Mededeling

Collapse
No announcement yet.

Trage laptop na recovery

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Trage laptop na recovery

    Hallo,

    Van de week deed mijn laptop ineens niets meer (heel traag en niets reageerde meer). Ik heb toen recovery uitgevoerd die ingebouwd is op mijn laptop (toshiba satellite c670).

    Ik had gehoopt dat dan mijn laptop weer naar de fabrieksinstelling ging (is ook gebeurt), alleen is mijn laptop super traag. Ik kan amper werken op mijn laptop elke simpele handeling duurt een paar minuten en vaak staat er dan bij dat het programma niet reageert.

    Is er iemand die mij hierbij kan helpen die weet wat dit is? Zou echt super zijn!

    Gr

    Fisoes

  • #2
    Hoi

    De eerste stap is het uitvoeren van deze richtlijn: Lees eerst dit voor je een log post

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Goedenavond,

      Na heel wat tijd heb ik eindelijk de logjes.

      Hieronder het MBAM log:
      Malwarebytes Anti-Malware 1.75.0.1300
      www.malwarebytes.org

      Databaseversie: v2014.01.11.04

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Sonny :: SONNY-TOSH [administrator]

      10-1-2014 17:40:17
      mbam-log-2014-01-10 (17-40-17).txt

      Scan type: Snelle scan
      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
      Uitgeschakelde scan opties: P2P
      Objecten gescand: 213879
      Verstreken tijd: 1 uur/uren, 5 minuut/minuten, 29 seconde(n)

      Geheugenprocessen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Geheugenmodulen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registersleutels gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerwaarden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerdata gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Mappen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Bestanden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      (einde)



      Hier het DDS log:
      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.45.2
      Run by Sonny at 16:27:13 on 2014-01-10
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6126.3922 [GMT 1:00]
      .
      AV: McAfee Antivirus en antispyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
      AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
      SP: McAfee Antivirus en antispyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
      FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
      FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
      .
      ============== Running Processes ===============
      .
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\nvvsvc.exe
      C:\Windows\system32\svchost.exe -k RPCSS
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\System32\WUDFHost.exe
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Windows\System32\GFNEXSrv.exe
      C:\Windows\system32\WLANExt.exe
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
      C:\Windows\system32\mfevtps.exe
      C:\Windows\system32\svchost.exe -k imgsvc
      C:\Windows\system32\rundll32.exe
      C:\Windows\system32\rundll32.exe
      C:\Windows\system32\TODDSrv.exe
      C:\Windows\SysWOW64\rundll32.exe
      C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      C:\Program Files\McAfee\MSC\McAPExe.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
      C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
      C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
      C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
      C:\Windows\system32\nvvsvc.exe
      C:\Windows\system32\taskhost.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
      C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
      C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
      C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
      C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
      C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
      C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
      C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
      C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe
      C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
      C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
      C:\Windows\system32\SearchIndexer.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
      C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
      C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
      c:\Program Files (x86)\Nero\Update\NASvc.exe
      D:\Microsoft Office 2007 Enterprise + Serial Key - {RedDragon}\Microsoft Office 2007 Enterprise + Serial Key - {RedDragon}\setup.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      C:\Windows\system32\vssvc.exe
      C:\Windows\System32\svchost.exe -k swprv
      C:\Windows\system32\SearchProtocolHost.exe
      C:\Users\Sonny\Downloads\mvl581b5.exe
      C:\Windows\System32\svchost.exe -k WerSvcGroup
      C:\Windows\system32\SearchFilterHost.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
      uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
      mWinlogon: Userinit = userinit.exe
      BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
      BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
      BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
      BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
      TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
      TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      uRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
      mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      mRun: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
      mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
      mRun: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
      mRun: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
      mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
      mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
      dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
      StartupFolder: C:\Users\Sonny\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe
      StartupFolder: C:\Users\Sonny\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\TRDCRE~1.LNK - C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
      StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TOSHIB~1.LNK - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
      mPolicies-Explorer: NoActiveDesktop = dword:1
      mPolicies-Explorer: NoActiveDesktopChanges = dword:1
      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
      mPolicies-System: ConsentPromptBehaviorUser = dword:3
      mPolicies-System: EnableUIADesktopToggle = dword:0
      IE: Toevoegen aan TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
      IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll
      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
      DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
      DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
      TCP: NameServer = 192.168.0.1
      TCP: Interfaces\{5792C6DC-9848-4DA2-BD24-CC3D50963F13} : DHCPNameServer = 192.168.0.1
      TCP: Interfaces\{5792C6DC-9848-4DA2-BD24-CC3D50963F13}\8445340205F627471626C6560284F6473707F647 : DHCPNameServer = 192.168.1.1
      Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
      Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
      Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      SSODL: WebCheck - <orphaned>
      mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      x64-BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll
      x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
      x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
      x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
      x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
      x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
      x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
      x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
      x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
      x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
      x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
      x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
      x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
      x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
      x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
      x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
      x64-IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll
      x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
      x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
      x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
      x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
      x64-SSODL: WebCheck - <orphaned>
      .
      ============= SERVICES / DRIVERS ===============
      .
      R2 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-13 311120]
      R2 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-13 782360]
      R2 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-13 343696]
      R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-13 70112]
      R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-13 519576]
      R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-11-26 411944]
      R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-31 413800]
      S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\Windows\System32\drivers\btfilter.sys [2010-10-18 42096]
      S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-1-8 197704]
      S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-11-26 96112]
      S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-13 98728]
      S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-1-7 250984]
      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
      S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
      .
      =============== Created Last 30 ================
      .
      2014-01-10 15:21:58 -------- d-----w- C:\ProgramData\Malwarebytes
      2014-01-10 15:21:06 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
      2014-01-10 15:21:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      2014-01-10 15:20:52 -------- d-----w- C:\Users\Sonny\AppData\Local\Programs
      2014-01-10 14:55:34 -------- d-----w- C:\Windows\SysWow64\Wat
      2014-01-10 14:55:30 -------- d-----w- C:\Windows\System32\Wat
      2014-01-10 10:42:14 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
      2014-01-10 10:30:05 -------- d-----w- C:\Users\Sonny\AppData\Local\Microsoft Help
      2014-01-10 09:45:10 -------- d-----w- C:\Users\Sonny\AppData\Roaming\TP
      2014-01-10 09:30:41 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
      2014-01-09 19:01:46 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
      2014-01-09 19:01:46 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
      2014-01-09 19:01:45 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
      2014-01-09 19:01:45 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
      2014-01-09 19:01:44 744448 ----a-w- C:\Windows\System32\WUDFx.dll
      2014-01-09 19:01:44 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
      2014-01-09 19:01:44 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
      2014-01-09 07:20:38 81408 ----a-w- C:\Windows\System32\imagehlp.dll
      2014-01-09 07:20:38 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
      2014-01-09 07:20:38 5120 ----a-w- C:\Windows\System32\wmi.dll
      2014-01-09 07:20:38 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
      2014-01-09 07:20:38 220672 ----a-w- C:\Windows\System32\wintrust.dll
      2014-01-09 07:20:38 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
      2014-01-09 07:20:38 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
      2014-01-08 18:32:41 77312 ----a-w- C:\Windows\System32\packager.dll
      2014-01-08 18:32:41 67072 ----a-w- C:\Windows\SysWow64\packager.dll
      2014-01-08 08:47:05 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
      2014-01-08 08:47:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
      2014-01-08 08:47:05 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
      2014-01-08 08:47:05 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
      2014-01-08 08:27:53 197704 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
      2014-01-08 08:04:32 2622464 ----a-w- C:\Windows\System32\wucltux.dll
      2014-01-08 08:03:40 99840 ----a-w- C:\Windows\System32\wudriver.dll
      2014-01-08 08:02:50 36864 ----a-w- C:\Windows\System32\wuapp.exe
      2014-01-08 08:02:50 186752 ----a-w- C:\Windows\System32\wuwebv.dll
      2014-01-07 22:48:12 -------- d-----w- C:\Users\Sonny\AppData\Local\Google
      2014-01-07 22:36:13 -------- d-----w- C:\Users\Sonny\AppData\Local\TOSHIBA
      2014-01-07 22:35:26 -------- d-----w- C:\Users\Sonny\AppData\Local\VirtualStore
      2014-01-07 22:26:24 -------- d-----w- C:\Windows\OemDrv
      2014-01-07 22:23:19 -------- d-----w- C:\Program Files (x86)\TOSHIBA Corporation
      2014-01-07 22:14:31 -------- d-----w- C:\Windows\Downloaded Installations
      2014-01-07 22:12:12 -------- d-----w- C:\Windows\SysWow64\sda
      2014-01-07 22:11:54 9888360 ----a-w- C:\Windows\SysWow64\RtsUStoricon.dll
      2014-01-07 22:11:54 422504 ----a-w- C:\Windows\System32\RtsUStor.dll
      2014-01-07 22:11:54 250984 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys
      2014-01-07 22:10:14 40832 ----a-w- C:\Windows\System32\drivers\TosBtCi.dll
      2014-01-07 22:09:06 -------- d-----w- C:\Program Files (x86)\TOH Class Filter
      2014-01-07 22:08:42 -------- d-----w- C:\Program Files\Synaptics
      2014-01-07 22:08:21 99320 ----a-w- C:\Windows\System32\tosWirelessLANIndicatorCP.dll
      2014-01-07 22:08:21 827728 ----a-w- C:\Windows\System32\msvcr100.dll
      2014-01-07 22:08:21 607568 ----a-w- C:\Windows\System32\msvcp100.dll
      2014-01-07 22:03:17 2675712 ----a-w- C:\Windows\System32\drivers\athrx.sys
      2014-01-07 22:03:17 -------- d-----w- C:\Windows\Options
      2014-01-07 22:03:16 63648 ----a-w- C:\Windows\System32\athihvui.dll
      2014-01-07 22:03:16 443040 ----a-w- C:\Windows\System32\athihvs.dll
      2014-01-07 22:03:16 -------- d-----w- C:\Windows\System32\nn-NO
      2014-01-07 22:03:16 -------- d-----w- C:\Program Files (x86)\Atheros
      2014-01-07 22:02:52 -------- d-----w- C:\ProgramData\Atheros
      2014-01-07 21:38:57 -------- d-----w- C:\Windows\SysWow64\RTCOM
      2014-01-07 21:38:57 -------- d-----w- C:\Program Files\Realtek
      2014-01-07 21:29:33 24576 ----a-w- C:\Windows\SysWow64\TSCI.dll
      2014-01-07 21:29:33 24576 ----a-w- C:\Windows\SysWow64\THCI.dll
      2014-01-07 21:29:08 162824 ----a-w- C:\Windows\System32\GFNEXSrv.exe
      2014-01-07 21:29:08 152376 ----a-w- C:\Windows\System32\GFNEX64.dll
      2014-01-07 21:29:08 128312 ----a-w- C:\Windows\SysWow64\GFNEX.dll
      2014-01-07 21:26:32 439320 ----a-w- C:\Windows\System32\drivers\iaStor.sys
      2014-01-07 21:23:47 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
      2014-01-07 21:21:47 -------- d-----w- C:\Program Files\NVIDIA Corporation
      2014-01-07 21:20:32 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
      2014-01-07 21:20:27 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
      2014-01-07 21:19:58 56344 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
      2014-01-07 21:19:58 -------- d-----w- C:\Intel
      2014-01-07 21:16:26 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
      2014-01-07 21:15:21 -------- d-sh--w- C:\$RECYCLE.BIN
      2014-01-07 08:20:51 -------- d-----w- C:\Program Files (x86)\NetDragon
      2014-01-07 08:09:28 -------- d-----w- C:\ProgramData\Oracle
      2014-01-07 08:08:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
      2014-01-07 08:08:38 -------- d-----r- C:\Users\Sonny\Dropbox
      2014-01-07 08:08:04 -------- d-----w- C:\Users\Sonny\AppData\Roaming\DropboxMaster
      2014-01-07 08:05:42 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2014-01-07 08:05:42 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2014-01-07 08:04:19 -------- d-----w- C:\Users\Sonny\AppData\Roaming\Dropbox
      2014-01-07 08:01:11 -------- d-----w- C:\Users\Sonny\AppData\Local\Adobe
      .
      ==================== Find3M ====================
      .
      2013-11-26 21:07:44 10856 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
      2013-11-26 21:07:22 96112 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
      2013-11-26 21:07:02 411944 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
      2013-11-04 15:51:44 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys
      2013-11-04 15:46:34 343696 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
      2013-11-04 15:46:16 182752 ----a-w- C:\Windows\System32\mfevtps.exe
      2013-11-04 15:43:04 782360 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
      2013-11-04 15:41:22 519576 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
      2013-11-04 15:40:00 311120 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
      2013-11-04 15:39:20 179792 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
      .
      ============= FINISH: 17:03:32,47 ===============


      Hier het GMER log:
      GMER 2.1.19163 - http://www.gmer.net
      Rootkit scan 2014-01-10 19:06:56
      Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GT00 596,17GB
      Running: mvl581b5.exe; Driver: C:\Users\Sonny\AppData\Local\Temp\fgddqkog.sys


      ---- User code sections - GMER 2.1 ----

      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075911465 2 bytes [91, 75]
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759114bb 2 bytes [91, 75]
      .text ... * 2
      .text C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2424] C:\Windows\system32\kernel32.dll!LoadLibraryW 0000000076ed6f80 5 bytes JMP 000000016e67f140
      .text C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2424] C:\Windows\system32\kernel32.dll!LoadLibraryA 0000000076ed7070 5 bytes JMP 000000016e67f020
      .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075911465 2 bytes [91, 75]
      .text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759114bb 2 bytes [91, 75]
      .text ... * 2
      .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe[3268] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075911465 2 bytes [91, 75]
      .text C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe[3268] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759114bb 2 bytes [91, 75]
      .text ... * 2

      ---- User IAT/EAT - GMER 2.1 ----

      IAT C:\Windows\system32\mfevtps.exe[1236] @ C:\Windows\system32\CRYPT32.dll[KERNEL32.dll!LoadLibraryA] [13fd5ba40] C:\Windows\system32\mfevtps.exe

      ---- Threads - GMER 2.1 ----

      Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4812:4868] 0000000075507587
      Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4812:5008] 0000000072760cb3
      Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4812:2752] 00000000777c41f3
      Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4812:5016] 00000000777c6679
      Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4812:4424] 00000000777c6679
      ---- Processes - GMER 2.1 ----

      Library C:\Users\Sonny\AppData\Local\Temp\Setup00000508\OSETUPUI.DLL (*** suspicious ***) @ D:\Microsoft Office 2007 Enterprise + Serial Key - {RedDragon}\Microsoft Office 2007 Enterprise + Serial Key - {RedDragon}\setup.exe [1288] 00000000744a0000

      ---- Registry - GMER 2.1 ----

      Reg HKLM\SYSTEM\CurrentControlSet\Control\Session [email protected] ???ofp???????????p????R??r?????????e?????p?????p??????(??p?????????e??????N??????????????????p?????? p????????p???0?????????????s????Pointer Port?????????????-??? ???????n?????p?? ??p?2??????$???Q?????????? F??p??????????????%SystemRoot%\system32\[email protected]%SystemRoot%\system32 \dhcpcore.dll,-100?????????p????????h?????%SystemRoot%\system32\svchost.exe -k [email protected]%SystemRoot%\system32\dhcpcore.dll,-101????? 4??p??????????????NT Authority\LocalService??????? ???? ??? ??????????????????????????????????t???????????? ??????? ???????p???????????e??NSI?Tdx?Afd??BT???????,??p??? ??????? ??????????????t????p????????????????b??p??????????????????SeChangeNotifyPrivilege?SeCreateGlobalPriv ilege??????p?p?p?p?p?p?p?p?p?p?p?p?p??????????????????????????? ???????p???????????p?2????????0???????????????2???????????????????????????? ???????p?????p???????9?????????????????e?????p?????p??? ???????p?????????????9????????????????????? ???????p?????p?????m?
      Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5792C6DC-9848-4DA2-BD24-CC3D50963F13}@LeaseObtainedTime 1389371363
      Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5792C6DC-9848-4DA2-BD24-CC3D50963F13}@T1 1862411363
      Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5792C6DC-9848-4DA2-BD24-CC3D50963F13}@T2 1680320451

      ---- EOF - GMER 2.1 ----



      Ik hoop dat je me ermee kan helpen.

      Comment


      • #4
        Ik zie niet direct verdachte zaken (buiten dat ik McAfee niet direct aanraad)

        We gaan het volgende eens doen:

        Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
        .
        • Log enkel in als beheerder met alle rechten.
        • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
        • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
        • Volg aandachtig de instructies die door mij worden gegeven.
        • Volg enkel het door mij gegeven advies op
        • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
        • Als je iets niet weet of verstaat, vraag het dan even aub.
        • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
        • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
        • Zet je emoticons (Smileys) uit als je logs plaatst aub .
        • De logs niet als bijlage, noch tussen codetags zetten aub.

        .
        Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
        De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

        Stap 1:

        Malware scannen en verwijderen....

        Start MBAM.
        Zodra het programma gestart is, ga je naar het tabblad "Instellingen"
        .
        • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
        • Ga naar het tabblad "Updates" en Update MBAM.
        • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
        • Druk vervolgens op "Scannen" om de scan te starten.
        • Het scannen kan een tijdje duren, dus wees geduldig.
        • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
        • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
          Indien het veel items zijn, kan je in het venster rechtsklikken en "alle items selecteren" kiezen.
        • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

        .
        Indien MBAM vraagt om een herstart, doe dit dan ook.
        Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
        In dat geval post je dus de twee logs.

        De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


        Bij problemen!!!
        .
        .
        ___________________________________________________________

        Stap 2:

        Controle op slechte toolbars...

        Download AdwCleaner by Xplode naar je Bureaublad.
        • Sluit alle openstaande vensters
        • Start AdwCleaner
        • Klik op Scan
        • Klik op Clean
        • KLIK HIER voor een vergroting! 

        Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
        Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner\AdwCleaner[xx].txt post de inhoud hier op het Forum.

        Enkel de log na de "clean" optie heb ik nodig.

        Vergeet niet om je "smileys" uit te schakelen.

        Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

        ___________________________________________________________

        Stap 3:

        Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


        DDS is een diagnosetool en maakt gebruik van scripts.
        Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


        Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
        Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
        Beide logfiles sla je op je bureaublad.

        Post de inhoud van DDS.txt.

        De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

        ___________________________________________________________

        Stap 4:

        Controle op updates...

        Download Security Check op je bureaublad via hier of hier

        Start Security Check
        Volg de Instructies in het scherm
        Aan het eind verschijnt een log ( checkup.txt )
        Plaats de inhoud ervan in je volgende antwoord.

        In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
        .
        • MBAM
        • AdwCleaner
        • DDS
        • checkup.txt

        .
        Deze logs NIET als bijlage of tussen codetags posten aub.
        (Desnoods in meerdere postingen.)

        Emphyrio
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Na een tijdje scannen is het eindelijk helemaal voor elkaar.

          Hierbij eerst 2x mbam scan aangezien hij moest rebooten en ik dus nog een snelle scan moest maken:

          volledige scan:

          Malwarebytes Anti-Malware 1.75.0.1300
          www.malwarebytes.org

          Databaseversie: v2014.01.11.04

          Windows 7 Service Pack 1 x64 NTFS
          Internet Explorer 9.0.8112.16421
          Sonny :: SONNY-TOSH [administrator]

          11-1-2014 22:28:03
          mbam-log-2014-01-11 (22-28-03).txt

          Scan type: Volledige scan (C:\|D:\|)
          Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
          Uitgeschakelde scan opties: P2P
          Objecten gescand: 460432
          Verstreken tijd: 1 uur/uren, 46 minuut/minuten, 50 seconde(n)

          Geheugenprocessen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Geheugenmodulen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registersleutels gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerwaarden gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerdata gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Mappen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Bestanden gedetecteerd: 1
          C:\Program Files (x86)\NetDragon\Conquer Online 2.0\TimeDelay.exe (Trojan.Agent.ED) -> Succesvol in quarantaine geplaatst en verwijderd.

          (einde)

          Snelle scan

          Malwarebytes Anti-Malware 1.75.0.1300
          www.malwarebytes.org

          Databaseversie: v2014.01.11.04

          Windows 7 Service Pack 1 x64 NTFS
          Internet Explorer 9.0.8112.16421
          Sonny :: SONNY-TOSH [administrator]

          12-1-2014 0:47:44
          mbam-log-2014-01-12 (00-47-44).txt

          Scan type: Snelle scan
          Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
          Uitgeschakelde scan opties: P2P
          Objecten gescand: 216056
          Verstreken tijd: 12 minuut/minuten, 49 seconde(n)

          Geheugenprocessen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Geheugenmodulen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registersleutels gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerwaarden gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerdata gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Mappen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Bestanden gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          (einde)


          Adwcleaner

          # AdwCleaner v3.017 - Report created 12/01/2014 at 00:35:37
          # Updated 12/01/2014 by Xplode
          # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
          # Username : Sonny - SONNY-TOSH
          # Running from : C:\Users\Sonny\Downloads\adwcleaner.exe
          # Option : Clean

          ***** [ Services ] *****

          [#] Service Deleted : Partner Service

          ***** [ Files / Folders ] *****

          Folder Deleted : C:\ProgramData\Partner

          ***** [ Shortcuts ] *****


          ***** [ Registry ] *****

          Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
          Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
          Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
          Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
          Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
          Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
          Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
          Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
          Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
          Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
          Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
          Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
          Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
          Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
          Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

          ***** [ Browsers ] *****

          -\\ Internet Explorer v9.0.8112.16421


          -\\ Google Chrome v31.0.1650.63

          [ File : C:\Users\Sonny\AppData\Local\Google\Chrome\User Data\Default\preferences ]

          Deleted : urls_to_restore_on_startup

          *************************

          AdwCleaner[R0].txt - [2244 octets] - [12/01/2014 00:32:24]
          AdwCleaner[S0].txt - [2091 octets] - [12/01/2014 00:35:37]

          ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2151 octets] ##########


          DDS
          DDS (Ver_2012-11-20.01) - NTFS_AMD64
          Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.45.2
          Run by Sonny at 0:45:12 on 2014-01-12
          Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6126.4479 [GMT 1:00]
          .
          AV: McAfee Antivirus en antispyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
          AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
          SP: McAfee Antivirus en antispyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
          SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
          FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
          FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
          .
          ============== Running Processes ===============
          .
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          C:\Windows\system32\nvvsvc.exe
          C:\Windows\system32\svchost.exe -k RPCSS
          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Windows\system32\svchost.exe -k LocalService
          C:\Windows\System32\WUDFHost.exe
          C:\Windows\system32\svchost.exe -k NetworkService
          C:\Windows\System32\GFNEXSrv.exe
          C:\Windows\system32\WLANExt.exe
          C:\Windows\System32\spoolsv.exe
          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
          C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
          C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
          C:\Windows\system32\nvvsvc.exe
          C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
          C:\Windows\system32\mfevtps.exe
          C:\Windows\system32\svchost.exe -k imgsvc
          C:\Windows\system32\TODDSrv.exe
          C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
          C:\Program Files\McAfee\MSC\McAPExe.exe
          C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
          C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
          C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
          C:\Windows\system32\rundll32.exe
          C:\Windows\system32\rundll32.exe
          C:\Windows\SysWOW64\rundll32.exe
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
          C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Windows\system32\taskhost.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\system32\Dwm.exe
          C:\Windows\Explorer.EXE
          C:\Windows\system32\wbem\unsecapp.exe
          C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
          C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
          C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
          C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
          C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
          C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
          C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
          C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
          C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
          C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe
          C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
          C:\Windows\system32\SearchIndexer.exe
          C:\Program Files\Windows Media Player\wmpnetwk.exe
          C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
          C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
          C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
          C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
          C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
          C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
          C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
          C:\Windows\system32\SearchProtocolHost.exe
          C:\Windows\system32\SearchFilterHost.exe
          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
          C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
          C:\Windows\System32\svchost.exe -k WerSvcGroup
          C:\Windows\System32\cscript.exe
          .
          ============== Pseudo HJT Report ===============
          .
          uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
          uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
          mWinlogon: Userinit = userinit.exe,
          BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
          BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
          BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
          BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
          BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
          BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
          TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
          TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
          uRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
          mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
          mRun: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
          mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
          mRun: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
          mRun: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
          mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
          mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
          mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
          dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
          StartupFolder: C:\Users\Sonny\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe
          StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TOSHIB~1.LNK - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
          mPolicies-Explorer: NoActiveDesktop = dword:1
          mPolicies-Explorer: NoActiveDesktopChanges = dword:1
          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
          mPolicies-System: ConsentPromptBehaviorUser = dword:3
          mPolicies-System: EnableUIADesktopToggle = dword:0
          IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
          IE: Toevoegen aan TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
          IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
          IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
          IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
          IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll
          DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
          DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
          DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
          TCP: NameServer = 192.168.0.1
          TCP: Interfaces\{5792C6DC-9848-4DA2-BD24-CC3D50963F13} : DHCPNameServer = 192.168.0.1
          TCP: Interfaces\{5792C6DC-9848-4DA2-BD24-CC3D50963F13}\8445340205F627471626C6560284F6473707F647 : DHCPNameServer = 192.168.1.1
          Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
          Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
          Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
          Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
          Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
          SSODL: WebCheck - <orphaned>
          SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
          mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
          x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
          x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
          x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
          x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
          x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
          x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
          x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
          x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
          x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
          x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
          x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
          x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
          x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
          x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
          x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
          x64-IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll
          x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
          x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
          x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
          x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
          x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
          x64-SSODL: WebCheck - <orphaned>
          .
          ============= SERVICES / DRIVERS ===============
          .
          R2 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-13 311120]
          R2 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-13 782360]
          R2 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-13 343696]
          R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-13 70112]
          R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-13 519576]
          R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-11-26 411944]
          R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-31 413800]
          S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\Windows\System32\drivers\btfilter.sys [2010-10-18 42096]
          S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-1-8 197704]
          S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-11-26 96112]
          S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-13 98728]
          S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-1-7 250984]
          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
          S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
          .
          =============== Created Last 30 ================
          .
          2014-01-11 23:31:56 -------- d-----w- C:\AdwCleaner
          2014-01-11 14:31:02 -------- d-----w- C:\Program Files (x86)\CrystalDiskInfo
          2014-01-10 17:10:32 142336 ----a-w- C:\Windows\System32\poqexec.exe
          2014-01-10 17:10:27 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
          2014-01-10 15:31:43 -------- d-----w- C:\Users\Sonny\AppData\Roaming\Malwarebytes
          2014-01-10 15:21:58 -------- d-----w- C:\ProgramData\Malwarebytes
          2014-01-10 15:21:06 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
          2014-01-10 15:21:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
          2014-01-10 15:20:52 -------- d-----w- C:\Users\Sonny\AppData\Local\Programs
          2014-01-10 14:55:34 -------- d-----w- C:\Windows\SysWow64\Wat
          2014-01-10 14:55:30 -------- d-----w- C:\Windows\System32\Wat
          2014-01-10 10:42:14 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
          2014-01-10 10:30:05 -------- d-----w- C:\Users\Sonny\AppData\Local\Microsoft Help
          2014-01-10 09:45:10 -------- d-----w- C:\Users\Sonny\AppData\Roaming\TP
          2014-01-10 09:30:41 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
          2014-01-09 19:23:16 461312 ----a-w- C:\Windows\System32\scavengeui.dll
          2014-01-09 19:01:46 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
          2014-01-09 19:01:46 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
          2014-01-09 19:01:45 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
          2014-01-09 19:01:45 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
          2014-01-09 19:01:44 744448 ----a-w- C:\Windows\System32\WUDFx.dll
          2014-01-09 19:01:44 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
          2014-01-09 19:01:44 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
          2014-01-09 07:20:38 81408 ----a-w- C:\Windows\System32\imagehlp.dll
          2014-01-09 07:20:38 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
          2014-01-09 07:20:38 5120 ----a-w- C:\Windows\System32\wmi.dll
          2014-01-09 07:20:38 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
          2014-01-09 07:20:38 220672 ----a-w- C:\Windows\System32\wintrust.dll
          2014-01-09 07:20:38 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
          2014-01-09 07:20:38 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
          2014-01-08 18:32:41 77312 ----a-w- C:\Windows\System32\packager.dll
          2014-01-08 18:32:41 67072 ----a-w- C:\Windows\SysWow64\packager.dll
          2014-01-08 08:47:05 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
          2014-01-08 08:47:05 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
          2014-01-08 08:47:05 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
          2014-01-08 08:47:05 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
          2014-01-08 08:27:53 197704 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
          2014-01-08 08:04:32 2622464 ----a-w- C:\Windows\System32\wucltux.dll
          2014-01-08 08:03:40 99840 ----a-w- C:\Windows\System32\wudriver.dll
          2014-01-08 08:02:50 36864 ----a-w- C:\Windows\System32\wuapp.exe
          2014-01-08 08:02:50 186752 ----a-w- C:\Windows\System32\wuwebv.dll
          2014-01-07 22:48:12 -------- d-----w- C:\Users\Sonny\AppData\Local\Google
          2014-01-07 22:36:13 -------- d-----w- C:\Users\Sonny\AppData\Local\TOSHIBA
          2014-01-07 22:35:26 -------- d-----w- C:\Users\Sonny\AppData\Local\VirtualStore
          2014-01-07 22:26:24 -------- d-----w- C:\Windows\OemDrv
          2014-01-07 22:23:19 -------- d-----w- C:\Program Files (x86)\TOSHIBA Corporation
          2014-01-07 22:14:31 -------- d-----w- C:\Windows\Downloaded Installations
          2014-01-07 22:12:12 -------- d-----w- C:\Windows\SysWow64\sda
          2014-01-07 22:11:54 9888360 ----a-w- C:\Windows\SysWow64\RtsUStoricon.dll
          2014-01-07 22:11:54 422504 ----a-w- C:\Windows\System32\RtsUStor.dll
          2014-01-07 22:11:54 250984 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys
          2014-01-07 22:10:14 40832 ----a-w- C:\Windows\System32\drivers\TosBtCi.dll
          2014-01-07 22:09:06 -------- d-----w- C:\Program Files (x86)\TOH Class Filter
          2014-01-07 22:08:42 -------- d-----w- C:\Program Files\Synaptics
          2014-01-07 22:08:21 99320 ----a-w- C:\Windows\System32\tosWirelessLANIndicatorCP.dll
          2014-01-07 22:08:21 827728 ----a-w- C:\Windows\System32\msvcr100.dll
          2014-01-07 22:08:21 607568 ----a-w- C:\Windows\System32\msvcp100.dll
          2014-01-07 22:03:17 2675712 ----a-w- C:\Windows\System32\drivers\athrx.sys
          2014-01-07 22:03:17 -------- d-----w- C:\Windows\Options
          2014-01-07 22:03:16 63648 ----a-w- C:\Windows\System32\athihvui.dll
          2014-01-07 22:03:16 443040 ----a-w- C:\Windows\System32\athihvs.dll
          2014-01-07 22:03:16 -------- d-----w- C:\Windows\System32\nn-NO
          2014-01-07 22:03:16 -------- d-----w- C:\Program Files (x86)\Atheros
          2014-01-07 22:02:52 -------- d-----w- C:\ProgramData\Atheros
          2014-01-07 21:38:57 -------- d-----w- C:\Windows\SysWow64\RTCOM
          2014-01-07 21:38:57 -------- d-----w- C:\Program Files\Realtek
          2014-01-07 21:29:33 24576 ----a-w- C:\Windows\SysWow64\TSCI.dll
          2014-01-07 21:29:33 24576 ----a-w- C:\Windows\SysWow64\THCI.dll
          2014-01-07 21:29:08 162824 ----a-w- C:\Windows\System32\GFNEXSrv.exe
          2014-01-07 21:29:08 152376 ----a-w- C:\Windows\System32\GFNEX64.dll
          2014-01-07 21:29:08 128312 ----a-w- C:\Windows\SysWow64\GFNEX.dll
          2014-01-07 21:26:32 439320 ----a-w- C:\Windows\System32\drivers\iaStor.sys
          2014-01-07 21:23:47 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
          2014-01-07 21:21:47 -------- d-----w- C:\Program Files\NVIDIA Corporation
          2014-01-07 21:20:32 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
          2014-01-07 21:20:27 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
          2014-01-07 21:19:58 56344 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
          2014-01-07 21:19:58 -------- d-----w- C:\Intel
          2014-01-07 21:16:26 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
          2014-01-07 21:15:21 -------- d-sh--w- C:\$RECYCLE.BIN
          2014-01-07 08:20:51 -------- d-----w- C:\Program Files (x86)\NetDragon
          2014-01-07 08:09:28 -------- d-----w- C:\ProgramData\Oracle
          2014-01-07 08:08:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
          2014-01-07 08:08:38 -------- d-----r- C:\Users\Sonny\Dropbox
          2014-01-07 08:08:04 -------- d-----w- C:\Users\Sonny\AppData\Roaming\DropboxMaster
          2014-01-07 08:05:42 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
          2014-01-07 08:05:42 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
          2014-01-07 08:04:19 -------- d-----w- C:\Users\Sonny\AppData\Roaming\Dropbox
          2014-01-07 08:01:11 -------- d-----w- C:\Users\Sonny\AppData\Local\Adobe
          .
          ==================== Find3M ====================
          .
          2013-11-26 21:07:44 10856 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
          2013-11-26 21:07:22 96112 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
          2013-11-26 21:07:02 411944 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
          2013-11-04 15:51:44 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys
          2013-11-04 15:46:34 343696 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
          2013-11-04 15:46:16 182752 ----a-w- C:\Windows\System32\mfevtps.exe
          2013-11-04 15:43:04 782360 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
          2013-11-04 15:41:22 519576 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
          2013-11-04 15:40:00 311120 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
          2013-11-04 15:39:20 179792 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
          .
          ============= FINISH: 0:55:21,45 ===============


          Checkup

          Results of screen317's Security Check version 0.99.78
          Windows 7 Service Pack 1 x64 (UAC is enabled)
          Internet Explorer 11
          ``````````````Antivirus/Firewall Check:``````````````
          McAfee Antivirus en antispyware
          McAfeeAntivirus en antispyware
          WMI entry may not exist for antivirus; attempting automatic update.
          `````````Anti-malware/Other Utilities Check:`````````
          Java(TM) 6 Update 20
          Java 7 Update 45
          Adobe Flash Player 11.9.900.170
          Adobe Reader 10.1.0 Adobe Reader out of Date!
          Google Chrome 12.0.742.91
          Google Chrome 31.0.1650.63
          ````````Process Check: objlist.exe by Laurent````````
          Malwarebytes Anti-Malware mbam.exe
          TOSHIBA TOSHIBA Online Product Information TOPI.exe
          `````````````````System Health check`````````````````
          Total Fragmentation on Drive C: 6%
          ````````````````````End of Log``````````````````````



          Hopelijk vind je iets dat niet goed is

          Comment


          • #6
            Deze mag je verwijderen via Software: Java(TM) 6 Update 20
            PC herstarten.

            Download of Update Ccleaner

            Start CCleaner op.
            • Run Ccleaner en klik in de linkse kolom op Opties
            • Selecteer het tabblad Geavanceerd
            • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
            • Selecteer het tabblad Instellingen
            • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
            • Klik in de linkse kolom op Cleaner.
            • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
            • Klik vervolgens in de linkse kolom op Register
            • Klik op Scan naar problemen.
            • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK

            .
            Zijn er nog problemen?
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              Bedankt tot zo ver de hulp. Hij is alweer een stuk sneller nu. Alleen heb ik nog bij het gebruik van Chrome dat de sites erg traag worden geladen. Nog enig idee wat dat kan zijn?

              Voor de rest was het probleem alleen die timechecker.exe dat trojan ding wat het probleem was?

              Comment


              • #8
                Reset je Chrome eens : https://support.google.com/chrome/answer/3296214?hl=en
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Nog steeds aan de trage kant. Staat wel telkens onderin beeld wachten op cache. Ook een spelletje die ik wil spelen via mijn laptop is erg traag. Terwijl ik vroeger gewoon makkelijk met een minder snelle internetverbinding dan nu gewoon normaal kan spelen. Ergens moet dus iets niet goed zitten lijkt me.

                  Zou tof zijn als we dat nog kunnen fixen

                  Comment


                  • #10
                    De traagheid (die relatief is) heeft niet altijd te maken met malware.
                    Andere factoren kunnen hier een rol spelen:
                    .
                    • Ouderdom pc
                    • Drivers
                    • Fragmentatie
                    • Beschikbaar RAM geheugen
                    • Beschikbaar vrije schijfruimte

                    .

                    Voer de stappen eens uit beschreven op deze pagina's:

                    Handleiding voor een schone PC.

                    Vertel dan eens even of je problemen opgelost zijn.

                    Emphyrio
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Laptop is net 2 jaar oud. En voor de rest heb ik voor we hiermee zijn begonnen de fabrieksinstellingen terug gezet met de recovery hdd.

                      Dus vrije ruimte licht het niet aan staat voor de rest niets op mijn laptop. Ik zal eens een defragmentatie starten kijken of dat iets helpt. Aan de rest kan het niet liggen denk ik.

                      Comment


                      • #12
                        Prima.
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          Na een defragmentatie nog steeds niet echt het gewenste resultaat. Wel loopt shockwave player vaak vast tijdens het surfen op internet.

                          Ook nog het internet is traag de rest doet mijn pc wel weer wat die moet doen.

                          Comment


                          • #14
                            Download Combofix en plaats het op je bureaublad.

                            KLIK HIER voor een vergroting! 

                            Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                            Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.


                            Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.


                            Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                            Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                            Als Combofix vraagt om een update, dan staat je dit toe.

                            Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                            Deze kan je vinden als C:\combofix.txt.

                            Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                            Emphyrio
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment


                            • #15
                              Combofix:

                              ComboFix 14-01-14.02 - Sonny 13-01-2014 23:27:12.1.4 - x64
                              Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6126.3886 [GMT 1:00]
                              Gestart vanuit: c:\users\Sonny\Desktop\ComboFix.exe
                              AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
                              AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
                              FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
                              FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
                              SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
                              SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
                              SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                              .
                              .
                              (((((((((((((((((((( Bestanden Gemaakt van 2013-12-13 to 2014-01-13 ))))))))))))))))))))))))))))))
                              .
                              .
                              2014-01-13 22:35 . 2014-01-13 22:35 -------- d-----w- c:\users\Default\AppData\Local\temp
                              2014-01-12 20:02 . 2014-01-12 20:02 -------- d-----w- c:\program files (x86)\Common Files\Skype
                              2014-01-12 20:02 . 2014-01-12 20:02 -------- d-----r- c:\program files (x86)\Skype
                              2014-01-12 18:26 . 2014-01-12 18:27 -------- d-----w- c:\program files\CCleaner
                              2014-01-11 23:31 . 2014-01-11 23:35 -------- d-----w- C:\AdwCleaner
                              2014-01-11 14:31 . 2014-01-11 14:33 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
                              2014-01-10 17:30 . 2014-01-10 17:30 -------- d-----w- c:\program files (x86)\Microsoft Works
                              2014-01-10 17:10 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
                              2014-01-10 17:10 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
                              2014-01-10 15:21 . 2014-01-10 15:21 -------- d-----w- c:\programdata\Malwarebytes
                              2014-01-10 15:21 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
                              2014-01-10 15:21 . 2014-01-10 15:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
                              2014-01-10 14:55 . 2014-01-10 14:55 -------- d-----w- c:\windows\SysWow64\Wat
                              2014-01-10 14:55 . 2014-01-10 14:55 -------- d-----w- c:\windows\system32\Wat
                              2014-01-10 10:43 . 2014-01-10 10:43 -------- d-----w- c:\program files\Microsoft Office
                              2014-01-10 10:42 . 2014-01-10 10:42 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
                              2014-01-10 10:29 . 2014-01-10 17:33 -------- d-----w- c:\programdata\Microsoft Help
                              2014-01-10 10:12 . 2014-01-10 10:12 -------- d-----r- C:\MSOCache
                              2014-01-10 09:30 . 2014-01-10 09:30 -------- d-----w- c:\program files (x86)\MSXML 4.0
                              2014-01-09 19:23 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
                              2014-01-09 19:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
                              2014-01-09 19:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
                              2014-01-09 19:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
                              2014-01-09 19:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
                              2014-01-09 19:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
                              2014-01-09 19:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
                              2014-01-09 19:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
                              2014-01-09 07:20 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
                              2014-01-09 07:20 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
                              2014-01-09 07:20 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
                              2014-01-09 07:20 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
                              2014-01-09 07:20 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
                              2014-01-09 07:20 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
                              2014-01-09 07:20 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
                              2014-01-08 18:32 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
                              2014-01-08 18:32 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
                              2014-01-08 08:47 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
                              2014-01-08 08:47 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
                              2014-01-08 08:47 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
                              2014-01-08 08:47 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
                              2014-01-08 08:27 . 2013-09-23 12:49 197704 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
                              2014-01-08 08:04 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
                              2014-01-08 08:04 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
                              2014-01-08 08:04 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
                              2014-01-08 08:04 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
                              2014-01-08 08:03 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
                              2014-01-08 08:03 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
                              2014-01-08 08:03 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
                              2014-01-08 08:02 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
                              2014-01-08 08:02 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
                              2014-01-07 22:33 . 2014-01-07 22:33 -------- d-----w- c:\programdata\ToshibaEurope
                              2014-01-07 22:33 . 2014-01-10 15:35 -------- d-----w- c:\users\Sonny
                              2014-01-07 22:26 . 2014-01-07 22:26 -------- d-----w- c:\windows\OemDrv
                              2014-01-07 22:23 . 2014-01-07 22:23 -------- d-----w- c:\program files (x86)\TOSHIBA Corporation
                              2014-01-07 22:14 . 2014-01-07 22:14 -------- d-----w- c:\windows\Downloaded Installations
                              2014-01-07 22:13 . 2014-01-07 22:44 -------- d-----w- c:\programdata\TOSHIBA
                              2014-01-07 22:12 . 2014-01-07 22:12 -------- d-----w- c:\windows\SysWow64\sda
                              2014-01-07 22:11 . 2010-10-29 15:11 9888360 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll
                              2014-01-07 22:11 . 2010-10-29 15:11 422504 ----a-w- c:\windows\system32\RtsUStor.dll
                              2014-01-07 22:11 . 2010-10-29 15:11 250984 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
                              2014-01-07 22:10 . 2009-06-18 20:42 40832 ----a-w- c:\windows\system32\drivers\TosBtCi.dll
                              2014-01-07 22:09 . 2014-01-07 22:09 -------- d-----w- c:\program files (x86)\TOH Class Filter
                              2014-01-07 22:08 . 2014-01-07 22:08 -------- d-----w- c:\program files\Synaptics
                              2014-01-07 22:08 . 2011-02-17 15:42 99320 ----a-w- c:\windows\system32\tosWirelessLANIndicatorCP.dll
                              2014-01-07 22:08 . 2010-03-18 08:36 827728 ----a-w- c:\windows\system32\msvcr100.dll
                              2014-01-07 22:08 . 2010-03-18 08:36 607568 ----a-w- c:\windows\system32\msvcp100.dll
                              2014-01-07 22:03 . 2014-01-07 22:03 -------- d-----w- c:\windows\Options
                              2014-01-07 22:03 . 2010-12-17 18:46 2675712 ----a-w- c:\windows\system32\drivers\athrx.sys
                              2014-01-07 22:03 . 2014-01-07 22:03 -------- d-----w- c:\program files (x86)\Atheros
                              2014-01-07 22:03 . 2014-01-07 22:03 -------- d-----w- c:\windows\system32\nn-NO
                              2014-01-07 22:03 . 2010-12-20 18:20 63648 ----a-w- c:\windows\system32\athihvui.dll
                              2014-01-07 22:03 . 2010-12-20 18:20 443040 ----a-w- c:\windows\system32\athihvs.dll
                              2014-01-07 22:02 . 2014-01-07 22:06 -------- d-----w- c:\programdata\Atheros
                              2014-01-07 21:38 . 2014-01-07 21:38 -------- d-----w- c:\windows\SysWow64\RTCOM
                              2014-01-07 21:38 . 2014-01-07 21:38 -------- d-----w- c:\program files\Realtek
                              2014-01-07 21:29 . 1999-10-12 18:47 24576 ----a-w- c:\windows\SysWow64\TSCI.dll
                              2014-01-07 21:29 . 1999-10-12 18:45 24576 ----a-w- c:\windows\SysWow64\THCI.dll
                              2014-01-07 21:29 . 2010-09-09 16:26 162824 ----a-w- c:\windows\system32\GFNEXSrv.exe
                              2014-01-07 21:29 . 2010-09-09 16:26 152376 ----a-w- c:\windows\system32\GFNEX64.dll
                              2014-01-07 21:29 . 2010-09-09 16:26 128312 ----a-w- c:\windows\SysWow64\GFNEX.dll
                              2014-01-07 21:26 . 2011-01-12 16:51 439320 ----a-w- c:\windows\system32\drivers\iaStor.sys
                              2014-01-07 21:25 . 2014-01-07 21:25 -------- d-----w- c:\programdata\NVIDIA
                              2014-01-07 21:23 . 2014-01-07 21:23 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
                              2014-01-07 21:20 . 2010-12-20 17:08 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
                              2014-01-07 21:20 . 2014-01-07 21:20 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
                              2014-01-07 21:19 . 2014-01-07 21:19 -------- d-----w- C:\Intel
                              2014-01-07 21:19 . 2010-10-19 15:34 56344 ----a-w- c:\windows\system32\drivers\HECIx64.sys
                              2014-01-07 21:16 . 2014-01-07 21:26 -------- d-----w- c:\program files (x86)\Intel
                              2014-01-07 21:16 . 2010-10-04 12:02 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
                              2014-01-07 08:20 . 2014-01-07 08:20 -------- d-----w- c:\program files (x86)\NetDragon
                              2014-01-07 08:09 . 2014-01-07 08:09 -------- d-----w- c:\programdata\Oracle
                              2014-01-07 08:09 . 2014-01-07 08:09 -------- d-----w- c:\program files (x86)\Common Files\Java
                              2014-01-07 08:08 . 2014-01-07 08:08 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                              2014-01-07 08:05 . 2014-01-07 08:33 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                              2014-01-07 08:05 . 2014-01-07 08:33 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                              2014-01-07 08:05 . 2014-01-07 08:05 -------- d-----w- c:\windows\system32\Macromed
                              .
                              .
                              .
                              ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                              .
                              2014-01-11 21:24 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
                              2013-11-26 21:07 . 2013-11-26 21:07 10856 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys
                              2013-11-26 21:07 . 2013-11-26 21:07 96112 ----a-w- c:\windows\system32\drivers\mfencrk.sys
                              2013-11-26 21:07 . 2013-11-26 21:07 411944 ----a-w- c:\windows\system32\drivers\mfencbdc.sys
                              2013-11-04 15:51 . 2011-03-13 09:20 70112 ----a-w- c:\windows\system32\drivers\cfwids.sys
                              2013-11-04 15:46 . 2011-03-13 09:20 343696 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
                              2013-11-04 15:46 . 2011-08-31 08:52 182752 ----a-w- c:\windows\system32\mfevtps.exe
                              2013-11-04 15:43 . 2011-03-13 09:20 782360 ----a-w- c:\windows\system32\drivers\mfehidk.sys
                              2013-11-04 15:41 . 2011-03-13 09:20 519576 ----a-w- c:\windows\system32\drivers\mfefirek.sys
                              2013-11-04 15:40 . 2011-03-13 09:20 311120 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
                              2013-11-04 15:39 . 2011-03-13 09:20 179792 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
                              .
                              .
                              ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                              .
                              .
                              *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                              REGEDIT4
                              .
                              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt1]
                              @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                              [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                              2013-09-10 23:54 131248 ----a-w- c:\users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                              .
                              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt2]
                              @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                              [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                              2013-09-10 23:54 131248 ----a-w- c:\users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                              .
                              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt3]
                              @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                              [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                              2013-09-10 23:54 131248 ----a-w- c:\users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                              .
                              [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                              "TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-05-16 846936]
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                              "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
                              "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-06-29 1409424]
                              "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
                              "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
                              "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
                              "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
                              .
                              [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
                              "TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-05-16 846936]
                              .
                              c:\users\Sonny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                              Dropbox.lnk - c:\users\Sonny\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 33508336]
                              .
                              c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
                              Toshiba Places Icon Utility.lnk - c:\program files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [2011-8-31 1493888]
                              .
                              c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                              TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2011-5-24 1875456]
                              .
                              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                              "ConsentPromptBehaviorAdmin"= 5 (0x5)
                              "ConsentPromptBehaviorUser"= 3 (0x3)
                              "EnableUIADesktopToggle"= 0 (0x0)
                              "EnableLinkedConnections"= 1 (0x1)
                              .
                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
                              @=""
                              .
                              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
                              @=""
                              .
                              R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                              R2 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
                              R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                              R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
                              R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
                              R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
                              R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe;c:\progra~1\mcafee\msc\mcawfwk.exe [x]
                              R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
                              R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
                              R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
                              R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
                              R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                              R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
                              R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                              R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
                              S2 GFNEXSrv;GFNEX Service;c:\windows\System32\GFNEXSrv.exe;c:\windows\SYSNATIVE\GFNEXSrv.exe [x]
                              S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
                              S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
                              S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
                              S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
                              S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
                              S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
                              S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
                              S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
                              S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
                              S2 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
                              S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
                              S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                              S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
                              S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
                              S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
                              S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
                              S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
                              S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
                              .
                              .
                              --- Andere Services/Drivers In Geheugen ---
                              .
                              *Deregistered* - mfeapfk01
                              *Deregistered* - mfeavfk01
                              .
                              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                              2014-01-13 22:06 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
                              .
                              Inhoud van de 'Gedeelde Taken' map
                              .
                              2014-01-13 c:\windows\Tasks\Adobe Flash Player Updater.job
                              - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-07 08:33]
                              .
                              2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                              - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-31 09:13]
                              .
                              2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                              - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-31 09:13]
                              .
                              .
                              --------- X64 Entries -----------
                              .
                              .
                              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
                              @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                              [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                              2013-09-10 23:54 164016 ----a-w- c:\users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                              .
                              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
                              @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                              [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                              2013-09-10 23:54 164016 ----a-w- c:\users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                              .
                              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
                              @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                              [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                              2013-09-10 23:54 164016 ----a-w- c:\users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                              .
                              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
                              @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                              [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                              2013-09-10 23:54 164016 ----a-w- c:\users\Sonny\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                              "Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
                              "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-12 11775592]
                              "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-10 2186856]
                              "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 710040]
                              "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
                              "Toshiba Registration"="c:\program files\TOSHIBA\Registration\ToshibaReminder.exe" [2011-08-31 150992]
                              .
                              ------- Bijkomende Scan -------
                              .
                              uLocal Page = c:\windows\system32\blank.htm
                              uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
                              mLocal Page = c:\windows\SysWOW64\blank.htm
                              IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
                              IE: Toevoegen aan TOSHIBA Bulletin Board - c:\program files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
                              TCP: DhcpNameServer = 192.168.0.1
                              .
                              - - - - ORPHANS VERWIJDERD - - - -
                              .
                              Toolbar-Locked - (no file)
                              Toolbar-Locked - (no file)
                              HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
                              HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
                              HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
                              HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
                              HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
                              .
                              .
                              .
                              --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                              @Denied: (A 2) (Everyone)
                              @="FlashBroker"
                              "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe ,-101"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                              "Enabled"=dword:00000001
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                              @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                              @Denied: (A 2) (Everyone)
                              @="IFlashBroker5"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                              @="{00020424-0000-0000-C000-000000000046}"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                              "Version"="1.0"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                              @Denied: (A 2) (Everyone)
                              @="FlashBroker"
                              "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe ,-101"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                              "Enabled"=dword:00000001
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                              @Denied: (A 2) (Everyone)
                              @="Shockwave Flash Object"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
                              "ThreadingModel"="Apartment"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                              @="0"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                              @="ShockwaveFlash.ShockwaveFlash.11"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                              @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                              @="1.0"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                              @="ShockwaveFlash.ShockwaveFlash"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                              @Denied: (A 2) (Everyone)
                              @="Macromedia Flash Factory Object"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
                              "ThreadingModel"="Apartment"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                              @="FlashFactory.FlashFactory.1"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                              @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                              @="1.0"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                              @="FlashFactory.FlashFactory"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                              @Denied: (A 2) (Everyone)
                              @="IFlashBroker5"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                              @="{00020424-0000-0000-C000-000000000046}"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                              "Version"="1.0"
                              .
                              [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
                              "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
                              00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
                              .
                              [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                              @Denied: (Full) (Everyone)
                              .
                              Voltooingstijd: 2014-01-13 23:38:45
                              ComboFix-quarantined-files.txt 2014-01-13 22:38
                              .
                              Pre-Run: 265.934.323.712 bytes beschikbaar
                              Post-Run: 265.837.088.768 bytes beschikbaar
                              .
                              - - End Of File - - 518AB8A69EA87D906B3743E8B8501033

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X