-e50d-480e-91f1-048ff62d4070%7D&mid=8f93e8dd48d047d38bb99dc9d5fcdfec-5ab5d92e8cd47bcc93d4d1d5e8f290f7bd4afb40&ds=AVG&coid=avgtbavg&cmpid=&v=17.2.0.38&lang=nl&pr=fr&d=201 3-12-25%2023%3A32%3A45&sap=hp
                      FF - prefs.js: keyword.URL -
                      FF - ExtSQL: 2013-11-27 00:01; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Mick\AppData\Roaming\Mozilla\Firefox\Profiles\ryuokhsl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
                      .
                      - - - - ORPHANS VERWIJDERD - - - -
                      .
                      HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
                      AddRemove-Search Protection - c:\users\Mick\AppData\Roaming\Search Protection\uninstall.exe
                      .
                      .
                      "ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
                      [\]^_•\00\00•\00\00\00\00HIJKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~•\00\00•\00\00\00\00x\00\00\00 \00\00\00\00\00‘’“"
                      .
                      .
                      --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                      .
                      [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
                      @Denied: (2) (LocalSystem)
                      "Progid"="ChromeHTML"
                      .
                      [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
                      @Denied: (2) (LocalSystem)
                      "Progid"="ChromeHTML"
                      .
                      [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
                      @Denied: (2) (LocalSystem)
                      "Progid"="ChromeHTML"
                      .
                      [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
                      @Denied: (2) (LocalSystem)
                      "Progid"="ChromeHTML"
                      .
                      [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
                      @Denied: (2) (LocalSystem)
                      "Progid"="ChromeHTML"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                      @Denied: (A 2) (Everyone)
                      @="FlashBroker"
                      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe ,-101"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                      "Enabled"=dword:00000001
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                      @Denied: (A 2) (Everyone)
                      @="IFlashBroker5"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                      @="{00020424-0000-0000-C000-000000000046}"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                      "Version"="1.0"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                      @Denied: (A 2) (Everyone)
                      @="FlashBroker"
                      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe ,-101"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                      "Enabled"=dword:00000001
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                      @Denied: (A 2) (Everyone)
                      @="Shockwave Flash Object"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
                      "ThreadingModel"="Apartment"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                      @="0"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                      @="ShockwaveFlash.ShockwaveFlash.11"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                      @="1.0"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                      @="ShockwaveFlash.ShockwaveFlash"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                      @Denied: (A 2) (Everyone)
                      @="Macromedia Flash Factory Object"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
                      "ThreadingModel"="Apartment"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                      @="FlashFactory.FlashFactory.1"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                      @="1.0"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                      @="FlashFactory.FlashFactory"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                      @Denied: (A 2) (Everyone)
                      @="IFlashBroker5"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                      @="{00020424-0000-0000-C000-000000000046}"
                      .
                      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                      "Version"="1.0"
                      .
                      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
                      @Denied: (A) (Users)
                      @Denied: (A) (Everyone)
                      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                      "BlindDial"=dword:00000000
                      .
                      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
                      @Denied: (A) (Users)
                      @Denied: (A) (Everyone)
                      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                      "BlindDial"=dword:00000000
                      .
                      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
                      @Denied: (A) (Users)
                      @Denied: (A) (Everyone)
                      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                      "BlindDial"=dword:00000000
                      .
                      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
                      @Denied: (A) (Users)
                      @Denied: (A) (Everyone)
                      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                      "BlindDial"=dword:00000000
                      .
                      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
                      @Denied: (A) (Users)
                      @Denied: (A) (Everyone)
                      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                      "BlindDial"=dword:00000000
                      .
                      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
                      @Denied: (A) (Users)
                      @Denied: (A) (Everyone)
                      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                      "BlindDial"=dword:00000000
                      .
                      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
                      @Denied: (A) (Users)
                      @Denied: (A) (Everyone)
                      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                      "BlindDial"=dword:00000000
                      .
                      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
                      @Denied: (Full) (Everyone)
                      .
                      Voltooingstijd: 2014-01-03 20:22:29
                      ComboFix-quarantined-files.txt 2014-01-03 19:22
                      .
                      Pre-Run: 83.995.680.768 bytes beschikbaar
                      Post-Run: 83.838.697.472 bytes beschikbaar
                      .
                      - - End Of File - - 2D5588360F1AD8D6DE675A01883C53CB

                      Comment


                      • #12
                        En dan nog even een verse DDS log
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          Oh, my bad! Eventjes overheen gelezen. Hier is het DDS-logje.

                          DDS (Ver_2012-11-20.01) - NTFS_AMD64
                          Internet Explorer: 10.0.9200.16750 BrowserJavaVersion: 10.45.2
                          Run by Mick at 20:49:33 on 2014-01-03
                          Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6055.3608 [GMT 1:00]
                          .
                          AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
                          SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                          SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
                          .
                          ============== Running Processes ===============
                          .
                          C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
                          C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
                          C:\Windows\system32\lsm.exe
                          C:\Windows\system32\svchost.exe -k DcomLaunch
                          C:\Windows\system32\nvvsvc.exe
                          C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
                          C:\Windows\system32\svchost.exe -k RPCSS
                          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                          C:\Windows\system32\svchost.exe -k LocalService
                          C:\Windows\system32\svchost.exe -k netsvcs
                          C:\Windows\system32\svchost.exe -k GPSvcGroup
                          C:\Windows\System32\WUDFHost.exe
                          C:\Windows\system32\svchost.exe -k NetworkService
                          C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                          C:\Windows\system32\nvvsvc.exe
                          C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
                          C:\Windows\system32\WLANExt.exe
                          C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
                          C:\Windows\System32\spoolsv.exe
                          C:\Program Files\Protector Suite\upeksvr.exe
                          C:\Windows\system32\svchost.exe -k WbioSvcGroup
                          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                          C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
                          C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
                          C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
                          C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
                          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
                          C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
                          c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
                          C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
                          C:\Program Files (x86)\Secunia\PSI\PSIA.exe
                          C:\Windows\system32\svchost.exe -k imgsvc
                          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                          C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
                          C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
                          C:\Windows\system32\taskhost.exe
                          C:\Windows\system32\Dwm.exe
                          C:\Windows\Explorer.EXE
                          C:\Program Files (x86)\PHotkey\PHotkey.exe
                          C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
                          C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
                          C:\Windows\system32\taskeng.exe
                          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                          C:\Windows\System32\hkcmd.exe
                          C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
                          C:\Windows\System32\igfxpers.exe
                          C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
                          C:\Users\Mick\Local Settings\Apps\F.lux\flux.exe
                          C:\Users\Mick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
                          C:\Program Files\Protector Suite\psqltray.exe
                          C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
                          C:\Program Files (x86)\AVG\AVG2014\avgui.exe
                          C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
                          C:\Windows\system32\wbem\unsecapp.exe
                          C:\Windows\system32\wbem\wmiprvse.exe
                          C:\Windows\system32\svchost.exe -k bthsvcs
                          C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
                          C:\Program Files (x86)\PHotkey\HCSynApi.exe
                          C:\Program Files (x86)\PHotkey\PVDesktop.exe
                          C:\Program Files (x86)\PHotkey\PVDAgent.exe
                          C:\Program Files (x86)\PHotkey\POSD.exe
                          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                          C:\Program Files\Windows Media Player\wmpnetwk.exe
                          C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                          C:\Program Files (x86)\Secunia\PSI\sua.exe
                          C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
                          C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
                          C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
                          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                          C:\Windows\system32\svchost.exe -k SDRSVC
                          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                          C:\Windows\system32\wbem\wmiprvse.exe
                          C:\Windows\System32\cscript.exe
                          .
                          ============== Pseudo HJT Report ===============
                          .
                          uStart Page = hxxp://nl.search.yahoo.com?type=714647&fr=spigot-yhp-ie
                          BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
                          BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
                          BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                          BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
                          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
                          uRun: [F.lux] "C:\Users\Mick\Local Settings\Apps\F.lux\flux.exe" /noshow
                          uRun: [uTorrent] "C:\Users\Mick\AppData\Roaming\uTorrent\uTorrent.exe"
                          uRun: [Spotify Web Helper] "C:\Users\Mick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
                          mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
                          mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
                          mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
                          uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
                          uPolicies-Explorer: NoDrives = dword:0
                          mPolicies-Explorer: NoDrives = dword:0
                          mPolicies-System: ConsentPromptBehaviorUser = dword:3
                          mPolicies-System: EnableUIADesktopToggle = dword:0
                          IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
                          IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
                          IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
                          IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
                          IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
                          IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
                          DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
                          DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
                          DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
                          DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
                          DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
                          TCP: NameServer = 213.46.228.196 62.179.104.196
                          TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B} : DHCPNameServer = 213.46.228.196 62.179.104.196
                          TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B}\14256573531393434354433464 : DHCPNameServer = 192.168.2.254
                          TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B}\24162657 : DHCPNameServer = 213.46.228.196 62.179.104.196
                          TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B}\2616265786F6E646 : DHCPNameServer = 192.168.1.1
                          TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B}\65746573531393638363936454 : DHCPNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
                          TCP: Interfaces\{0BE435B9-B0C4-4303-A973-D6211484DE8B}\E4544574541425D27457563747025424 : DHCPNameServer = 192.168.1.1
                          TCP: Interfaces\{1D838C3F-ADE8-4D2B-BB7E-BE9E93EA2479} : DHCPNameServer = 192.168.42.129
                          TCP: Interfaces\{4A2CDD39-7788-4F1E-AA9B-0DF0375A335C} : DHCPNameServer = 192.168.1.1
                          Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
                          Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
                          Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
                          AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
                          SSODL: WebCheck - <orphaned>
                          SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
                          LSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dll
                          mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
                          x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
                          x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
                          x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                          x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
                          x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
                          x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
                          x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
                          x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
                          x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
                          x64-Run: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startup
                          x64-IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
                          x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
                          x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
                          x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
                          x64-DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
                          x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
                          x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
                          x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
                          x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
                          x64-Notify: igfxcui - igfxdev.dll
                          x64-Notify: psfus - C:\Program Files\Protector Suite\psqlpwd.dll
                          x64-SSODL: WebCheck - <orphaned>
                          x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
                          .
                          ================= FIREFOX ===================
                          .
                          FF - ProfilePath - C:\Users\Mick\AppData\Roaming\Mozilla\Firefox\Profiles\ryuokhsl.default\
                          FF - prefs.js: browser.startup.homepage - hxxp://mysearch.avg.com?pid=safeguard&sg=&cid=%7B2a7936aa-e50d-480e-91f1-048ff62d4070%7D&mid=8f93e8dd48d047d38bb99dc9d5fcdfec-5ab5d92e8cd47bcc93d4d1d5e8f290f7bd4afb40&ds=AVG&coid=avgtbavg&cmpid=&v=17.2.0.38&lang=nl&pr=fr&d=201 3-12-25%2023%3A32%3A45&sap=hp
                          FF - prefs.js: keyword.URL -
                          FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
                          FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
                          FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
                          FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
                          FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
                          FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
                          FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
                          FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
                          FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
                          FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
                          FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
                          FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
                          FF - plugin: C:\Users\Mick\AppData\Roaming\raidcall\plugins\nprcplugin.dll
                          FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
                          FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
                          FF - ExtSQL: 2013-11-27 00:01; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Mick\AppData\Roaming\Mozilla\Firefox\Profiles\ryuokhsl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
                          .
                          ============= SERVICES / DRIVERS ===============
                          .
                          R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
                          R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
                          R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
                          R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
                          R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-12-19 30056]
                          R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
                          R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
                          R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
                          R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
                          R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-12-25 46368]
                          R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-5-20 283200]
                          R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-1 659976]
                          R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
                          R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
                          R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-3-8 135952]
                          R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-4-14 70952]
                          R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-4-14 312616]
                          R2 GFNEXSrv;GFNEX Service;C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2012-11-22 156672]
                          R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-22 13592]
                          R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-9-28 25824]
                          R2 PEGAGFN;PEGAGFN;C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2012-11-22 14344]
                          R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-11-4 1228504]
                          R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-11-4 660184]
                          R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-11-30 382824]
                          R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-22 2655768]
                          R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584]
                          R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-19 51712]
                          R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-5-19 53248]
                          R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-7-20 282624]
                          R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-11-22 31216]
                          R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-7-20 59904]
                          R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-11-20 317440]
                          R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-9-9 25496]
                          R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-10 91648]
                          R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-10 208896]
                          R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-11-4 18456]
                          R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-11-25 769168]
                          R3 WSDScan;Ondersteuning voor WSD-scan via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
                          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
                          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
                          S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
                          S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-4-17 2671376]
                          S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584]
                          S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2012-11-1 36328]
                          S3 cpuz134;cpuz134;C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2012-1-28 21480]
                          S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-8-20 103576]
                          S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-9-9 34200]
                          S3 IT9135BDA;IT9135 BDA Devices;C:\Windows\System32\drivers\IT9135BDA.sys [2011-11-22 158464]
                          S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2012-5-24 115272]
                          S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-4-17 273168]
                          S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
                          S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-14 19456]
                          S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-11-22 250984]
                          S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2012-11-1 157672]
                          S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2012-11-1 16872]
                          S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2012-11-1 177640]
                          S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-8-20 204568]
                          S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
                          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-14 57856]
                          S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-14 30208]
                          S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-9-18 14112]
                          S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-26 1255736]
                          S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
                          S4 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-19 921664]
                          S4 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-19 1335360]
                          S4 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-19 995392]
                          S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-11-22 386344]
                          S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
                          S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-30 2099000]
                          S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
                          .
                          =============== Created Last 30 ================
                          .
                          2014-01-03 19:22:33 -------- d-sh--w- C:\$RECYCLE.BIN
                          2014-01-03 19:08:29 98816 ----a-w- C:\Windows\sed.exe
                          2014-01-03 19:08:29 256000 ----a-w- C:\Windows\PEV.exe
                          2014-01-03 19:08:29 208896 ----a-w- C:\Windows\MBR.exe
                          2013-12-30 23:36:01 -------- d-----w- C:\AdwCleaner
                          2013-12-25 22:32:53 -------- d-----w- C:\Users\Mick\AppData\Local\AVG SafeGuard toolbar
                          2013-12-25 22:32:45 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
                          2013-12-22 16:11:39 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2
                          2013-12-22 16:11:25 -------- d-----w- C:\Program Files (x86)\VstPlugins
                          2013-12-22 16:11:07 -------- d-----w- C:\Users\Mick\AppData\Roaming\Image-Line
                          2013-12-22 16:11:06 -------- d-----w- C:\Program Files\Image-Line
                          2013-12-22 16:10:34 -------- d-----w- C:\Users\Mick\AppData\Roaming\FlowStone
                          2013-12-22 16:10:32 -------- d-----w- C:\Program Files (x86)\DSPRobotics
                          2013-12-22 16:05:15 -------- d-----w- C:\Program Files (x86)\Image-Line
                          2013-12-22 15:03:00 -------- d-----w- C:\ProgramData\PopCap Games
                          2013-12-22 15:01:47 -------- d-----w- C:\Program Files\Zylom Games
                          2013-12-20 17:24:58 -------- d-----w- C:\ProgramData\Oracle
                          2013-12-20 16:45:49 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                          2013-12-13 14:37:07 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
                          2013-12-13 14:37:07 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
                          2013-12-13 14:37:06 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
                          2013-12-13 14:37:05 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
                          2013-12-11 18:45:32 335360 ----a-w- C:\Windows\System32\msieftp.dll
                          2013-12-11 15:24:55 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
                          2013-12-11 15:24:55 2048 ----a-w- C:\Windows\System32\tzres.dll
                          .
                          ==================== Find3M ====================
                          .
                          2013-12-15 13:44:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                          2013-12-15 13:44:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                          2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
                          2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
                          2013-11-17 17:48:59 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
                          2013-11-11 04:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe
                          2013-11-05 20:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
                          2013-11-04 20:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
                          2013-11-04 12:42:02 18456 ----a-w- C:\Windows\System32\drivers\psi_mf_amd64.sys
                          2013-10-31 22:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
                          2013-10-31 21:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
                          2013-10-30 10:27:10 40248 ----a-w- C:\Windows\System32\TURegOpt.exe
                          2013-10-30 10:27:00 42808 ----a-w- C:\Windows\System32\uxtuneup.dll
                          2013-10-30 10:27:00 35640 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
                          2013-10-30 10:27:00 29496 ----a-w- C:\Windows\System32\authuitu.dll
                          2013-10-30 10:27:00 25400 ----a-w- C:\Windows\SysWow64\authuitu.dll
                          2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
                          2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys
                          2013-10-25 06:19:22 2241536 ----a-w- C:\Windows\System32\wininet.dll
                          2013-10-25 06:17:57 3959808 ----a-w- C:\Windows\System32\jscript9.dll
                          2013-10-25 06:17:52 67072 ----a-w- C:\Windows\System32\iesetup.dll
                          2013-10-25 06:17:52 136704 ----a-w- C:\Windows\System32\iesysprep.dll
                          2013-10-25 04:45:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
                          2013-10-25 04:43:42 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
                          2013-10-25 04:43:38 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
                          2013-10-25 04:43:38 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
                          2013-10-25 04:07:48 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
                          2013-10-25 03:41:01 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                          2013-10-25 03:17:49 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
                          2013-10-25 02:49:34 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
                          2013-10-24 21:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
                          2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
                          2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
                          2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx
                          2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll
                          2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
                          2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
                          2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
                          2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
                          2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
                          2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
                          2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
                          2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe
                          2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe
                          2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
                          2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
                          2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
                          2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
                          .
                          ============= FINISH: 20:50:48,05 ===============

                          Comment


                          • #14
                            Logjes zien er goed uit.

                            We gaan Combofix verwijderen.....

                            Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

                            ComboFix /Uninstall

                            Zorg ervoor dat er dus een spatie is tussen Combofix en /
                            Daarna klik je op Enter.


                            Klik op de afbeelding om te vergroten....


                            Dit zal Combofix verwijderen+gerelateerde mappen en bestanden,
                            herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies,
                            gaat verborgen bestanden en systeembestanden terug verbergen
                            en reset je Systeemherstel opnieuw.



                            Start CCleaner op.
                            • Run Ccleaner en klik in de linkse kolom op Opties
                            • Selecteer het tabblad Geavanceerd
                            • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                            • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
                            • Selecteer het tabblad Instellingen
                            • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                            • Klik in de linkse kolom op Cleaner.
                            • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                            • Klik vervolgens in de linkse kolom op Register
                            • Klik op Scan naar problemen.
                            • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen
                            • Hier kan de vraag verschijnen of je je register wil backuppen.Antwoord met Ja en OK

                            .
                            Zijn er nog problemen?
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment


                            • #15
                              Ik heb de stappen gevolgd, maar helaas is de laptop net nog weer een keer vastgelopen... Dit betekent dat er een fout in het windows-systeem zelf zit?

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X