Mededeling

Collapse
No announcement yet.

Continu last van pop up schermen en ongevraagd openen van vreemde site's

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Continu last van pop up schermen en ongevraagd openen van vreemde site's

    Ondanks dat Norton360, Norton utilities op de pc heb , word ik continu lastig gevallen met pop ups, sites die spontaan geopend worden etc etc. Norton Power Eraser helpt ook al niet. De pc wordt ook steeds langzamer.
    Hoe krijg ik dat weg ??? en hoe voorkom je dit ondanks dat je denkt dat je met Norton veilig was!!

  • #2
    Hoi blank013 en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Stap 1:

    Malware scannen en verwijderen....

    Heb je MBAM reeds op je pc staan, moet je niet downloaden uiteraard.

    Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links: Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    KLIK HIER voor een vergroting! 
    Klik op de foto voor een vergroting...

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    .___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scan
    • Klik op Clean
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner\AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Enkel de log na de "clean" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com
    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.


    ___________________________________________________________

    Stap 4:

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.


    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      gevraagde logs

      Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
      www.malwarebytes.org

      Databaseversie: v2014.02.04.11

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 11.0.9600.16476
      Piet :: PIET-PC [administrator]

      Bescherming: Ingeschakeld

      4-2-2014 21:45:27
      mbam-log-2014-02-04 (21-45-27).txt

      Scan type: Volledige scan (C:\|D:\|G:\|Q:\|)
      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
      Uitgeschakelde scan opties: P2P
      Objecten gescand: 540482
      Verstreken tijd: 1 uur/uren, 37 minuut/minuten, 12 seconde(n)

      Geheugenprocessen gedetecteerd: 1
      C:\Program Files\Web Assistant\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 1092 -> Zal worden verwijderd tijdens het herstarten.

      Geheugenmodulen gedetecteerd: 3
      C:\Users\Piet\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.
      C:\Program Files (x86)\Toggle\toggle\1.8.8.6\toggleApp.dll (PUP.Optional.BabylonToolBar.A) -> Zal worden verwijderd tijdens het herstarten.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ie\MediaPlayerV1alpha409.dll (PUP.Optional.MediaPlayerAlpha.A) -> Zal worden verwijderd tijdens het herstarten.

      Registersleutels gedetecteerd: 49
      HKLM\SYSTEM\CurrentControlSet\Services\IB Updater (PUP.Optional.SweetPacks.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\esrv.BabylonESrvc.1 (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\esrv.BabylonESrvc (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\b (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\Typelib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\CLSID\{FF2874F1-8CEC-40CD-A8E2-023AA6557215} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\toggle.toggleappCore.1 (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\toggle.toggleappCore (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\bbylnApp.appCore.1 (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\bbylnApp.appCore (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\CLSID\{87E90E67-8655-4548-B037-03BA1158A487} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\toggle.toggledskBnd.1 (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\toggle.toggledskBnd (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{87E90E67-8655-4548-B037-03BA1158A487} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{87E90E67-8655-4548-B037-03BA1158A487} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\Babylon.dskBnd.1 (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\Babylon.dskBnd (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free Easy Burner_is1 (PUP.Optional.Koyote.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786} (PUP.Optional.SilentInstall.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_156f8a5f (PUP.OPtional.SaveAs.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\BabylonToolbar (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\MediaPlayerV1alpha409 (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\CLSID\{6580ee14-5cd9-43b2-9e0a-7c0bb3eb7cd4} (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\TypeLib\{0f7b8d10-ed84-494c-b49b-5ea596da42d6} (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCR\Interface\{AE68C218-7329-4DF8-8B49-DD2AA31C14C9} (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6580EE14-5CD9-43B2-9E0A-7C0BB3EB7CD4} (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6580EE14-5CD9-43B2-9E0A-7C0BB3EB7CD4} (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6580EE14-5CD9-43B2-9E0A-7C0BB3EB7CD4} (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.

      Registerwaarden gedetecteerd: 6
      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Piet\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{87E90E67-8655-4548-B037-03BA1158A487} (PUP.Optional.BabylonToolBar.A) -> Data: Toggle Toolbar -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{98889811-442D-49DD-99D7-DC866BE87DBC} (PUP.Optional.BabylonToolBar.A) -> Data: Babylon Toolbar -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Mozilla\Firefox\Extensions|[email protected] (PUP.Optional.MediaPlayerAlpha.A) -> Data: C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SOFTWARE\Mozilla\Firefox\extensions|{336D0C35-8A85-403a-B9D2-65C292C39087} (PUP.Optional.Incredibar) -> Data: C:\Program Files\Web Assistant\Firefox -> Succesvol in quarantaine geplaatst en verwijderd.
      HKLM\SYSTEM\CurrentControlSet\Services\IB Updater|ImagePath (PUP.Optional.IBUpdater) -> Data: C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -> Succesvol in quarantaine geplaatst en verwijderd.

      Registerdata gedetecteerd: 1
      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.OPtional.SaveAs.A) -> Slecht: (c:\progra~2\saveas\sprote~1.dll) Goed: () -> Succesvol in quarantaine geplaatst en gerepareerd.

      Mappen gedetecteerd: 39
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs (PUP.OPtional.SaveAs.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\SaveAs (PUP.OPtional.SaveAs.A) -> Zal worden verwijderd tijdens het herstarten.
      C:\Users\Piet\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Roaming\OpenCandy\5053D2B13B8E4DA1ABAAE61F9DC92199 (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Roaming\OpenCandy\8AEF25A13BE64829A6968AFF9042D12E (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Roaming\OpenCandy\ABA300E7BB3D4FCC82056E09772F222A (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ch (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ff (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ff\chrome (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ff\chrome\content (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ie (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.
      C:\Users\Piet\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437 (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ch (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff\chrome (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff\chrome\content (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff\chrome\content\icons (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ie (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805 (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ch (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\chrome (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\chrome\content (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\chrome\content\icons (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\chrome\content\icons\default (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ie (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409 (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ch (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\chrome (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\chrome\content (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\chrome\content\icons (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\chrome\content\icons\default (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ie (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.

      Bestanden gedetecteerd: 59
      C:\Program Files\Web Assistant\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Zal worden verwijderd tijdens het herstarten.
      C:\Users\Piet\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.
      C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarsrv.exe (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarEng.dll (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarApp.dll (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Toggle\toggle\1.8.8.6\toggleApp.dll (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Toggle\toggle\1.8.8.6\toggleTlbr.dll (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\uninstall.exe (PUP.Optional.BabylonToolBar.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Free Easy CD DVD Burner\Uninstall.exe (PUP.Optional.Koyote.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\FrostWire 5\frostwire-installer.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\FrostWire 5\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\ProgramData\SaveAs\uninstall.exe (PUP.Optional.SilentInstall.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\.frostwire5\updates\frostwire-5.6.6.windows.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Roaming\OpenCandy\ABA300E7BB3D4FCC82056E09772F222A\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\Contacts\.frostwire5\updates\frostwire-5.6.5.windows.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs\SaveAs.lnk (PUP.OPtional.SaveAs.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs\Uninstall.lnk (PUP.OPtional.SaveAs.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\SaveAs\sprotector.dll (PUP.OPtional.SaveAs.A) -> Zal worden verwijderd tijdens het herstarten.
      C:\Program Files (x86)\SaveAs\uninstall.exe (PUP.OPtional.SaveAs.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Roaming\OpenCandy\5053D2B13B8E4DA1ABAAE61F9DC92199\speedupmypcNL.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Roaming\OpenCandy\8AEF25A13BE64829A6968AFF9042D12E\TuneUpUtilities2013-2200334_nl-NL.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Roaming\OpenCandy\ABA300E7BB3D4FCC82056E09772F222A\spotflux_p1v0.exe (PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ff\Better-Surf.xpi (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ff\build.cmd (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ff\chrome.manifest (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ff\install.rdf (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ff\chrome\content\firefox.js (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\Better-Surf\ff\chrome\content\overlay.xul (PUP.Optional.BetterSurf) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Users\Piet\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\uninstall.exe (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ch\WebexpEnhancedV1alpha437.crx (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff\chrome.manifest (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff\install.rdf (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff\chrome\content\ffWebexpEnhancedV1alpha437.js (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff\chrome\content\overlay.xul (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha437\ff\chrome\content\icons\default\WebexpEnhancedV1alph a437_32.png (PUP.Optional.Webexp) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ch\VideoPlayerV3beta805.crx (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\chrome.manifest (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\install.rdf (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\chrome\content\ffVideoPlayerV3beta805.js (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\chrome\content\ffVideoPlayerV3beta805ffaction.js (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\chrome\content\overlay.xul (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\chrome\content\icons\Thumbs.db (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta805\ff\chrome\content\icons\default\VideoPlayerV3beta805_32.png (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ch\MediaPlayerV1alpha409.crx (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\chrome.manifest (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\install.rdf (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\chrome\content\ffMediaPlayerV1alpha409.js (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\chrome\content\ffMediaPlayerV1alpha409ffaction.js (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\chrome\content\overlay.xul (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\chrome\content\icons\Thumbs.db (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ff\chrome\content\icons\default\MediaPlayerV1alpha409_32.p ng (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.
      C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\ie\MediaPlayerV1alpha409.dll (PUP.Optional.MediaPlayerAlpha.A) -> Succesvol in quarantaine geplaatst en verwijderd.

      (einde)

      Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300
      www.malwarebytes.org

      Databaseversie: v2014.02.04.11

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 11.0.9600.16476
      Piet :: PIET-PC [administrator]

      Bescherming: Ingeschakeld

      4-2-2014 23:35:48
      mbam-log-2014-02-04 (23-35-48).txt

      Scan type: Snelle scan
      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
      Uitgeschakelde scan opties: P2P
      Objecten gescand: 264288
      Verstreken tijd: 8 minuut/minuten, 22 seconde(n)

      Geheugenprocessen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Geheugenmodulen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registersleutels gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerwaarden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerdata gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Mappen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Bestanden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      (einde)
      Last edited by Emphyrio; 05-02-14, 03:21. Reden: Reply result verwijderd

      Comment


      • #4
        Resatnt logs a

        # AdwCleaner v3.018 - Report created 04/02/2014 at 23:51:48
        # Updated 28/01/2014 by Xplode
        # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
        # Username : Piet - PIET-PC
        # Running from : C:\Users\Piet\Desktop\adwcleaner.exe
        # Option : Clean

        ***** [ Services ] *****


        ***** [ Files / Folders ] *****

        Folder Deleted : C:\ProgramData\apn
        Folder Deleted : C:\ProgramData\Babylon
        Folder Deleted : C:\ProgramData\ClickIT
        Folder Deleted : C:\ProgramData\iMesh
        Folder Deleted : C:\ProgramData\Partner
        Folder Deleted : C:\ProgramData\SaveAs
        Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh
        Folder Deleted : C:\Program Files (x86)\Ask.com
        Folder Deleted : C:\Program Files (x86)\BabylonToolbar
        Folder Deleted : C:\Program Files (x86)\Conduit
        Folder Deleted : C:\Program Files (x86)\iMesh Applications
        Folder Deleted : C:\Program Files (x86)\iMesh
        Folder Deleted : C:\Program Files (x86)\IncrediMail_MediaBar_Nederlands_2
        Folder Deleted : C:\Program Files (x86)\WhiteSmoke_US_New_E1
        Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
        Folder Deleted : C:\Program Files\Web Assistant
        Folder Deleted : C:\Users\Piet\AppData\Local\apn
        Folder Deleted : C:\Users\Piet\AppData\Local\Conduit
        Folder Deleted : C:\Users\Piet\AppData\Local\iMesh
        Folder Deleted : C:\Users\Piet\AppData\Local\PackageAware
        Folder Deleted : C:\Users\Piet\AppData\Local\SwvUpdater
        Folder Deleted : C:\Users\Piet\AppData\Local\torch
        Folder Deleted : C:\Users\Piet\AppData\LocalLow\AskToolbar
        Folder Deleted : C:\Users\Piet\AppData\LocalLow\Conduit
        Folder Deleted : C:\Users\Piet\AppData\LocalLow\PriceGong
        Folder Deleted : C:\Users\Piet\AppData\LocalLow\SaveAs
        Folder Deleted : C:\Users\Piet\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2
        Folder Deleted : C:\Users\Piet\AppData\LocalLow\WhiteSmoke_US_New_E1
        Folder Deleted : C:\Users\Piet\AppData\Roaming\Babylon
        Folder Deleted : C:\Users\Nel\AppData\LocalLow\AskToolbar
        Folder Deleted : C:\Users\Nel\AppData\LocalLow\SaveAs
        Folder Deleted : C:\Users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocgliapglbajhkgcaeipcckpejcogeh
        File Deleted : C:\END
        File Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
        File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
        File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

        ***** [ Shortcuts ] *****


        ***** [ Registry ] *****

        Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
        Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
        Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
        Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
        Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
        Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
        Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
        Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
        Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
        Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
        Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
        Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
        Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
        Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
        Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
        Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
        Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASMANCS
        Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
        Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2727678
        Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3272810
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_free-wma-to-mp3-converter_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_free-wma-to-mp3-converter_RASMANCS
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B354E375-6F4B-087E-B97A-1B528FE0CFAA}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95324E44-4B0A-47A9-8F77-9C6415E51C29}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A54DAB37-E900-4E7A-9E32-7B5372016CE5}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{72A0F495-BA60-4524-827B-B36B8C18587A}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB0773C4-1DF3-4521-AFD5-28BF53C9DD74}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B354E375-6F4B-087E-B97A-1B528FE0CFAA}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95324E44-4B0A-47A9-8F77-9C6415E51C29}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72A0F495-BA60-4524-827B-B36B8C18587A}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B354E375-6F4B-087E-B97A-1B528FE0CFAA}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95324E44-4B0A-47A9-8F77-9C6415E51C29}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72A0F495-BA60-4524-827B-B36B8C18587A}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BB0773C4-1DF3-4521-AFD5-28BF53C9DD74}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B354E375-6F4B-087E-B97A-1B528FE0CFAA}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95324E44-4B0A-47A9-8F77-9C6415E51C29}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{72A0F495-BA60-4524-827B-B36B8C18587A}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A54DAB37-E900-4E7A-9E32-7B5372016CE5}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BB0773C4-1DF3-4521-AFD5-28BF53C9DD74}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEECC991-476C-44D9-A65E-34338BE50E88}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{802A9607-CEE6-4B6F-9C64-7227393E0A85}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7893FA5-38B6-4291-8068-0FE89688CC72}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0767CB86-B263-46AE-AEA6-5D30D6FB74B2}
        Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
        Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
        Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
        Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
        Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95324E44-4B0A-47A9-8F77-9C6415E51C29}]
        Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{72A0F495-BA60-4524-827B-B36B8C18587A}]
        Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{72A0F495-BA60-4524-827B-B36B8C18587A}]
        Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{95324E44-4B0A-47A9-8F77-9C6415E51C29}]
        Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{72A0F495-BA60-4524-827B-B36B8C18587A}]
        Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{95324E44-4B0A-47A9-8F77-9C6415E51C29}]
        Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{72A0F495-BA60-4524-827B-B36B8C18587A}]
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
        Key Deleted : HKCU\Software\APN PIP
        Key Deleted : HKCU\Software\APN
        Key Deleted : HKCU\Software\Ask.com
        Key Deleted : HKCU\Software\IM
        Key Deleted : HKCU\Software\Imesh
        Key Deleted : HKCU\Software\ImInstaller
        Key Deleted : HKCU\Software\Softonic
        Key Deleted : HKCU\Software\torch
        Key Deleted : HKCU\Software\AppDataLow\Toolbar
        Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
        Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
        Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
        Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
        Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
        Key Deleted : HKCU\Software\AppDataLow\Software\IncrediMail_MediaBar_Nederlands_2
        Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_US_New_E1
        Key Deleted : HKLM\Software\APN
        Key Deleted : HKLM\Software\AskToolbar
        Key Deleted : HKLM\Software\Babylon
        Key Deleted : HKLM\Software\Conduit
        Key Deleted : HKLM\Software\IB Updater
        Key Deleted : HKLM\Software\Imesh
        Key Deleted : HKLM\Software\ImInstaller
        Key Deleted : HKLM\Software\PIP
        Key Deleted : HKLM\Software\SP Global
        Key Deleted : HKLM\Software\SProtector
        Key Deleted : HKLM\Software\torch
        Key Deleted : HKLM\Software\Uniblue\DriverScanner
        Key Deleted : HKLM\Software\Web Assistant
        Key Deleted : HKLM\Software\IncrediMail_MediaBar_Nederlands_2
        Key Deleted : HKLM\Software\WhiteSmoke_US_New_E1
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar_Nederlands_2 Toolbar
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_US_New_E1 Toolbar
        Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
        Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
        Key Deleted : HKLM\Software\Classes\Installer\Features\1A594BF8F3A4D1C4DB72F3A32B6E7636
        Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
        Key Deleted : HKLM\Software\Classes\Installer\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636
        Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

        ***** [ Browsers ] *****

        -\\ Internet Explorer v11.0.9600.16428


        -\\ Google Chrome v

        [ File : C:\Users\Piet\AppData\Local\Google\Chrome\User Data\Default\preferences ]


        [ File : C:\Users\Nel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


        *************************

        AdwCleaner[R0].txt - [24227 octets] - [04/02/2014 23:50:32]
        AdwCleaner[S0].txt - [23766 octets] - [04/02/2014 23:51:48]

        ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23827 octets] ##########
        Last edited by Emphyrio; 05-02-14, 03:22. Reden: idem

        Comment


        • #5
          restant logs b

          DDS (Ver_2012-11-20.01) - NTFS_AMD64
          Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.51.2
          Run by Piet at 0:00:11 on 2014-02-05
          Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8174.5795 [GMT 1:00]
          .
          AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
          SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
          FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
          .
          ============== Running Processes ===============
          .
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          C:\Windows\system32\nvvsvc.exe
          C:\Windows\system32\svchost.exe -k RPCSS
          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
          C:\Windows\system32\svchost.exe -k LocalService
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Windows\system32\svchost.exe -k NetworkService
          C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
          C:\Windows\system32\nvvsvc.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\System32\spoolsv.exe
          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
          C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
          C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
          C:\Program Files\Bonjour\mDNSResponder.exe
          C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
          C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
          C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
          C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
          C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
          C:\Windows\System32\svchost.exe -k HPZ12
          C:\Windows\System32\svchost.exe -k HPZ12
          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
          C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
          C:\Windows\system32\svchost.exe -k imgsvc
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
          C:\Windows\system32\svchost.exe -k HPService
          C:\Windows\servicing\TrustedInstaller.exe
          C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
          C:\Windows\System32\WUDFHost.exe
          C:\Windows\system32\taskhost.exe
          C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
          C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
          C:\Windows\system32\Dwm.exe
          C:\Windows\Explorer.EXE
          C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
          C:\Windows\WindowsMobile\wmdcBase.exe
          C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
          C:\Windows\system32\svchost.exe -k WindowsMobile
          C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
          C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
          C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
          C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
          C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
          C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
          C:\Program Files (x86)\iTunes\iTunesHelper.exe
          C:\Users\Piet\AppData\Roaming\Dropbox\bin\Dropbox.exe
          C:\Windows\system32\RunDll32.exe
          C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
          C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
          C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
          C:\Windows\system32\SearchIndexer.exe
          C:\Program Files\iPod\bin\iPodService.exe
          C:\Windows\system32\taskeng.exe
          C:\Program Files\Windows Media Player\wmpnetwk.exe
          C:\Windows\System32\svchost.exe -k LocalServicePeerNet
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
          C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
          C:\Windows\system32\sppsvc.exe
          C:\Windows\system32\taskeng.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Windows\System32\cscript.exe
          .
          ============== Pseudo HJT Report ===============
          .
          uStart Page = hxxp://www.google.com/
          uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
          mWinlogon: Userinit = userinit.exe,
          BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
          BHO: SaveAs: {17A1458E-3C2D-2BEF-0659-C7FDDC0D9134} - LocalServer32 - <no file>
          BHO: Webexp Enhanced: {2b14f047-8a0a-4b45-8d34-352488c69d01} - LocalServer32 - <no file>
          BHO: Toggle Helper Object: {49502A6F-10AD-4EC1-8028-062D8CC5CC7F} - C:\Program Files (x86)\Toggle\toggle\1.8.8.6\bh\toggle.dll
          BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
          BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll
          BHO: SaveAs: {74D1CE2C-9508-66B3-9E13-E5167614FD2A} - LocalServer32 - <no file>
          BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
          BHO: Better-Surf: {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - LocalServer32 - <no file>
          BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
          BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
          BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
          TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
          TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
          TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
          TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
          EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
          EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
          uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
          uRun: [Google Update] "C:\Users\Piet\AppData\Local\Google\Update\GoogleUpdate.exe" /c
          uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
          mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
          mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
          mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
          mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
          mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
          mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
          mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
          mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
          mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
          StartupFolder: C:\Users\Piet\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Piet\AppData\Roaming\Dropbox\bin\Dropbox.exe
          StartupFolder: C:\Users\Piet\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INKTWA~1.LNK - C:\Windows\System32\RunDll32.exe
          StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
          mPolicies-Explorer: NoActiveDesktop = dword:1
          mPolicies-Explorer: NoActiveDesktopChanges = dword:1
          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
          mPolicies-System: ConsentPromptBehaviorUser = dword:3
          mPolicies-System: EnableUIADesktopToggle = dword:0
          IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
          IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
          IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
          IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
          IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
          DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
          DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
          DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
          DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
          DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
          TCP: NameServer = 213.46.228.196 62.179.104.196
          TCP: Interfaces\{77FC1C4C-FFBD-4CD5-A278-8E060C677A59} : DHCPNameServer = 213.46.228.196 62.179.104.196
          Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
          SSODL: WebCheck - <orphaned>
          x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
          x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
          x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
          x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
          x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
          x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
          x64-Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe
          x64-IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
          x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
          x64-DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
          x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
          x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
          x64-SSODL: WebCheck - <orphaned>
          .
          ============= SERVICES / DRIVERS ===============
          .
          R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-6-15 27240]
          R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys [2014-1-15 493656]
          R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys [2014-1-15 1147480]
          R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [2014-1-23 1526488]
          R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys [2014-1-15 162392]
          R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140203.001\IDSviA64.sys [2014-2-4 521944]
          R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys [2014-1-15 264280]
          R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2014-1-15 590936]
          R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
          R2 DiskDoctorService;Norton Disk Doctor Service;C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [2012-10-4 1029480]
          R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13592]
          R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-4 418376]
          R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-4 701512]
          R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [2014-1-15 264360]
          R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
          R2 SpeedDiskService;Norton SpeedDisk Service;C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [2012-10-4 1037672]
          R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-6-14 2656280]
          R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-3-5 126952]
          R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-3-5 390632]
          R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-1-17 137648]
          R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-4 25928]
          R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-14 428136]
          R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
          R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
          R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
          R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
          R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
          S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-10-21 48488]
          S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
          S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
          S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;C:\Windows\System32\drivers\RTL8192su.sys [2011-6-14 690208]
          S3 SymDSMon;SymDSMon;C:\Windows\System32\drivers\SymDSMon.sys [2012-10-4 191232]
          S3 SYMSpeedDisk;SYMSpeedDisk;C:\Windows\System32\drivers\SymSpeedDisk.sys [2012-10-4 163384]
          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
          S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
          S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
          S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-22 1255736]
          S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2010-9-23 129008]
          S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
          .
          =============== Created Last 30 ================
          .
          2014-02-04 22:48:18 -------- d-----w- C:\AdwCleaner
          2014-02-04 20:39:12 -------- d-----w- C:\Users\Piet\AppData\Roaming\Malwarebytes
          2014-02-04 20:39:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
          2014-02-04 20:39:03 -------- d-----w- C:\ProgramData\Malwarebytes
          2014-02-04 20:39:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
          2014-02-04 20:38:00 -------- d-----w- C:\Users\Piet\AppData\Local\Programs
          2014-02-04 18:49:59 -------- d-----w- C:\Users\Piet\AppData\Local\NPE
          2014-02-02 13:10:20 -------- d-----w- C:\Program Files (x86)\Hitman Pro
          2014-02-02 11:04:43 -------- d-----w- C:\Program Files\Enigma Software Group
          2014-02-02 11:03:39 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
          2014-02-02 11:03:37 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
          2014-02-01 14:42:47 -------- d-----w- C:\Users\Piet\belastingMaria
          2014-01-30 09:27:56 -------- d-----w- C:\Program Files (x86)\MediaPlayerV1
          2014-01-29 12:54:11 -------- d-----w- C:\Users\Piet\AppData\Local\LogMeIn Rescue Applet
          2014-01-29 10:08:50 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
          2014-01-23 17:54:43 -------- d-----w- C:\Program Files\iPod
          2014-01-23 17:54:41 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
          2014-01-23 17:54:41 -------- d-----w- C:\Program Files\iTunes
          2014-01-23 17:54:41 -------- d-----w- C:\Program Files (x86)\iTunes
          2014-01-15 11:24:21 858200 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
          2014-01-15 11:24:21 590936 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys
          2014-01-15 11:24:21 493656 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys
          2014-01-15 11:24:21 36952 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\srtspx64.sys
          2014-01-15 11:24:21 264280 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys
          2014-01-15 11:24:21 23568 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys
          2014-01-15 11:24:21 162392 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys
          2014-01-15 11:24:21 1147480 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys
          2014-01-15 11:24:11 -------- d-----w- C:\Windows\System32\drivers\N360x64\1501000.012
          2014-01-15 10:59:01 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
          2014-01-15 10:59:01 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
          2014-01-15 10:59:01 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
          2014-01-15 10:59:01 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
          2014-01-15 10:59:01 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
          2014-01-15 10:59:01 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
          2014-01-15 10:59:01 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
          2014-01-15 10:59:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
          2014-01-15 10:59:00 3156480 ----a-w- C:\Windows\System32\win32k.sys
          2014-01-10 15:57:04 200704 ----a-w- C:\Windows\SysWow64\vbalExpBar6.ocx
          2014-01-10 15:57:03 484352 ----a-w- C:\Windows\SysWow64\lame_enc.dll
          2014-01-10 15:57:03 40960 ----a-w- C:\Windows\SysWow64\SSubTmr6.dll
          2014-01-10 15:57:03 -------- d-----w- C:\Users\Piet\AppData\Roaming\FreeBurner
          2014-01-10 15:56:29 -------- d-----w- C:\Program Files (x86)\Free Easy CD DVD Burner
          2014-01-10 14:58:20 -------- d-----w- C:\Users\Piet\.android
          2014-01-10 14:58:19 -------- d-----w- C:\Users\Piet\AppData\Local\cache
          2014-01-10 14:58:18 -------- d-----w- C:\Users\Piet\AppData\Local\Mobogenie
          2014-01-10 14:58:18 -------- d-----w- C:\Users\Piet\AppData\Local\genienext
          2014-01-10 14:57:43 -------- d-----w- C:\Program Files (x86)\Mobogenie
          2014-01-10 13:36:33 -------- d-----w- C:\Program Files (x86)\VideoPlayerV3
          .
          ==================== Find3M ====================
          .
          2014-02-04 20:09:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
          2014-02-04 20:09:09 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
          2014-01-15 11:24:47 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
          2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
          2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
          2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
          2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
          2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
          2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
          2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
          2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
          2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
          2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
          2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
          2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
          2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
          2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
          2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
          2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
          2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
          2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
          2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
          .
          ============= FINISH: 0:01:39,47 ===============
          Results of screen317's Security Check version 0.99.79
          Windows 7 Service Pack 1 x64 (UAC is enabled)
          Internet Explorer 11
          ``````````````Antivirus/Firewall Check:``````````````
          Norton 360
          WMI entry may not exist for antivirus; attempting automatic update.
          `````````Anti-malware/Other Utilities Check:`````````
          JavaFX 2.1.1
          Java(TM) 6 Update 26
          Java 7 Update 51
          Adobe Flash Player 11.9.900.170
          Adobe Reader 10.1.9 Adobe Reader out of Date!
          Google Chrome 32.0.1700.102
          Google Chrome 32.0.1700.107
          Google Chrome CTB.log..
          ````````Process Check: objlist.exe by Laurent````````
          Malwarebytes Anti-Malware mbamservice.exe
          Malwarebytes Anti-Malware mbamgui.exe
          Malwarebytes' Anti-Malware mbamscheduler.exe
          `````````````````System Health check`````````````````
          Total Fragmentation on Drive C: 5%
          ````````````````````End of Log``````````````````````
          Last edited by Emphyrio; 05-02-14, 03:23. Reden: Niet antwoorden met citaat aub.

          Comment


          • #6
            Wil je op de knop "Antwoord" klikken ipv "Antwoord met citaat" aub ?

            Download of Update Ccleaner

            Start CCleaner op.
            • Run Ccleaner en klik in de linkse kolom op Opties
            • Selecteer het tabblad Geavanceerd
            • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
            • Selecteer het tabblad Instellingen
            • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
            • Klik in de linkse kolom op Cleaner.
            • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
            • Klik vervolgens in de linkse kolom op Register
            • Klik op Scan naar problemen.
            • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK



            Download Combofix naar je bureaublad.

            Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
            Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.


            Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.


            Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
            Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

            Als Combofix vraagt om een update, dan staat je dit toe.

            Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
            Deze kan je vinden als C:\combofix.txt.

            Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

            * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
            • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
            • Illegal operation attempted on a registry key that has been marked for deletion.
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              ComboFix 14-02-05.02 - Piet 05-02-2014 11:12:37.1.8 - x64
              Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8174.5234 [GMT 1:00]
              Gestart vanuit: c:\users\Piet\Contacts\.frostwire5\Downloads\ComboFix.exe
              AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
              FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
              SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
              * Nieuw herstelpunt werd aangemaakt
              .
              .
              (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
              .
              .
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopjggojdhkleakamaaidgbkjapeoloe
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopjggojdhkleakamaaidgbkjapeoloe\1\50f1335b619018.25266539.js
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopjggojdhkleakamaaidgbkjapeoloe\1\background.html
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopjggojdhkleakamaaidgbkjapeoloe\1\content.js
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopjggojdhkleakamaaidgbkjapeoloe\1\lsdb.js
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopjggojdhkleakamaaidgbkjapeoloe\1\manifest.json
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopjggojdhkleakamaaidgbkjapeoloe\1\sqlite.js
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpieebapomljepnbablpiobllldiogao
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpieebapomljepnbablpiobllldiogao\1\50ee9c374d8368.60258966.js
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpieebapomljepnbablpiobllldiogao\1\background.html
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpieebapomljepnbablpiobllldiogao\1\content.js
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpieebapomljepnbablpiobllldiogao\1\lsdb.js
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpieebapomljepnbablpiobllldiogao\1\manifest.json
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpieebapomljepnbablpiobllldiogao\1\sqlite.js
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aopjggojdhkleakamaaidgbkjapeoloe
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aopjggojdhkleakamaaidgbkjapeoloe\000005.ldb
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aopjggojdhkleakamaaidgbkjapeoloe\000014.ldb
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aopjggojdhkleakamaaidgbkjapeoloe\000017.ldb
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aopjggojdhkleakamaaidgbkjapeoloe\000024.log
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aopjggojdhkleakamaaidgbkjapeoloe\CURRENT
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aopjggojdhkleakamaaidgbkjapeoloe\LOCK
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aopjggojdhkleakamaaidgbkjapeoloe\LOG
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aopjggojdhkleakamaaidgbkjapeoloe\LOG.old
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aopjggojdhkleakamaaidgbkjapeoloe\MANIFEST-000023
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpieebapomljepnbablpiobllldiogao
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpieebapomljepnbablpiobllldiogao\000005.ldb
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpieebapomljepnbablpiobllldiogao\000014.ldb
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpieebapomljepnbablpiobllldiogao\000017.ldb
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpieebapomljepnbablpiobllldiogao\000024.log
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpieebapomljepnbablpiobllldiogao\CURRENT
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpieebapomljepnbablpiobllldiogao\LOCK
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpieebapomljepnbablpiobllldiogao\LOG
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpieebapomljepnbablpiobllldiogao\LOG.old
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpieebapomljepnbablpiobllldiogao\MANIFEST-000023
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aopjggojdhkleakamaaidgbkjapeoloe_0.localstorage-journal
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aopjggojdhkleakamaaidgbkjapeoloe_0.localstorage
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gpieebapomljepnbablpiobllldiogao_0.localstorage-journal
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gpieebapomljepnbablpiobllldiogao_0.localstorage
              c:\users\Piet\AppData\Local\Google\Chrome\User Data\Default\preferences
              c:\users\Piet\g2mdlhlpx.exe
              .
              .
              (((((((((((((((((((( Bestanden Gemaakt van 2014-01-05 to 2014-02-05 ))))))))))))))))))))))))))))))
              .
              .
              2014-02-04 22:48 . 2014-02-04 22:51 -------- d-----w- C:\AdwCleaner
              2014-02-04 20:39 . 2014-02-04 20:39 -------- d-----w- c:\users\Piet\AppData\Roaming\Malwarebytes
              2014-02-04 20:39 . 2014-02-04 20:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
              2014-02-04 20:39 . 2014-02-04 20:39 -------- d-----w- c:\programdata\Malwarebytes
              2014-02-04 20:39 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
              2014-02-04 20:38 . 2014-02-04 20:38 -------- d-----w- c:\users\Piet\AppData\Local\Programs
              2014-02-04 18:49 . 2014-02-04 19:02 -------- d-----w- c:\users\Piet\AppData\Local\NPE
              2014-02-02 13:10 . 2014-02-02 13:12 -------- d-----w- c:\program files (x86)\Hitman Pro
              2014-02-02 11:04 . 2014-02-02 11:04 -------- d-----w- c:\program files\Enigma Software Group
              2014-02-02 11:03 . 2014-02-02 11:40 -------- d-----w- c:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
              2014-02-02 11:03 . 2014-02-02 11:03 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
              2014-02-01 14:42 . 2014-02-01 14:43 -------- d-----w- c:\users\Piet\belastingMaria
              2014-01-30 09:27 . 2014-02-04 22:28 -------- d-----w- c:\program files (x86)\MediaPlayerV1
              2014-01-29 12:54 . 2014-01-30 09:26 -------- d-----w- c:\users\Piet\AppData\Local\LogMeIn Rescue Applet
              2014-01-29 10:08 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
              2014-01-23 17:54 . 2014-01-23 17:54 -------- d-----w- c:\program files\iPod
              2014-01-23 17:54 . 2014-01-23 17:54 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
              2014-01-23 17:54 . 2014-01-23 17:54 -------- d-----w- c:\program files\iTunes
              2014-01-23 17:54 . 2014-01-23 17:54 -------- d-----w- c:\program files (x86)\iTunes
              2014-01-15 11:24 . 2014-02-01 13:12 -------- d-----w- c:\windows\system32\drivers\N360x64\1501000.012
              2014-01-15 10:59 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
              2014-01-15 10:59 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
              2014-01-15 10:59 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
              2014-01-15 10:59 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
              2014-01-15 10:59 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
              2014-01-15 10:59 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
              2014-01-15 10:59 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
              2014-01-15 10:59 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
              2014-01-15 10:59 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
              2014-01-10 15:57 . 2011-09-28 08:20 200704 ----a-w- c:\windows\SysWow64\vbalExpBar6.ocx
              2014-01-10 15:57 . 2014-01-10 16:11 -------- d-----w- c:\users\Piet\AppData\Roaming\FreeBurner
              2014-01-10 15:57 . 2011-09-28 08:20 484352 ----a-w- c:\windows\SysWow64\lame_enc.dll
              2014-01-10 15:57 . 2011-09-28 08:20 40960 ----a-w- c:\windows\SysWow64\SSubTmr6.dll
              2014-01-10 15:56 . 2014-02-04 22:28 -------- d-----w- c:\program files (x86)\Free Easy CD DVD Burner
              2014-01-10 14:58 . 2014-01-10 14:58 -------- d-----w- c:\users\Piet\.android
              2014-01-10 14:58 . 2014-01-10 14:58 -------- d-----w- c:\users\Piet\AppData\Local\cache
              2014-01-10 14:58 . 2014-02-04 22:28 -------- d-----w- c:\users\Piet\AppData\Local\genienext
              2014-01-10 14:58 . 2014-01-10 15:21 -------- d-----w- c:\users\Piet\AppData\Local\Mobogenie
              2014-01-10 14:57 . 2014-01-10 15:21 -------- d-----w- c:\program files (x86)\Mobogenie
              2014-01-10 13:36 . 2014-02-04 22:28 -------- d-----w- c:\program files (x86)\VideoPlayerV3
              .
              .
              .
              ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              2014-02-04 20:09 . 2012-04-14 08:48 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
              2014-02-04 20:09 . 2011-06-14 21:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
              2014-01-15 11:35 . 2011-02-10 20:56 86054176 ----a-w- c:\windows\system32\MRT.exe
              2014-01-15 11:24 . 2011-10-21 10:26 177752 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
              2013-11-26 11:54 . 2013-12-12 11:09 23183360 ----a-w- c:\windows\system32\mshtml.dll
              2013-11-26 10:19 . 2013-12-12 11:09 2724864 ----a-w- c:\windows\system32\mshtml.tlb
              2013-11-26 10:18 . 2013-12-12 11:09 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
              2013-11-26 09:48 . 2013-12-12 11:09 66048 ----a-w- c:\windows\system32\iesetup.dll
              2013-11-26 09:46 . 2013-12-12 11:09 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
              2013-11-26 09:41 . 2013-12-12 11:09 2764288 ----a-w- c:\windows\system32\iertutil.dll
              2013-11-26 09:29 . 2013-12-12 11:09 53760 ----a-w- c:\windows\system32\jsproxy.dll
              2013-11-26 09:27 . 2013-12-12 11:09 33792 ----a-w- c:\windows\system32\iernonce.dll
              2013-11-26 09:23 . 2013-12-12 11:09 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
              2013-11-26 09:21 . 2013-12-12 11:09 574976 ----a-w- c:\windows\system32\ieui.dll
              2013-11-26 09:18 . 2013-12-12 11:09 139264 ----a-w- c:\windows\system32\ieUnatt.exe
              2013-11-26 09:18 . 2013-12-12 11:09 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
              2013-11-26 09:16 . 2013-12-12 11:09 708608 ----a-w- c:\windows\system32\jscript9diag.dll
              2013-11-26 08:57 . 2013-12-12 11:09 218624 ----a-w- c:\windows\system32\ie4uinit.exe
              2013-11-26 08:35 . 2013-12-12 11:09 5769216 ----a-w- c:\windows\system32\jscript9.dll
              2013-11-26 08:28 . 2013-12-12 11:09 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
              2013-11-26 08:16 . 2013-12-12 11:09 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
              2013-11-26 08:02 . 2013-12-12 11:09 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
              2013-11-26 07:48 . 2013-12-12 11:09 12996608 ----a-w- c:\windows\system32\ieframe.dll
              2013-11-26 07:32 . 2013-12-12 11:09 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
              2013-11-26 07:07 . 2013-12-12 11:09 2334208 ----a-w- c:\windows\system32\wininet.dll
              2013-11-26 06:40 . 2013-12-12 11:09 1395200 ----a-w- c:\windows\system32\urlmon.dll
              2013-11-26 06:34 . 2013-12-12 11:09 817664 ----a-w- c:\windows\system32\ieapfltr.dll
              2013-11-26 06:33 . 2013-12-12 11:09 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
              2013-11-23 18:26 . 2013-12-12 10:31 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
              2013-11-23 17:47 . 2013-12-12 10:31 465920 ----a-w- c:\windows\system32\WMPhoto.dll
              2013-11-18 11:48 . 2013-11-18 11:48 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
              2013-11-18 11:48 . 2013-11-18 11:48 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
              2013-11-18 11:48 . 2013-11-18 11:48 942592 ----a-w- c:\windows\system32\jsIntl.dll
              2013-11-18 11:48 . 2013-11-18 11:48 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
              2013-11-18 11:48 . 2013-11-18 11:48 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
              2013-11-18 11:48 . 2013-11-18 11:48 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
              2013-11-18 11:48 . 2013-11-18 11:48 77312 ----a-w- c:\windows\system32\tdc.ocx
              2013-11-18 11:48 . 2013-11-18 11:48 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
              2013-11-18 11:48 . 2013-11-18 11:48 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
              2013-11-18 11:48 . 2013-11-18 11:48 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
              2013-11-18 11:48 . 2013-11-18 11:48 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
              2013-11-18 11:48 . 2013-11-18 11:48 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
              2013-11-18 11:48 . 2013-11-18 11:48 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
              2013-11-18 11:48 . 2013-11-18 11:48 616104 ----a-w- c:\windows\system32\ieapfltr.dat
              2013-11-18 11:48 . 2013-11-18 11:48 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
              2013-11-18 11:48 . 2013-11-18 11:48 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
              2013-11-18 11:48 . 2013-11-18 11:48 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
              2013-11-18 11:48 . 2013-11-18 11:48 48640 ----a-w- c:\windows\system32\mshtmler.dll
              2013-11-18 11:48 . 2013-11-18 11:48 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
              2013-11-18 11:48 . 2013-11-18 11:48 453120 ----a-w- c:\windows\system32\dxtmsft.dll
              2013-11-18 11:48 . 2013-11-18 11:48 413696 ----a-w- c:\windows\system32\html.iec
              2013-11-18 11:48 . 2013-11-18 11:48 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
              2013-11-18 11:48 . 2013-11-18 11:48 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
              2013-11-18 11:48 . 2013-11-18 11:48 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
              2013-11-18 11:48 . 2013-11-18 11:48 337408 ----a-w- c:\windows\SysWow64\html.iec
              2013-11-18 11:48 . 2013-11-18 11:48 296960 ----a-w- c:\windows\system32\dxtrans.dll
              2013-11-18 11:48 . 2013-11-18 11:48 247808 ----a-w- c:\windows\system32\msls31.dll
              2013-11-18 11:48 . 2013-11-18 11:48 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
              2013-11-18 11:48 . 2013-11-18 11:48 235008 ----a-w- c:\windows\system32\elshyph.dll
              2013-11-18 11:48 . 2013-11-18 11:48 195584 ----a-w- c:\windows\system32\msrating.dll
              2013-11-18 11:48 . 2013-11-18 11:48 182272 ----a-w- c:\windows\SysWow64\msls31.dll
              2013-11-18 11:48 . 2013-11-18 11:48 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
              2013-11-18 11:48 . 2013-11-18 11:48 139264 ----a-w- c:\windows\SysWow64\wextract.exe
              2013-11-18 11:48 . 2013-11-18 11:48 13312 ----a-w- c:\windows\SysWow64\mshta.exe
              2013-11-18 11:48 . 2013-11-18 11:48 13312 ----a-w- c:\windows\system32\msfeedssync.exe
              2013-11-18 11:48 . 2013-11-18 11:48 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
              2013-11-18 11:48 . 2013-11-18 11:48 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
              2013-11-18 11:48 . 2013-11-18 11:48 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
              2013-11-18 11:48 . 2013-11-18 11:48 105984 ----a-w- c:\windows\system32\iesysprep.dll
              2013-11-18 11:48 . 2013-11-18 11:48 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
              2013-11-18 11:48 . 2013-11-18 11:48 81408 ----a-w- c:\windows\system32\icardie.dll
              2013-11-18 11:48 . 2013-11-18 11:48 84992 ----a-w- c:\windows\system32\mshtmled.dll
              2013-11-18 11:48 . 2013-11-18 11:48 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
              2013-11-18 11:48 . 2013-11-18 11:48 774144 ----a-w- c:\windows\system32\jscript.dll
              2013-11-18 11:48 . 2013-11-18 11:48 626176 ----a-w- c:\windows\system32\msfeeds.dll
              2013-11-18 11:48 . 2013-11-18 11:48 62464 ----a-w- c:\windows\system32\pngfilt.dll
              2013-11-18 11:48 . 2013-11-18 11:48 548352 ----a-w- c:\windows\system32\vbscript.dll
              2013-11-18 11:48 . 2013-11-18 11:48 48128 ----a-w- c:\windows\system32\imgutil.dll
              2013-11-18 11:48 . 2013-11-18 11:48 30208 ----a-w- c:\windows\system32\licmgr10.dll
              2013-11-18 11:48 . 2013-11-18 11:48 263376 ----a-w- c:\windows\system32\iedkcs32.dll
              2013-11-18 11:48 . 2013-11-18 11:48 243200 ----a-w- c:\windows\system32\webcheck.dll
              2013-11-18 11:48 . 2013-11-18 11:48 235520 ----a-w- c:\windows\system32\url.dll
              2013-11-18 11:48 . 2013-11-18 11:48 167424 ----a-w- c:\windows\system32\iexpress.exe
              2013-11-18 11:48 . 2013-11-18 11:48 147968 ----a-w- c:\windows\system32\occache.dll
              2013-11-18 11:48 . 2013-11-18 11:48 143872 ----a-w- c:\windows\system32\wextract.exe
              2013-11-18 11:48 . 2013-11-18 11:48 13824 ----a-w- c:\windows\system32\mshta.exe
              2013-11-18 11:48 . 2013-11-18 11:48 135680 ----a-w- c:\windows\system32\iepeers.dll
              2013-11-18 11:48 . 2013-11-18 11:48 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
              2013-11-18 11:48 . 2013-11-18 11:48 101376 ----a-w- c:\windows\system32\inseng.dll
              2013-11-12 02:23 . 2013-12-12 10:30 2048 ----a-w- c:\windows\system32\tzres.dll
              2013-11-12 02:07 . 2013-12-12 10:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
              .
              .
              ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              .
              *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
              REGEDIT4
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{49502A6F-10AD-4EC1-8028-062D8CC5CC7F}]
              2012-12-29 09:25 265776 ----a-w- c:\program files (x86)\Toggle\toggle\1.8.8.6\bh\toggle.dll
              .
              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt1]
              @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
              [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
              2013-09-10 23:54 131248 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
              .
              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt2]
              @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
              [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
              2013-09-10 23:54 131248 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
              .
              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt3]
              @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
              [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
              2013-09-10 23:54 131248 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
              .
              [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2013-02-26 367016]
              "ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
              "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440]
              "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
              "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
              "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
              "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
              "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
              "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
              "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
              "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
              .
              c:\users\Piet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
              Dropbox.lnk - c:\users\Piet\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
              Inktwaarschuwingen controleren - HP Photosmart 5510 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2183C61505V3;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
              .
              c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
              HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
              "ConsentPromptBehaviorAdmin"= 5 (0x5)
              "ConsentPromptBehaviorUser"= 3 (0x3)
              "EnableUIADesktopToggle"= 0 (0x0)
              .
              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
              "LoadAppInit_DLLs"=1 (0x1)
              .
              R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
              R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
              R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
              R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNA TIVE\DRIVERS\RTL8192su.sys [x]
              R3 SymDSMon;SymDSMon;c:\windows\system32\drivers\SymDSMon.sys;c:\windows\SYSNATIVE\drivers\SymDSMon.sys [x]
              R3 SYMSpeedDisk;SYMSpeedDisk;c:\windows\system32\drivers\SymSpeedDisk.sys;c:\windows\SYSNATIVE\drivers\ SymSpeedDisk.sys [x]
              R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
              R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
              R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
              R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
              R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
              R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
              S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
              S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x 64\1501000.012\SYMDS64.SYS [x]
              S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers \N360x64\1501000.012\SYMEFA64.SYS [x]
              S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [x]
              S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N3 60x64\1501000.012\ccSetx64.sys [x]
              S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140205.001\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140205.001\IDSvia64.sys [x]
              S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360 x64\1501000.012\Ironx64.SYS [x]
              S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360 x64\1501000.012\SYMNETS.SYS [x]
              S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
              S2 DiskDoctorService;Norton Disk Doctor Service;c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe;c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [x]
              S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
              S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
              S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
              S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe;c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [x]
              S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
              S2 SpeedDiskService;Norton SpeedDisk Service;c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe;c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [x]
              S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
              S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
              S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
              S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
              S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
              S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
              S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
              S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
              S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh .sys [x]
              S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
              S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
              .
              .
              --- Andere Services/Drivers In Geheugen ---
              .
              *NewlyCreated* - WS2IFSL
              .
              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
              hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
              .
              Inhoud van de 'Gedeelde Taken' map
              .
              2014-02-05 c:\windows\Tasks\Adobe Flash Player Updater.job
              - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 20:09]
              .
              2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
              - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-21 09:31]
              .
              2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
              - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-21 09:31]
              .
              2014-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3259627529-1914095622-3875271238-1001Core.job
              - c:\users\Piet\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-20 12:02]
              .
              2014-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3259627529-1914095622-3875271238-1001UA.job
              - c:\users\Piet\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-20 12:02]
              .
              2014-02-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3259627529-1914095622-3875271238-1004Core.job
              - c:\users\Nel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21 12:02]
              .
              2014-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3259627529-1914095622-3875271238-1004UA.job
              - c:\users\Nel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21 12:02]
              .
              2014-02-05 c:\windows\Tasks\HP Photo Creations Communicator.job
              - c:\programdata\HP Photo Creations\Communicator.exe [2013-10-15 14:48]
              .
              2014-01-25 c:\windows\Tasks\NUSchedule.job
              - c:\program files (x86)\Norton Utilities 15\nu.exe [2012-10-04 09:17]
              .
              .
              --------- X64 Entries -----------
              .
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
              @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
              [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
              2013-09-10 23:54 164016 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
              @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
              [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
              2013-09-10 23:54 164016 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
              @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
              [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
              2013-09-10 23:54 164016 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
              @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
              [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
              2013-09-10 23:54 164016 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-13 11774568]
              "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
              .
              ------- Bijkomende Scan -------
              .
              uLocal Page = c:\windows\system32\blank.htm
              uStart Page = hxxp://www.google.com/
              mLocal Page = c:\windows\SysWOW64\blank.htm
              uInternet Settings,ProxyOverride = *.local
              IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
              TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
              .
              - - - - ORPHANS VERWIJDERD - - - -
              .
              BHO-{17A1458E-3C2D-2BEF-0659-C7FDDC0D9134} - (no file)
              BHO-{2b14f047-8a0a-4b45-8d34-352488c69d01} - (no file)
              BHO-{74D1CE2C-9508-66B3-9E13-E5167614FD2A} - (no file)
              BHO-{8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - (no file)
              Wow6432Node-HKLM-Run-<NO NAME> - (no file)
              HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
              AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
              AddRemove-DVD X Rescue - f:\321stu~1\DVDXRE~1\UNWISE.EXE
              AddRemove-MediaPlayerV1alpha409 - c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\uninstall.exe
              .
              .
              .
              [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
              "ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.1.0.18\diMaster.dll\" /prefetch:1"
              "ImagePath"="\SystemRoot\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS"
              "TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.1.0.18;c:\program files (x86)\Norton 360\Engine64\21.1.0.18"
              .
              --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
              .
              [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
              @Denied: (2) (LocalSystem)
              "Progid"="ChromeHTML"
              .
              [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
              @Denied: (2) (LocalSystem)
              "Progid"="ChromeHTML"
              .
              [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
              @Denied: (2) (LocalSystem)
              "Progid"="ChromeHTML"
              .
              [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
              @Denied: (2) (LocalSystem)
              "Progid"="ChromeHTML"
              .
              [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
              @Denied: (2) (LocalSystem)
              "Progid"="ChromeHTML"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
              @Denied: (A 2) (Everyone)
              @="FlashBroker"
              "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
              "Enabled"=dword:00000001
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
              @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
              @Denied: (A 2) (Everyone)
              @="IFlashBroker5"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
              @="{00020424-0000-0000-C000-000000000046}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
              "Version"="1.0"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
              @Denied: (A 2) (Everyone)
              @="FlashBroker"
              "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
              "Enabled"=dword:00000001
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
              @Denied: (A 2) (Everyone)
              @="Shockwave Flash Object"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
              "ThreadingModel"="Apartment"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
              @="0"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
              @="ShockwaveFlash.ShockwaveFlash.11"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
              @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
              @="1.0"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
              @="ShockwaveFlash.ShockwaveFlash"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
              @Denied: (A 2) (Everyone)
              @="Macromedia Flash Factory Object"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
              "ThreadingModel"="Apartment"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
              @="FlashFactory.FlashFactory.1"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
              @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
              @="1.0"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
              @="FlashFactory.FlashFactory"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
              @Denied: (A 2) (Everyone)
              @="IFlashBroker5"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
              @="{00020424-0000-0000-C000-000000000046}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
              "Version"="1.0"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
              "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
              00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
              .
              [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
              @Denied: (Full) (Everyone)
              .
              ------------------------ Andere Aktieve Processen ------------------------
              .
              c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
              c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
              c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
              c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
              c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
              c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
              .
              **************************************************************************
              .
              Voltooingstijd: 2014-02-05 11:34:30 - machine werd herstart
              ComboFix-quarantined-files.txt 2014-02-05 10:34
              .
              Pre-Run: 1.293.869.895.680 bytes beschikbaar
              Post-Run: 1.293.095.624.704 bytes beschikbaar
              .
              - - End Of File - - B8A418121EB77348C61137AC72F343D7

              Comment


              • #8
                DDS (Ver_2012-11-20.01) - NTFS_AMD64
                Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.51.2
                Run by Piet at 11:38:11 on 2014-02-05
                Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8174.6279 [GMT 1:00]
                .
                AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
                SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
                FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
                .
                ============== Running Processes ===============
                .
                C:\Windows\system32\lsm.exe
                C:\Windows\system32\svchost.exe -k DcomLaunch
                C:\Windows\system32\nvvsvc.exe
                C:\Windows\system32\svchost.exe -k RPCSS
                C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                C:\Windows\system32\svchost.exe -k LocalService
                C:\Windows\system32\svchost.exe -k netsvcs
                C:\Windows\system32\svchost.exe -k NetworkService
                C:\Windows\System32\spoolsv.exe
                C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                C:\Program Files\Bonjour\mDNSResponder.exe
                C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
                C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                C:\Windows\system32\nvvsvc.exe
                C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
                C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
                C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
                C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
                C:\Windows\System32\svchost.exe -k HPZ12
                C:\Windows\System32\svchost.exe -k HPZ12
                C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
                C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
                C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
                C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
                C:\Windows\system32\svchost.exe -k HPService
                C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                C:\Windows\System32\WUDFHost.exe
                C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
                C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
                C:\Windows\system32\svchost.exe -k WindowsMobile
                C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                C:\Windows\system32\SearchIndexer.exe
                C:\Windows\system32\wbem\wmiprvse.exe
                C:\Windows\system32\taskhost.exe
                C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
                C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
                C:\Windows\system32\Dwm.exe
                C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
                C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                C:\Windows\system32\taskeng.exe
                C:\Windows\explorer.exe
                C:\Program Files\Windows Media Player\wmpnetwk.exe
                C:\Windows\system32\wbem\wmiprvse.exe
                C:\Windows\System32\cscript.exe
                .
                ============== Pseudo HJT Report ===============
                .
                uStart Page = hxxp://www.google.com/
                BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
                BHO: SaveAs: {17A1458E-3C2D-2BEF-0659-C7FDDC0D9134} - LocalServer32 - <no file>
                BHO: Webexp Enhanced: {2b14f047-8a0a-4b45-8d34-352488c69d01} - LocalServer32 - <no file>
                BHO: Toggle Helper Object: {49502A6F-10AD-4EC1-8028-062D8CC5CC7F} - C:\Program Files (x86)\Toggle\toggle\1.8.8.6\bh\toggle.dll
                BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
                BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll
                BHO: SaveAs: {74D1CE2C-9508-66B3-9E13-E5167614FD2A} - LocalServer32 - <no file>
                BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
                BHO: Better-Surf: {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - LocalServer32 - <no file>
                BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
                BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
                BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
                TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
                TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
                EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
                EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
                uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
                uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
                mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
                mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
                mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
                mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
                mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
                mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
                mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
                StartupFolder: C:\Users\Piet\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Piet\AppData\Roaming\Dropbox\bin\Dropbox.exe
                StartupFolder: C:\Users\Piet\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INKTWA~1.LNK - C:\Windows\System32\RunDll32.exe
                StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
                uPolicies-Explorer: NoDrives = dword:0
                mPolicies-Explorer: NoDrives = dword:0
                mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                mPolicies-System: ConsentPromptBehaviorUser = dword:3
                mPolicies-System: EnableUIADesktopToggle = dword:0
                IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
                IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
                IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
                IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
                IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
                DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
                DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                TCP: NameServer = 213.46.228.196 62.179.104.196
                TCP: Interfaces\{77FC1C4C-FFBD-4CD5-A278-8E060C677A59} : DHCPNameServer = 213.46.228.196 62.179.104.196
                Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
                SSODL: WebCheck - <orphaned>
                x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
                x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
                x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
                x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
                x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
                x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
                x64-Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe
                x64-IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
                x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                x64-DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
                x64-SSODL: WebCheck - <orphaned>
                .
                ============= SERVICES / DRIVERS ===============
                .
                R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-6-15 27240]
                R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys [2014-1-15 493656]
                R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys [2014-1-15 1147480]
                R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [2014-1-23 1526488]
                R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys [2014-1-15 162392]
                R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140205.001\IDSviA64.sys [2014-2-5 521944]
                R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys [2014-1-15 264280]
                R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2014-1-15 590936]
                R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
                R2 DiskDoctorService;Norton Disk Doctor Service;C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [2012-10-4 1029480]
                R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13592]
                R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-4 418376]
                R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-4 701512]
                R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [2014-1-15 264360]
                R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
                R2 SpeedDiskService;Norton SpeedDisk Service;C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [2012-10-4 1037672]
                R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-6-14 2656280]
                R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-3-5 126952]
                R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-3-5 390632]
                R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-1-17 137648]
                R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-4 25928]
                R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-14 428136]
                R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
                R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
                R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
                R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
                R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
                S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
                S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
                S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-10-21 48488]
                S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
                S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
                S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;C:\Windows\System32\drivers\RTL8192su.sys [2011-6-14 690208]
                S3 SymDSMon;SymDSMon;C:\Windows\System32\drivers\SymDSMon.sys [2012-10-4 191232]
                S3 SYMSpeedDisk;SYMSpeedDisk;C:\Windows\System32\drivers\SymSpeedDisk.sys [2012-10-4 163384]
                S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
                S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
                S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
                S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-22 1255736]
                S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2010-9-23 129008]
                S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
                .
                =============== Created Last 30 ================
                .
                2014-02-05 10:31:16 -------- d-----w- C:\$RECYCLE.BIN
                2014-02-05 10:10:48 98816 ----a-w- C:\Windows\sed.exe
                2014-02-05 10:10:48 256000 ----a-w- C:\Windows\PEV.exe
                2014-02-05 10:10:48 208896 ----a-w- C:\Windows\MBR.exe
                2014-02-04 22:48:18 -------- d-----w- C:\AdwCleaner
                2014-02-04 20:39:12 -------- d-----w- C:\Users\Piet\AppData\Roaming\Malwarebytes
                2014-02-04 20:39:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
                2014-02-04 20:39:03 -------- d-----w- C:\ProgramData\Malwarebytes
                2014-02-04 20:39:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
                2014-02-04 20:38:00 -------- d-----w- C:\Users\Piet\AppData\Local\Programs
                2014-02-04 18:49:59 -------- d-----w- C:\Users\Piet\AppData\Local\NPE
                2014-02-02 13:10:20 -------- d-----w- C:\Program Files (x86)\Hitman Pro
                2014-02-02 11:04:43 -------- d-----w- C:\Program Files\Enigma Software Group
                2014-02-02 11:03:39 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
                2014-02-02 11:03:37 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
                2014-02-01 14:42:47 -------- d-----w- C:\Users\Piet\belastingMaria
                2014-01-30 09:27:56 -------- d-----w- C:\Program Files (x86)\MediaPlayerV1
                2014-01-29 12:54:11 -------- d-----w- C:\Users\Piet\AppData\Local\LogMeIn Rescue Applet
                2014-01-29 10:08:50 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                2014-01-23 17:54:43 -------- d-----w- C:\Program Files\iPod
                2014-01-23 17:54:41 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
                2014-01-23 17:54:41 -------- d-----w- C:\Program Files\iTunes
                2014-01-23 17:54:41 -------- d-----w- C:\Program Files (x86)\iTunes
                2014-01-15 11:24:21 858200 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
                2014-01-15 11:24:21 590936 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys
                2014-01-15 11:24:21 493656 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys
                2014-01-15 11:24:21 36952 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\srtspx64.sys
                2014-01-15 11:24:21 264280 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys
                2014-01-15 11:24:21 23568 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys
                2014-01-15 11:24:21 162392 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys
                2014-01-15 11:24:21 1147480 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys
                2014-01-15 11:24:11 -------- d-----w- C:\Windows\System32\drivers\N360x64\1501000.012
                2014-01-15 10:59:01 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
                2014-01-15 10:59:01 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
                2014-01-15 10:59:01 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
                2014-01-15 10:59:01 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
                2014-01-15 10:59:01 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
                2014-01-15 10:59:01 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
                2014-01-15 10:59:01 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
                2014-01-15 10:59:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
                2014-01-15 10:59:00 3156480 ----a-w- C:\Windows\System32\win32k.sys
                2014-01-10 15:57:04 200704 ----a-w- C:\Windows\SysWow64\vbalExpBar6.ocx
                2014-01-10 15:57:03 484352 ----a-w- C:\Windows\SysWow64\lame_enc.dll
                2014-01-10 15:57:03 40960 ----a-w- C:\Windows\SysWow64\SSubTmr6.dll
                2014-01-10 15:57:03 -------- d-----w- C:\Users\Piet\AppData\Roaming\FreeBurner
                2014-01-10 15:56:29 -------- d-----w- C:\Program Files (x86)\Free Easy CD DVD Burner
                2014-01-10 14:58:20 -------- d-----w- C:\Users\Piet\.android
                2014-01-10 14:58:19 -------- d-----w- C:\Users\Piet\AppData\Local\cache
                2014-01-10 14:58:18 -------- d-----w- C:\Users\Piet\AppData\Local\Mobogenie
                2014-01-10 14:58:18 -------- d-----w- C:\Users\Piet\AppData\Local\genienext
                2014-01-10 14:57:43 -------- d-----w- C:\Program Files (x86)\Mobogenie
                2014-01-10 13:36:33 -------- d-----w- C:\Program Files (x86)\VideoPlayerV3
                .
                ==================== Find3M ====================
                .
                2014-02-04 20:09:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                2014-02-04 20:09:09 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                2014-01-15 11:24:47 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
                2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
                2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
                2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
                2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
                2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
                2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
                2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
                2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
                2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
                2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
                2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
                2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
                2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
                2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
                2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
                2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
                2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
                .
                ============= FINISH: 11:38:18,26 ===============

                Comment


                • #9
                  Goed zo

                  Schakel je beveiligingssoftware uit.

                  Note: Dit script is speciaal bedoeld voor deze PC,
                  gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.


                  Open een kladblokbestand.
                  Kopieer het onderstaande en plak dit in het kladblokbestand.
                  Sla het kladblokbestand op als CFScript.txt
                  Code:
                  KillAll::
                  ClearJavaCache::
                  DDS::
                  BHO: SaveAs: {17A1458E-3C2D-2BEF-0659-C7FDDC0D9134} - LocalServer32 - <no file>
                  BHO: Webexp Enhanced: {2b14f047-8a0a-4b45-8d34-352488c69d01} - LocalServer32 - <no file>
                  BHO: SaveAs: {74D1CE2C-9508-66B3-9E13-E5167614FD2A} - LocalServer32 - <no file>
                  BHO: Better-Surf: {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - LocalServer32 - <no file>
                  x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
                  Sleep nu het bestand CFScript.txt in het bestand ComboFix.exe



                  ComboFix zal opnieuw starten.
                  Als Combofix vraagt om een update, dan staat je dit toe.

                  Wanneer ComboFix klaar is, dit kan na een herstart zijn, opent er een logfile. Post de inhoud van de logfile.

                  Maak een nieuwe DDS log en post deze ook.
                  Vertel me ook eens hoe het nu is.
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    Hallo Emphyrio,
                    Het is een wereld van verschil, ik zie geen hinderlijk knipperende pop-up schermen en geen ongevraagd geopende site's meer.
                    In een woord fantastisch. Vraag nu natuurlijk hoe hou ik dat zo? Blijkbaar is Norton niet voldoende. Hieronder de volgende logs: in ieder geval vast reuze bedankt voor de support.
                    ComboFix 14-02-05.02 - Piet 05-02-2014 14:42:06.2.8 - x64
                    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8174.5853 [GMT 1:00]
                    Gestart vanuit: c:\users\Piet\Contacts\.frostwire5\Downloads\ComboFix.exe
                    gebruikte Opdracht switches :: c:\users\Piet\Desktop\CFScript.txt
                    AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
                    FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
                    SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
                    .
                    .
                    (((((((((((((((((((( Bestanden Gemaakt van 2014-01-05 to 2014-02-05 ))))))))))))))))))))))))))))))
                    .
                    .
                    2014-02-05 13:47 . 2014-02-05 13:47 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
                    2014-02-05 13:47 . 2014-02-05 13:47 -------- d-----w- c:\users\Nel\AppData\Local\temp
                    2014-02-05 13:47 . 2014-02-05 13:47 -------- d-----w- c:\users\Default\AppData\Local\temp
                    2014-02-04 22:48 . 2014-02-04 22:51 -------- d-----w- C:\AdwCleaner
                    2014-02-04 20:39 . 2014-02-04 20:39 -------- d-----w- c:\users\Piet\AppData\Roaming\Malwarebytes
                    2014-02-04 20:39 . 2014-02-04 20:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
                    2014-02-04 20:39 . 2014-02-04 20:39 -------- d-----w- c:\programdata\Malwarebytes
                    2014-02-04 20:39 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
                    2014-02-04 20:38 . 2014-02-04 20:38 -------- d-----w- c:\users\Piet\AppData\Local\Programs
                    2014-02-04 18:49 . 2014-02-04 19:02 -------- d-----w- c:\users\Piet\AppData\Local\NPE
                    2014-02-02 13:10 . 2014-02-02 13:12 -------- d-----w- c:\program files (x86)\Hitman Pro
                    2014-02-02 11:04 . 2014-02-02 11:04 -------- d-----w- c:\program files\Enigma Software Group
                    2014-02-02 11:03 . 2014-02-02 11:40 -------- d-----w- c:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
                    2014-02-02 11:03 . 2014-02-02 11:03 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
                    2014-02-01 14:42 . 2014-02-01 14:43 -------- d-----w- c:\users\Piet\belastingMaria
                    2014-01-30 09:27 . 2014-02-04 22:28 -------- d-----w- c:\program files (x86)\MediaPlayerV1
                    2014-01-29 12:54 . 2014-01-30 09:26 -------- d-----w- c:\users\Piet\AppData\Local\LogMeIn Rescue Applet
                    2014-01-29 10:08 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                    2014-01-23 17:54 . 2014-01-23 17:54 -------- d-----w- c:\program files\iPod
                    2014-01-23 17:54 . 2014-01-23 17:54 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
                    2014-01-23 17:54 . 2014-01-23 17:54 -------- d-----w- c:\program files\iTunes
                    2014-01-23 17:54 . 2014-01-23 17:54 -------- d-----w- c:\program files (x86)\iTunes
                    2014-01-15 11:24 . 2014-02-01 13:12 -------- d-----w- c:\windows\system32\drivers\N360x64\1501000.012
                    2014-01-15 10:59 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
                    2014-01-15 10:59 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
                    2014-01-15 10:59 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
                    2014-01-15 10:59 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
                    2014-01-15 10:59 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
                    2014-01-15 10:59 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
                    2014-01-15 10:59 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
                    2014-01-15 10:59 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
                    2014-01-15 10:59 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
                    2014-01-10 15:57 . 2011-09-28 08:20 200704 ----a-w- c:\windows\SysWow64\vbalExpBar6.ocx
                    2014-01-10 15:57 . 2014-01-10 16:11 -------- d-----w- c:\users\Piet\AppData\Roaming\FreeBurner
                    2014-01-10 15:57 . 2011-09-28 08:20 484352 ----a-w- c:\windows\SysWow64\lame_enc.dll
                    2014-01-10 15:57 . 2011-09-28 08:20 40960 ----a-w- c:\windows\SysWow64\SSubTmr6.dll
                    2014-01-10 15:56 . 2014-02-04 22:28 -------- d-----w- c:\program files (x86)\Free Easy CD DVD Burner
                    2014-01-10 14:58 . 2014-01-10 14:58 -------- d-----w- c:\users\Piet\.android
                    2014-01-10 14:58 . 2014-01-10 14:58 -------- d-----w- c:\users\Piet\AppData\Local\cache
                    2014-01-10 14:58 . 2014-02-04 22:28 -------- d-----w- c:\users\Piet\AppData\Local\genienext
                    2014-01-10 14:58 . 2014-01-10 15:21 -------- d-----w- c:\users\Piet\AppData\Local\Mobogenie
                    2014-01-10 14:57 . 2014-01-10 15:21 -------- d-----w- c:\program files (x86)\Mobogenie
                    2014-01-10 13:36 . 2014-02-04 22:28 -------- d-----w- c:\program files (x86)\VideoPlayerV3
                    .
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    2014-02-04 20:09 . 2012-04-14 08:48 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                    2014-02-04 20:09 . 2011-06-14 21:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                    2014-01-15 11:35 . 2011-02-10 20:56 86054176 ----a-w- c:\windows\system32\MRT.exe
                    2014-01-15 11:24 . 2011-10-21 10:26 177752 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
                    2013-11-26 11:54 . 2013-12-12 11:09 23183360 ----a-w- c:\windows\system32\mshtml.dll
                    2013-11-26 10:19 . 2013-12-12 11:09 2724864 ----a-w- c:\windows\system32\mshtml.tlb
                    2013-11-26 10:18 . 2013-12-12 11:09 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
                    2013-11-26 09:48 . 2013-12-12 11:09 66048 ----a-w- c:\windows\system32\iesetup.dll
                    2013-11-26 09:46 . 2013-12-12 11:09 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
                    2013-11-26 09:41 . 2013-12-12 11:09 2764288 ----a-w- c:\windows\system32\iertutil.dll
                    2013-11-26 09:29 . 2013-12-12 11:09 53760 ----a-w- c:\windows\system32\jsproxy.dll
                    2013-11-26 09:27 . 2013-12-12 11:09 33792 ----a-w- c:\windows\system32\iernonce.dll
                    2013-11-26 09:23 . 2013-12-12 11:09 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
                    2013-11-26 09:21 . 2013-12-12 11:09 574976 ----a-w- c:\windows\system32\ieui.dll
                    2013-11-26 09:18 . 2013-12-12 11:09 139264 ----a-w- c:\windows\system32\ieUnatt.exe
                    2013-11-26 09:18 . 2013-12-12 11:09 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
                    2013-11-26 09:16 . 2013-12-12 11:09 708608 ----a-w- c:\windows\system32\jscript9diag.dll
                    2013-11-26 08:57 . 2013-12-12 11:09 218624 ----a-w- c:\windows\system32\ie4uinit.exe
                    2013-11-26 08:35 . 2013-12-12 11:09 5769216 ----a-w- c:\windows\system32\jscript9.dll
                    2013-11-26 08:28 . 2013-12-12 11:09 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
                    2013-11-26 08:16 . 2013-12-12 11:09 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
                    2013-11-26 08:02 . 2013-12-12 11:09 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
                    2013-11-26 07:48 . 2013-12-12 11:09 12996608 ----a-w- c:\windows\system32\ieframe.dll
                    2013-11-26 07:32 . 2013-12-12 11:09 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
                    2013-11-26 07:07 . 2013-12-12 11:09 2334208 ----a-w- c:\windows\system32\wininet.dll
                    2013-11-26 06:40 . 2013-12-12 11:09 1395200 ----a-w- c:\windows\system32\urlmon.dll
                    2013-11-26 06:34 . 2013-12-12 11:09 817664 ----a-w- c:\windows\system32\ieapfltr.dll
                    2013-11-26 06:33 . 2013-12-12 11:09 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
                    2013-11-23 18:26 . 2013-12-12 10:31 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
                    2013-11-23 17:47 . 2013-12-12 10:31 465920 ----a-w- c:\windows\system32\WMPhoto.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 942592 ----a-w- c:\windows\system32\jsIntl.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 77312 ----a-w- c:\windows\system32\tdc.ocx
                    2013-11-18 11:48 . 2013-11-18 11:48 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
                    2013-11-18 11:48 . 2013-11-18 11:48 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 616104 ----a-w- c:\windows\system32\ieapfltr.dat
                    2013-11-18 11:48 . 2013-11-18 11:48 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 48640 ----a-w- c:\windows\system32\mshtmler.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 453120 ----a-w- c:\windows\system32\dxtmsft.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 413696 ----a-w- c:\windows\system32\html.iec
                    2013-11-18 11:48 . 2013-11-18 11:48 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 337408 ----a-w- c:\windows\SysWow64\html.iec
                    2013-11-18 11:48 . 2013-11-18 11:48 296960 ----a-w- c:\windows\system32\dxtrans.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 247808 ----a-w- c:\windows\system32\msls31.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 235008 ----a-w- c:\windows\system32\elshyph.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 195584 ----a-w- c:\windows\system32\msrating.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 182272 ----a-w- c:\windows\SysWow64\msls31.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 139264 ----a-w- c:\windows\SysWow64\wextract.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 13312 ----a-w- c:\windows\SysWow64\mshta.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 13312 ----a-w- c:\windows\system32\msfeedssync.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 105984 ----a-w- c:\windows\system32\iesysprep.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 81408 ----a-w- c:\windows\system32\icardie.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 84992 ----a-w- c:\windows\system32\mshtmled.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 774144 ----a-w- c:\windows\system32\jscript.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 626176 ----a-w- c:\windows\system32\msfeeds.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 62464 ----a-w- c:\windows\system32\pngfilt.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 548352 ----a-w- c:\windows\system32\vbscript.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 48128 ----a-w- c:\windows\system32\imgutil.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 30208 ----a-w- c:\windows\system32\licmgr10.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 263376 ----a-w- c:\windows\system32\iedkcs32.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 243200 ----a-w- c:\windows\system32\webcheck.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 235520 ----a-w- c:\windows\system32\url.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 167424 ----a-w- c:\windows\system32\iexpress.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 147968 ----a-w- c:\windows\system32\occache.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 143872 ----a-w- c:\windows\system32\wextract.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 13824 ----a-w- c:\windows\system32\mshta.exe
                    2013-11-18 11:48 . 2013-11-18 11:48 135680 ----a-w- c:\windows\system32\iepeers.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
                    2013-11-18 11:48 . 2013-11-18 11:48 101376 ----a-w- c:\windows\system32\inseng.dll
                    2013-11-12 02:23 . 2013-12-12 10:30 2048 ----a-w- c:\windows\system32\tzres.dll
                    2013-11-12 02:07 . 2013-12-12 10:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                    REGEDIT4
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{49502A6F-10AD-4EC1-8028-062D8CC5CC7F}]
                    2012-12-29 09:25 265776 ----a-w- c:\program files (x86)\Toggle\toggle\1.8.8.6\bh\toggle.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt1]
                    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-09-10 23:54 131248 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt2]
                    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-09-10 23:54 131248 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt3]
                    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-09-10 23:54 131248 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                    .
                    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2013-02-26 367016]
                    "ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440]
                    "CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
                    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
                    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
                    "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
                    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
                    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
                    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
                    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
                    .
                    c:\users\Piet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                    Dropbox.lnk - c:\users\Piet\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
                    Inktwaarschuwingen controleren - HP Photosmart 5510 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2183C61505V3;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
                    .
                    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
                    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                    "ConsentPromptBehaviorAdmin"= 5 (0x5)
                    "ConsentPromptBehaviorUser"= 3 (0x3)
                    "EnableUIADesktopToggle"= 0 (0x0)
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
                    "LoadAppInit_DLLs"=1 (0x1)
                    .
                    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                    R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
                    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
                    R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNA TIVE\DRIVERS\RTL8192su.sys [x]
                    R3 SymDSMon;SymDSMon;c:\windows\system32\drivers\SymDSMon.sys;c:\windows\SYSNATIVE\drivers\SymDSMon.sys [x]
                    R3 SYMSpeedDisk;SYMSpeedDisk;c:\windows\system32\drivers\SymSpeedDisk.sys;c:\windows\SYSNATIVE\drivers\ SymSpeedDisk.sys [x]
                    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
                    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
                    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                    R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
                    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
                    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
                    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x 64\1501000.012\SYMDS64.SYS [x]
                    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers \N360x64\1501000.012\SYMEFA64.SYS [x]
                    S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [x]
                    S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N3 60x64\1501000.012\ccSetx64.sys [x]
                    S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140205.001\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140205.001\IDSvia64.sys [x]
                    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360 x64\1501000.012\Ironx64.SYS [x]
                    S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360 x64\1501000.012\SYMNETS.SYS [x]
                    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
                    S2 DiskDoctorService;Norton Disk Doctor Service;c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe;c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [x]
                    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
                    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
                    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
                    S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe;c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [x]
                    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
                    S2 SpeedDiskService;Norton SpeedDisk Service;c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe;c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [x]
                    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
                    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
                    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
                    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
                    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
                    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
                    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
                    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh .sys [x]
                    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
                    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
                    .
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
                    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
                    .
                    Inhoud van de 'Gedeelde Taken' map
                    .
                    2014-02-05 c:\windows\Tasks\Adobe Flash Player Updater.job
                    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 20:09]
                    .
                    2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-21 09:31]
                    .
                    2014-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-21 09:31]
                    .
                    2014-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3259627529-1914095622-3875271238-1001Core.job
                    - c:\users\Piet\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-20 12:02]
                    .
                    2014-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3259627529-1914095622-3875271238-1001UA.job
                    - c:\users\Piet\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-20 12:02]
                    .
                    2014-02-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3259627529-1914095622-3875271238-1004Core.job
                    - c:\users\Nel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21 12:02]
                    .
                    2014-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3259627529-1914095622-3875271238-1004UA.job
                    - c:\users\Nel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21 12:02]
                    .
                    2014-02-05 c:\windows\Tasks\HP Photo Creations Communicator.job
                    - c:\programdata\HP Photo Creations\Communicator.exe [2013-10-15 14:48]
                    .
                    2014-01-25 c:\windows\Tasks\NUSchedule.job
                    - c:\program files (x86)\Norton Utilities 15\nu.exe [2012-10-04 09:17]
                    .
                    .
                    --------- X64 Entries -----------
                    .
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
                    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-09-10 23:54 164016 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
                    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-09-10 23:54 164016 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
                    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-09-10 23:54 164016 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
                    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                    2013-09-10 23:54 164016 ----a-w- c:\users\Piet\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-13 11774568]
                    "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
                    .
                    ------- Bijkomende Scan -------
                    .
                    uLocal Page = c:\windows\system32\blank.htm
                    uStart Page = hxxp://www.google.com/
                    mLocal Page = c:\windows\SysWOW64\blank.htm
                    uInternet Settings,ProxyOverride = *.local
                    IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
                    TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
                    .
                    - - - - ORPHANS VERWIJDERD - - - -
                    .
                    BHO-{17A1458E-3C2D-2BEF-0659-C7FDDC0D9134} - (no file)
                    BHO-{2b14f047-8a0a-4b45-8d34-352488c69d01} - (no file)
                    BHO-{74D1CE2C-9508-66B3-9E13-E5167614FD2A} - (no file)
                    BHO-{8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - (no file)
                    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
                    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
                    AddRemove-DVD X Rescue - f:\321stu~1\DVDXRE~1\UNWISE.EXE
                    AddRemove-MediaPlayerV1alpha409 - c:\program files (x86)\MediaPlayerV1\MediaPlayerV1alpha409\uninstall.exe
                    .
                    .
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
                    "ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.1.0.18\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.1.0.18\diMaster.dll\" /prefetch:1"
                    "ImagePath"="\SystemRoot\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS"
                    "TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.1.0.18;c:\program files (x86)\Norton 360\Engine64\21.1.0.18"
                    .
                    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                    .
                    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="ChromeHTML"
                    .
                    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="ChromeHTML"
                    .
                    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="ChromeHTML"
                    .
                    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="ChromeHTML"
                    .
                    [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
                    @Denied: (2) (LocalSystem)
                    "Progid"="ChromeHTML"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="FlashBroker"
                    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                    "Enabled"=dword:00000001
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="IFlashBroker5"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                    @="{00020424-0000-0000-C000-000000000046}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    "Version"="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="FlashBroker"
                    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                    "Enabled"=dword:00000001
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                    @Denied: (A 2) (Everyone)
                    @="Shockwave Flash Object"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
                    "ThreadingModel"="Apartment"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                    @="0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                    @="ShockwaveFlash.ShockwaveFlash.11"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                    @="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                    @="ShockwaveFlash.ShockwaveFlash"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                    @Denied: (A 2) (Everyone)
                    @="Macromedia Flash Factory Object"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
                    "ThreadingModel"="Apartment"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                    @="FlashFactory.FlashFactory.1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                    @="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                    @="FlashFactory.FlashFactory"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="IFlashBroker5"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                    @="{00020424-0000-0000-C000-000000000046}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    "Version"="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
                    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
                    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                    @Denied: (Full) (Everyone)
                    .
                    ------------------------ Andere Aktieve Processen ------------------------
                    .
                    c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                    c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
                    c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
                    c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
                    c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                    c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
                    .
                    **************************************************************************
                    .
                    Voltooingstijd: 2014-02-05 14:54:18 - machine werd herstart
                    ComboFix-quarantined-files.txt 2014-02-05 13:54
                    ComboFix2.txt 2014-02-05 10:34
                    .
                    Pre-Run: 1.292.945.768.448 bytes beschikbaar
                    Post-Run: 1.292.918.976.512 bytes beschikbaar
                    .
                    - - End Of File - - 6C6A35C7C507CD3752720057F17E1A3A

                    Comment


                    • #11
                      DDS (Ver_2012-11-20.01) - NTFS_AMD64
                      Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.51.2
                      Run by Piet at 14:57:01 on 2014-02-05
                      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8174.5970 [GMT 1:00]
                      .
                      AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
                      SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
                      FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
                      .
                      ============== Running Processes ===============
                      .
                      C:\Windows\system32\lsm.exe
                      C:\Windows\system32\svchost.exe -k DcomLaunch
                      C:\Windows\system32\nvvsvc.exe
                      C:\Windows\system32\svchost.exe -k RPCSS
                      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                      C:\Windows\system32\svchost.exe -k LocalService
                      C:\Windows\system32\svchost.exe -k netsvcs
                      C:\Windows\system32\svchost.exe -k NetworkService
                      C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                      C:\Windows\system32\nvvsvc.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Windows\System32\spoolsv.exe
                      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                      C:\Windows\system32\taskhost.exe
                      C:\Windows\system32\Dwm.exe
                      C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                      C:\Program Files\Bonjour\mDNSResponder.exe
                      C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
                      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                      C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
                      C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
                      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
                      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
                      C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
                      C:\Windows\System32\svchost.exe -k HPZ12
                      C:\Windows\System32\svchost.exe -k HPZ12
                      C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
                      C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
                      C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
                      C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
                      C:\Windows\system32\svchost.exe -k imgsvc
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                      C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                      C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
                      C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
                      C:\Windows\system32\svchost.exe -k HPService
                      C:\Windows\servicing\TrustedInstaller.exe
                      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                      C:\Windows\System32\WUDFHost.exe
                      C:\Windows\system32\SearchIndexer.exe
                      C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                      C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
                      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                      C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Windows\system32\svchost.exe -k WindowsMobile
                      C:\Windows\system32\sppsvc.exe
                      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                      C:\Windows\explorer.exe
                      C:\Program Files\Windows Media Player\wmpnetwk.exe
                      C:\Windows\system32\wbem\wmiprvse.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Windows\system32\SearchProtocolHost.exe
                      C:\Windows\system32\SearchFilterHost.exe
                      C:\Windows\system32\wbem\wmiprvse.exe
                      C:\Windows\System32\cscript.exe
                      .
                      ============== Pseudo HJT Report ===============
                      .
                      uStart Page = hxxp://www.google.com/
                      BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
                      BHO: SaveAs: {17A1458E-3C2D-2BEF-0659-C7FDDC0D9134} - LocalServer32 - <no file>
                      BHO: Webexp Enhanced: {2b14f047-8a0a-4b45-8d34-352488c69d01} - LocalServer32 - <no file>
                      BHO: Toggle Helper Object: {49502A6F-10AD-4EC1-8028-062D8CC5CC7F} - C:\Program Files (x86)\Toggle\toggle\1.8.8.6\bh\toggle.dll
                      BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
                      BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll
                      BHO: SaveAs: {74D1CE2C-9508-66B3-9E13-E5167614FD2A} - LocalServer32 - <no file>
                      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
                      BHO: Better-Surf: {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - LocalServer32 - <no file>
                      BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                      BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
                      BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
                      BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
                      TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                      TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
                      TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                      TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\CoIEPlg.dll
                      EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
                      EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
                      uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
                      uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
                      mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                      mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
                      mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
                      mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                      mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
                      mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
                      mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
                      mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
                      mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
                      StartupFolder: C:\Users\Piet\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Piet\AppData\Roaming\Dropbox\bin\Dropbox.exe
                      StartupFolder: C:\Users\Piet\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INKTWA~1.LNK - C:\Windows\System32\RunDll32.exe
                      StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
                      uPolicies-Explorer: NoDrives = dword:0
                      mPolicies-Explorer: NoDrives = dword:0
                      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                      mPolicies-System: ConsentPromptBehaviorUser = dword:3
                      mPolicies-System: EnableUIADesktopToggle = dword:0
                      IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
                      IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
                      IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
                      IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
                      IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
                      DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
                      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                      DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                      DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                      DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                      TCP: NameServer = 213.46.228.196 62.179.104.196
                      TCP: Interfaces\{77FC1C4C-FFBD-4CD5-A278-8E060C677A59} : DHCPNameServer = 213.46.228.196 62.179.104.196
                      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
                      SSODL: WebCheck - <orphaned>
                      x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
                      x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                      x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
                      x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
                      x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
                      x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll
                      x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
                      x64-Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe
                      x64-IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
                      x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                      x64-DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                      x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                      x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
                      x64-SSODL: WebCheck - <orphaned>
                      .
                      ============= SERVICES / DRIVERS ===============
                      .
                      R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-6-15 27240]
                      R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys [2014-1-15 493656]
                      R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys [2014-1-15 1147480]
                      R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [2014-1-23 1526488]
                      R1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys [2014-1-15 162392]
                      R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140205.001\IDSviA64.sys [2014-2-5 521944]
                      R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys [2014-1-15 264280]
                      R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys [2014-1-15 590936]
                      R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
                      R2 DiskDoctorService;Norton Disk Doctor Service;C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [2012-10-4 1029480]
                      R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-14 13592]
                      R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-4 418376]
                      R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-4 701512]
                      R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [2014-1-15 264360]
                      R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
                      R2 SpeedDiskService;Norton SpeedDisk Service;C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [2012-10-4 1037672]
                      R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-6-14 2656280]
                      R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-3-5 126952]
                      R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-3-5 390632]
                      R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-1-17 137648]
                      R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-4 25928]
                      R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-14 428136]
                      R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
                      R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
                      R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
                      R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
                      R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
                      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
                      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
                      S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-10-21 48488]
                      S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
                      S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
                      S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;C:\Windows\System32\drivers\RTL8192su.sys [2011-6-14 690208]
                      S3 SymDSMon;SymDSMon;C:\Windows\System32\drivers\SymDSMon.sys [2012-10-4 191232]
                      S3 SYMSpeedDisk;SYMSpeedDisk;C:\Windows\System32\drivers\SymSpeedDisk.sys [2012-10-4 163384]
                      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
                      S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
                      S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
                      S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-22 1255736]
                      S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2010-9-23 129008]
                      S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
                      .
                      =============== Created Last 30 ================
                      .
                      2014-02-05 13:50:03 -------- d-sh--w- C:\$RECYCLE.BIN
                      2014-02-05 10:10:48 98816 ----a-w- C:\Windows\sed.exe
                      2014-02-05 10:10:48 256000 ----a-w- C:\Windows\PEV.exe
                      2014-02-05 10:10:48 208896 ----a-w- C:\Windows\MBR.exe
                      2014-02-04 22:48:18 -------- d-----w- C:\AdwCleaner
                      2014-02-04 20:39:12 -------- d-----w- C:\Users\Piet\AppData\Roaming\Malwarebytes
                      2014-02-04 20:39:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
                      2014-02-04 20:39:03 -------- d-----w- C:\ProgramData\Malwarebytes
                      2014-02-04 20:39:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
                      2014-02-04 20:38:00 -------- d-----w- C:\Users\Piet\AppData\Local\Programs
                      2014-02-04 18:49:59 -------- d-----w- C:\Users\Piet\AppData\Local\NPE
                      2014-02-02 13:10:20 -------- d-----w- C:\Program Files (x86)\Hitman Pro
                      2014-02-02 11:04:43 -------- d-----w- C:\Program Files\Enigma Software Group
                      2014-02-02 11:03:39 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
                      2014-02-02 11:03:37 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
                      2014-02-01 14:42:47 -------- d-----w- C:\Users\Piet\belastingMaria
                      2014-01-30 09:27:56 -------- d-----w- C:\Program Files (x86)\MediaPlayerV1
                      2014-01-29 12:54:11 -------- d-----w- C:\Users\Piet\AppData\Local\LogMeIn Rescue Applet
                      2014-01-29 10:08:50 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                      2014-01-23 17:54:43 -------- d-----w- C:\Program Files\iPod
                      2014-01-23 17:54:41 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
                      2014-01-23 17:54:41 -------- d-----w- C:\Program Files\iTunes
                      2014-01-23 17:54:41 -------- d-----w- C:\Program Files (x86)\iTunes
                      2014-01-15 11:24:21 858200 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\srtsp64.sys
                      2014-01-15 11:24:21 590936 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\symnets.sys
                      2014-01-15 11:24:21 493656 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymDS64.sys
                      2014-01-15 11:24:21 36952 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\srtspx64.sys
                      2014-01-15 11:24:21 264280 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\Ironx64.sys
                      2014-01-15 11:24:21 23568 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys
                      2014-01-15 11:24:21 162392 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\ccSetx64.sys
                      2014-01-15 11:24:21 1147480 ----a-r- C:\Windows\System32\drivers\N360x64\1501000.012\SymEFA64.sys
                      2014-01-15 11:24:11 -------- d-----w- C:\Windows\System32\drivers\N360x64\1501000.012
                      2014-01-15 10:59:01 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
                      2014-01-15 10:59:01 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
                      2014-01-15 10:59:01 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
                      2014-01-15 10:59:01 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
                      2014-01-15 10:59:01 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
                      2014-01-15 10:59:01 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
                      2014-01-15 10:59:01 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
                      2014-01-15 10:59:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
                      2014-01-15 10:59:00 3156480 ----a-w- C:\Windows\System32\win32k.sys
                      2014-01-10 15:57:04 200704 ----a-w- C:\Windows\SysWow64\vbalExpBar6.ocx
                      2014-01-10 15:57:03 484352 ----a-w- C:\Windows\SysWow64\lame_enc.dll
                      2014-01-10 15:57:03 40960 ----a-w- C:\Windows\SysWow64\SSubTmr6.dll
                      2014-01-10 15:57:03 -------- d-----w- C:\Users\Piet\AppData\Roaming\FreeBurner
                      2014-01-10 15:56:29 -------- d-----w- C:\Program Files (x86)\Free Easy CD DVD Burner
                      2014-01-10 14:58:20 -------- d-----w- C:\Users\Piet\.android
                      2014-01-10 14:58:19 -------- d-----w- C:\Users\Piet\AppData\Local\cache
                      2014-01-10 14:58:18 -------- d-----w- C:\Users\Piet\AppData\Local\Mobogenie
                      2014-01-10 14:58:18 -------- d-----w- C:\Users\Piet\AppData\Local\genienext
                      2014-01-10 14:57:43 -------- d-----w- C:\Program Files (x86)\Mobogenie
                      2014-01-10 13:36:33 -------- d-----w- C:\Program Files (x86)\VideoPlayerV3
                      .
                      ==================== Find3M ====================
                      .
                      2014-02-04 20:09:09 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                      2014-02-04 20:09:09 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                      2014-01-15 11:24:47 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
                      2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
                      2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
                      2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
                      2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
                      2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                      2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
                      2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
                      2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
                      2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
                      2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
                      2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
                      2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
                      2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                      2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
                      2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
                      2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
                      2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
                      2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
                      2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
                      .
                      ============= FINISH: 14:57:09,20 ===============

                      Comment


                      • #12
                        Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

                        ComboFix /Uninstall

                        Zorg ervoor dat er dus een spatie is tussen Combofix en /
                        Daarna klik je op Enter.


                        Klik op de afbeelding om te vergroten....


                        Dit zal Combofix verwijderen+gerelateerde mappen en bestanden,
                        herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies,
                        gaat verborgen bestanden en systeembestanden terug verbergen
                        en reset je Systeemherstel opnieuw.



                        Start CCleaner op.
                        • Run Ccleaner en klik in de linkse kolom op Opties
                        • Selecteer het tabblad Geavanceerd
                        • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                        • Selecteer het tabblad Instellingen
                        • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                        • Klik in de linkse kolom op Cleaner.
                        • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                        • Klik vervolgens in de linkse kolom op Register
                        • Klik op Scan naar problemen.
                        • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK



                        Je pc is clean

                        1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                        2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                        Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                        3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                        4) Allerlei tips en hints kan je hier raadplegen.


                        Ik zet het topic op opgelost.

                        Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                        naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                        Dit is gedaan om het forum netjes en overzichtelijk te houden.

                        Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                        Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                        Emphyrio
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          Ik weet niet of het verwijderen van combofix goed is gelukt.
                          Bedoel je met Ccleaner Adwcleaner? Ccleaner kan ik niet vinden

                          Comment


                          • #14
                            Oorspronkelijk geplaatst door blank013 Bekijk Berichten
                            Ik weet niet of het verwijderen van combofix goed is gelukt.
                            Bedoel je met Ccleaner Adwcleaner? Ccleaner kan ik niet vinden
                            Nee, AdwCleaner is niet Ccleaner.

                            Als het goed is, heb je deze gedownload voor je aan Combofix begon, zie: http://www.nucia.eu/forum/threads/71...l=1#post692253
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment


                            • #15
                              Ja ik heb deze via de link op de "handleiding voor een schone pc" gedownload en uitgevoerd maar nu is het weer helemaal mis.

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X