Mededeling

Collapse
No announcement yet.

exechecker

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • exechecker

    Hallo mensen ... ik heb nu een aantal dagen last van een genaamde exechecker
    deze zorgt dat bepaalde woorden in een tekst groen worden en als soort link gegeven worden
    IK gebruik Google CHROME !!! en kan dit niet verwijderen via extensies

    (zie plaatje)

    http://gyazo.com/daec5e86bee41cae9ac1ee85d8bd4166

    wat heb ik reeds gedaan gescand met malwarebytes logje

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2014.02.11.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16476
    peepke :: PEEPKE-PC [administrator]

    11-2-2014 20:13:18
    mbam-log-2014-02-11 (20-13-18).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 224924
    Verstreken tijd: 6 minuut/minuten, 27 seconde(n)

    Geheugenprocessen gedetecteerd: 1
    C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 2600 -> Zal worden verwijderd tijdens het herstarten.

    Geheugenmodulen gedetecteerd: 1
    C:\Users\peepke\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.

    Registersleutels gedetecteerd: 7
    HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86593088-CB6B-8BD7-2277-397C45F99E2D} (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 2
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\peepke\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0I1D1NtGtBtH0I1ItGyEtH1R0I1O1L1TtGtAtF0StHzu -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 10
    C:\Users\peepke\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.
    C:\Users\peepke\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685 (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ch (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff\chrome (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff\chrome\content (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff\chrome\content\icons (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff\chrome\content\icons\default (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ie (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.

    Bestanden gedetecteerd: 15
    C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Zal worden verwijderd tijdens het herstarten.
    C:\Users\peepke\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Zal worden verwijderd tijdens het herstarten.
    C:\ProgramData\EEXECaheecckker\k0CTIRwY.dll (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\ProgramData\EEXECaheecckker\k0CTIRwY.exe (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\ProgramData\EEXECaheecckker\k0CTIRwY.x64.dll (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\peepke\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\peepke\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\peepke\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\uninstall.exe (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff\chrome.manifest (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff\install.rdf (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff\chrome\content\ffVideoPlayerV3beta685.js (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff\chrome\content\overlay.xul (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff\chrome\content\icons\Thumbs.db (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta685\ff\chrome\content\icons\default\VideoPlayerV3beta685_32.png (Adware.VPlayer) -> Succesvol in quarantaine geplaatst en verwijderd.

    (einde)


    DDS log
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.51.2
    Run by peepke at 20:25:56 on 2014-02-11
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4058.2286 [GMT 1:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    C:\Windows\system32\viakaraokesrv.exe
    C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Users\peepke\AppData\Local\Skillbrains\lightshot\4.4.2.10\LightShot.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Program Files (x86)\Gyazo\GyStation.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxps://www.google.nl/
    mWinlogon: Userinit = userinit.exe,
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [LightShot] C:\Users\peepke\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
    uRun: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
    mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - hxxp://www.chat-united.nl/controls/msnchat45.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{641F54E9-2BB3-4A4C-BD56-A29DD6D8EF5A} : DHCPNameServer = 192.168.1.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.41\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: EEXECaheecckker: {A1A4EE12-B7E8-93C0-A7A6-1567DBC85250} -
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
    x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-Run: [Cm108Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
    x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\peepke\AppData\Roaming\Mozilla\Firefox\Profiles\soh60myg.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - www.google.nl
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Users\peepke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_165.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_170.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_50.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.http.pipelining.maxrequests - 8
    FF - user.js: network.http.request.max-start-delay - 0
    FF - user.js: network.http.max-connections - 48
    FF - user.js: network.http.max-connections-per-server - 16
    FF - user.js: network.http.max-persistent-connections-per-proxy - 16
    FF - user.js: network.http.max-persistent-connections-per-server - 8
    FF - user.js: browser.turbo.enabled - true
    FF - user.js: browser.display.show_image_placeholders - true
    FF - user.js: browser.chrome.favicons - false
    FF - user.js: browser.urlbar.autocomplete.enabled - true
    FF - user.js: browser.cache.memory.capacity - 65536
    FF - user.js: content.notify.ontimer - true
    FF - user.js: content.interrupt.parsing - true
    FF - user.js: content.max.tokenizing.time - 2250000
    FF - user.js: content.switch.threshold - 750000
    FF - user.js: plugin.expose_full_path - true
    FF - user.js: ui.submenuDelay - 0
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;C:\Windows\System32\drivers\iusb3hcs.sys [2012-12-4 16152]
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
    R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-12-18 17720]
    R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-12-4 21616]
    R2 70e6ca8c;Optimizer Pro Crash Monitor;C:\Windows\System32\rundll32.exe [2009-7-14 45568]
    R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-1-3 1363616]
    R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-1-3 1748640]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-12-4 161560]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 134944]
    R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-13 1494304]
    R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-13 15129376]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
    R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-2-2 4915040]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-12-4 363800]
    R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2014-1-13 27768]
    R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-12-18 65152]
    R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2012-1-6 88576]
    R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;C:\Windows\System32\drivers\iusb3hub.sys [2012-12-4 356120]
    R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;C:\Windows\System32\drivers\iusb3xhc.sys [2012-12-4 787736]
    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-12-4 104560]
    R3 Lycosa;Lycosa Keyboard;C:\Windows\System32\drivers\Lycosa.sys [2013-12-18 28928]
    R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
    R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-13 39200]
    R3 USBPNPA;USB PnP Sound Device Interface;C:\Windows\System32\drivers\CM10864.sys [2013-5-25 1310720]
    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2014-1-13 689840]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
    S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
    S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-11-23 49152]
    S3 etdrv;etdrv;C:\Windows\etdrv.sys [2012-12-4 25640]
    S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-12-4 30528]
    S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-12-4 160256]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-15 19456]
    S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-15 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-15 30208]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-6 1255736]
    S4 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-3-9 574272]
    .
    =============== Created Last 30 ================
    .
    2014-02-11 19:12:18 -------- d-----w- C:\Users\peepke\AppData\Roaming\Malwarebytes
    2014-02-11 19:11:54 -------- d-----w- C:\ProgramData\Malwarebytes
    2014-02-11 19:11:52 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-02-11 19:11:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-02-11 16:02:48 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D1182AC2-EE37-48D7-A8D0-97C3314EB4DB}\mpengine.dll
    2014-02-09 22:16:00 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-02-09 21:02:17 10315576 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2014-02-04 20:25:42 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
    2014-02-03 14:36:15 -------- d-----w- C:\Users\peepke\AppData\Roaming\IObit
    2014-01-31 23:52:37 -------- d-----w- C:\Users\peepke\AppData\Local\Packages
    2014-01-31 23:52:36 -------- d-----w- C:\ProgramData\EEXECaheecckker
    2014-01-31 23:52:34 -------- d-----w- C:\ProgramData\diaplgmappeemkimmbhndinhjojnckja
    2014-01-27 19:32:18 -------- d-----w- C:\Program Files\CCleaner
    2014-01-26 10:23:09 -------- d-----w- C:\Program Files (x86)\CoolSaalaeiCoupon
    2014-01-24 12:58:02 -------- d-----w- C:\ProgramData\deal2Dealit
    2014-01-24 12:58:02 -------- d-----w- C:\ProgramData\beloplebiejaibjpebocalkaphiaomin
    2014-01-24 12:57:50 -------- d-----w- C:\ProgramData\ea5a2f57c7a4469e
    2014-01-24 12:57:49 -------- d-----w- C:\ProgramData\CoolSaalaeiCoupon
    2014-01-24 06:30:37 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DCADD0-B034-4FFD-99A3-04E2603A5CA1}\gapaengine.dll
    2014-01-15 13:37:32 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2014-01-15 13:37:32 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2014-01-15 13:37:31 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2014-01-15 13:37:31 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2014-01-15 13:37:31 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2014-01-15 13:37:31 3156480 ----a-w- C:\Windows\System32\win32k.sys
    2014-01-15 13:37:31 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
    2014-01-15 13:37:31 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    2014-01-15 13:37:30 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
    2014-01-13 20:39:30 -------- d-----w- C:\Users\peepke\AppData\Local\NVIDIA Corporation
    2014-01-13 20:39:02 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
    2014-01-13 20:39:02 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
    2014-01-13 20:38:56 -------- d-----w- C:\Users\peepke\AppData\Local\NVIDIA
    2014-01-13 20:33:08 70776 ----a-w- C:\Windows\System32\VtSrdAPO.dll
    .
    ==================== Find3M ====================
    .
    2014-01-26 10:35:43 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-01-26 10:35:43 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe
    2013-12-19 20:33:31 9700224 ----a-w- C:\Windows\SysWow64\nvcuda.dll
    2013-12-19 18:53:46 6671648 ----a-w- C:\Windows\System32\nvcpl.dll
    2013-12-19 18:53:46 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
    2013-12-19 18:53:44 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
    2013-12-19 18:53:44 63776 ----a-w- C:\Windows\System32\nvshext.dll
    2013-12-19 18:53:44 386336 ----a-w- C:\Windows\System32\nvmctray.dll
    2013-12-19 11:20:22 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2013-12-19 05:01:48 3539040 ----a-w- C:\Windows\System32\nvcoproc.bin
    2013-12-18 11:33:38 88576 ----a-w- C:\Windows\System32\drivers\EtronXHCI.sys
    2013-12-18 11:33:38 65152 ----a-w- C:\Windows\System32\drivers\EtronHub3.sys
    2013-12-18 11:33:30 64624 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
    2013-12-18 11:32:17 1510176 ----a-w- C:\Windows\System32\nvhdagenco64.dll
    2013-12-18 11:31:50 28928 ----a-w- C:\Windows\System32\drivers\Lycosa.sys
    2013-12-18 11:27:45 1884448 ----a-w- C:\Windows\System32\nvdispco6433182.dll
    2013-12-18 11:27:45 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433182.dll
    2013-12-05 08:42:30 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
    2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
    2013-12-05 08:42:26 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
    2013-11-28 13:38:22 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
    2013-11-28 13:38:18 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
    2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
    2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
    2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
    2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
    2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
    2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
    2013-11-22 08:36:08 1515296 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
    2013-11-14 18:00:00 127488 ----a-w- C:\Windows\System32\ff_vfw.dll
    2013-11-14 18:00:00 112640 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
    .
    ============= FINISH: 20:26:55,90 ===============


    GMER logje
    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-02-11 20:35:51
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD103SJ rev.1AJ100E5 931,51GB
    Running: b7f5gl2n.exe; Driver: C:\Users\peepke\AppData\Local\Temp\uwdiapoc.sys


    ---- User code sections - GMER 2.1 ----

    .text C:\Windows\SysWOW64\PnkBstrA.exe[2536] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000073da1a22 2 bytes [DA, 73]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2536] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000073da1ad0 2 bytes [DA, 73]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2536] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000073da1b08 2 bytes [DA, 73]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2536] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000073da1bba 2 bytes [DA, 73]
    .text C:\Windows\SysWOW64\PnkBstrA.exe[2536] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000073da1bda 2 bytes [DA, 73]
    ---- Processes - GMER 2.1 ----

    Library C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D1182AC2-EE37-48D7-A8D0-97C3314EB4DB}\offreg.dll (*** suspicious ***) @ C:\Program Files\Microsoft Security Client\MsMpEng.exe [1020](2014-02-11 19:28:47) 000007fef3610000

    ---- EOF - GMER 2.1 ----


    ik hoop dat jullie me kunnen helpen
    Last edited by peepke; 11-02-14, 20:11.

  • #2
    Hoi peepke en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Stap 1:

    Malware scannen en verwijderen....

    Heb je MBAM reeds op je pc staan, moet je niet downloaden uiteraard.

    Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links: Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    KLIK HIER voor een vergroting! 
    Klik op de foto voor een vergroting...

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    .___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scan
    • Klik op Clean
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner\AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Enkel de log na de "clean" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com
    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.


    ___________________________________________________________

    Stap 4:

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.


    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      me icoontjes en alles is weh ( dit had je gezegd)
      me download folder is leeg
      krijg geen log file van DDS


      Malwarebytes Anti-Malware 1.75.0.1300
      www.malwarebytes.org

      Databaseversie: v2014.02.11.08

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 11.0.9600.16476
      peepke :: PEEPKE-PC [administrator]

      11-2-2014 23:23:33
      mbam-log-2014-02-11 (23-23-33).txt

      Scan type: Snelle scan
      Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
      Uitgeschakelde scan opties: P2P
      Objecten gescand: 229496
      Verstreken tijd: 6 minuut/minuten, 13 seconde(n)

      Geheugenprocessen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Geheugenmodulen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registersleutels gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerwaarden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Registerdata gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Mappen gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      Bestanden gedetecteerd: 0
      (Geen kwaadaardige objecten gedetecteerd)

      (einde)

      # AdwCleaner v3.018 - Report created 11/02/2014 at 23:15:39
      # Updated 28/01/2014 by Xplode
      # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
      # Username : peepke - PEEPKE-PC
      # Running from : C:\Users\peepke\Desktop\adwcleaner.exe
      # Option : Clean

      ***** [ Services ] *****


      ***** [ Files / Folders ] *****

      Folder Deleted : C:\ProgramData\apn
      Folder Deleted : C:\ProgramData\Babylon
      Folder Deleted : C:\ProgramData\Splashtop
      Folder Deleted : C:\ProgramData\Tarma Installer
      Folder Deleted : C:\ProgramData\CoolSaalaeiCoupon
      Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
      Folder Deleted : C:\Program Files (x86)\optimizer pro
      Folder Deleted : C:\Program Files (x86)\CoolSaalaeiCoupon
      Folder Deleted : C:\Users\peepke\AppData\Roaming\Splashtop
      File Deleted : C:\Users\peepke\AppData\Roaming\Mozilla\Firefox\Profiles\soh60myg.default\user.js

      ***** [ Shortcuts ] *****


      ***** [ Registry ] *****

      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
      Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
      Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
      Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
      Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
      Key Deleted : HKCU\Software\BabSolution
      Key Deleted : HKCU\Software\Conduit
      Key Deleted : HKCU\Software\dsiteproducts
      Key Deleted : HKCU\Software\Optimizer Pro
      Key Deleted : HKCU\Software\Softonic
      Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
      Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
      Key Deleted : HKLM\Software\DataMngr
      Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
      Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL

      ***** [ Browsers ] *****

      -\\ Internet Explorer v11.0.9600.16428


      -\\ Mozilla Firefox v26.0 (nl)

      [ File : C:\Users\peepke\AppData\Roaming\Mozilla\Firefox\Profiles\soh60myg.default\prefs.js ]

      Line Deleted : user_pref("browser.search.order.1", "Ask.com");
      Line Deleted : user_pref("extensions.3rbFS9I.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"onduit\")>-1||url.match(/bing.com[^p]+pc=.+/)||url.match(/search.
      Line Deleted : user_pref("extensions.aPR9.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"onduit\")>-1||url.match(/bing.com[^p]+pc=.+/)||url.match(/search.yah

      -\\ Google Chrome v32.0.1700.41

      [ File : C:\Users\peepke\AppData\Local\Google\Chrome\User Data\Default\preferences ]


      *************************

      AdwCleaner[R0].txt - [5086 octets] - [11/02/2014 23:13:30]
      AdwCleaner[S0].txt - [4662 octets] - [11/02/2014 23:15:39]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4722 octets] ##########

      Results of screen317's Security Check version 0.99.79
      Windows 7 Service Pack 1 x64 (UAC is disabled!)
      Internet Explorer 11
      ``````````````Antivirus/Firewall Check:``````````````
      Microsoft Security Essentials
      Antivirus up to date!
      `````````Anti-malware/Other Utilities Check:`````````
      Java 7 Update 51
      Adobe Reader XI
      Mozilla Firefox (26.0)
      Google Chrome 31.0.1650.63
      Google Chrome 32.0.1700.41
      ````````Process Check: objlist.exe by Laurent````````
      Microsoft Security Essentials msseces.exe
      Windows Defender MSMpEng.exe
      Malwarebytes Anti-Malware mbam.exe
      `````````````````System Health check`````````````````
      Total Fragmentation on Drive C:
      ````````````````````End of Log``````````````````````
      Last edited by Emphyrio; 12-02-14, 20:40. Reden: Smileys uitgeschakeld

      Comment


      • #4
        even nog iets anders ....
        als ik DDS download opent het programma ik kan scannen maar ik krijg geen log

        als ik dan het programma wil zoeken in me downloads kan ik het niet vinden ...
        ook niet als ik via zoeken zoek ...
        ik heb dus een plaatje gedownload van het internet
        en dat word opgeslagen in
        C: windows system32 config systemprofile downloads
        als ik dan deze map zoek en vind is deze leeg ...

        ik hoop dat je me kan helpen

        Comment


        • #5
          Mag ik de log van de VOLLEDIGE scan van MBAM zoals gevraagd aub?
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            Sorry



            Malwarebytes Anti-Malware 1.75.0.1300
            www.malwarebytes.org

            Databaseversie: v2014.02.11.08

            Windows 7 Service Pack 1 x64 NTFS
            Internet Explorer 11.0.9600.16476
            peepke :: PEEPKE-PC [administrator]

            12-2-2014 16:40:00
            mbam-log-2014-02-12 (16-40-00).txt

            Scan type: Volledige scan (C:\|D:\|)
            Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
            Uitgeschakelde scan opties: P2P
            Objecten gescand: 400316
            Verstreken tijd: 59 minuut/minuten, 46 seconde(n)

            Geheugenprocessen gedetecteerd: 0
            (Geen kwaadaardige objecten gedetecteerd)

            Geheugenmodulen gedetecteerd: 0
            (Geen kwaadaardige objecten gedetecteerd)

            Registersleutels gedetecteerd: 0
            (Geen kwaadaardige objecten gedetecteerd)

            Registerwaarden gedetecteerd: 0
            (Geen kwaadaardige objecten gedetecteerd)

            Registerdata gedetecteerd: 0
            (Geen kwaadaardige objecten gedetecteerd)

            Mappen gedetecteerd: 0
            (Geen kwaadaardige objecten gedetecteerd)

            Bestanden gedetecteerd: 3
            C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-saudi-forf.exe (PUP.Optional.Hao123.A) -> Succesvol in quarantaine geplaatst en verwijderd.
            C:\Users\peepke\Downloads\Microsoft Office 2010 DutchReleaseTeam\KMS Activator for Microsoft Office 2010\mini-KMS_Activator_v1.053.exe (Riskware.Crk) -> Succesvol in quarantaine geplaatst en verwijderd.
            C:\Users\peepke\Downloads\Microsoft Office 2010 DutchReleaseTeam\KMS Activator for Microsoft Office 2010\mini-KMS_Activator_v1.053.rar (Riskware.Crk) -> Succesvol in quarantaine geplaatst en verwijderd.

            (einde)

            Comment


            • #7
              Download of Update Ccleaner

              Start CCleaner op.
              • Run Ccleaner en klik in de linkse kolom op Opties
              • Selecteer het tabblad Geavanceerd
              • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
              • Selecteer het tabblad Instellingen
              • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
              • Klik in de linkse kolom op Cleaner.
              • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
              • Klik vervolgens in de linkse kolom op Register
              • Klik op Scan naar problemen.
              • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                gedaan !!

                Comment


                • #9
                  Hoe is het nu?
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    hij blijft het doen ... ik heb ook veel reclame (links en rechts van het forum) kan erbij horen weet ik niet zeker
                    bij extensies in Chrome staat de exe checker er nog steeds bij ...

                    Comment


                    • #11
                      Download Combofix naar je bureaublad.

                      Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                      Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.


                      Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.


                      Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                      Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                      Als Combofix vraagt om een update, dan staat je dit toe.

                      Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                      Deze kan je vinden als C:\combofix.txt.

                      Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                      * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                      • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                      • Illegal operation attempted on a registry key that has been marked for deletion.
                      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                      Comment


                      • #12
                        ComboFix 14-02-12.01 - peepke 13-02-2014 18:50:31.1.4 - x64
                        Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4058.1638 [GMT 1:00]
                        Gestart vanuit: c:\users\peepke\Downloads\ComboFix.exe
                        AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
                        SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
                        SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                        .
                        .
                        (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        .
                        c:\users\peepke\AppData\Local\Google\Chrome\User Data\Default\Extensions\diaplgmappeemkimmbhndinhjojnckja
                        c:\users\peepke\AppData\Local\Google\Chrome\User Data\Default\Extensions\diaplgmappeemkimmbhndinhjojnckja\4.1_0\background.html
                        c:\users\peepke\AppData\Local\Google\Chrome\User Data\Default\Extensions\diaplgmappeemkimmbhndinhjojnckja\4.1_0\bsXE7HXi_O.js
                        c:\users\peepke\AppData\Local\Google\Chrome\User Data\Default\Extensions\diaplgmappeemkimmbhndinhjojnckja\4.1_0\content.js
                        c:\users\peepke\AppData\Local\Google\Chrome\User Data\Default\Extensions\diaplgmappeemkimmbhndinhjojnckja\4.1_0\lsdb.js
                        c:\users\peepke\AppData\Local\Google\Chrome\User Data\Default\Extensions\diaplgmappeemkimmbhndinhjojnckja\4.1_0\manifest.json
                        c:\users\peepke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_diaplgmappeemkimmbhndinhjojnckja_0.localstorage
                        c:\users\peepke\AppData\Local\Google\Chrome\User Data\Default\Preferences
                        c:\windows\system32\config\systemprofile\AppData\Local\Temp\RarSFX0\SecurityCheck\Objlist.exe
                        c:\windows\system32\config\systemprofile\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\cmdinfo.exe
                        c:\windows\system32\config\systemprofile\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\nircmdc.exe
                        c:\windows\system32\config\systemprofile\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exe
                        c:\windows\system32\config\systemprofile\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\swreg.exe
                        c:\windows\system32\config\systemprofile\AppData\Local\Temp\RarSFX0\SecurityCheck\runprocesses.exe
                        c:\windows\system32\config\systemprofile\AppData\Local\Temp\RarSFX0\SecurityCheck\uninstalllist.exe
                        c:\windows\SysWow64\DEBUG.log
                        c:\windows\SysWow64\frapsvid.dll
                        .
                        .
                        (((((((((((((((((((( Bestanden Gemaakt van 2014-01-13 to 2014-02-13 ))))))))))))))))))))))))))))))
                        .
                        .
                        2014-02-13 17:54 . 2014-02-13 17:54 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
                        2014-02-13 17:54 . 2014-02-13 17:54 -------- d-----w- c:\users\Default\AppData\Local\temp
                        2014-02-12 16:53 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E642C424-12E1-46BE-A7DC-E831B701F4C2}\mpengine.dll
                        2014-02-12 16:15 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
                        2014-02-12 16:15 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
                        2014-02-12 16:15 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
                        2014-02-12 16:15 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
                        2014-02-11 22:24 . 2014-02-11 23:09 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\TS3Client
                        2014-02-11 22:08 . 2014-02-11 22:15 -------- d-----w- C:\AdwCleaner
                        2014-02-11 19:12 . 2014-02-11 19:12 -------- d-----w- c:\users\peepke\AppData\Roaming\Malwarebytes
                        2014-02-11 19:11 . 2014-02-11 19:11 -------- d-----w- c:\programdata\Malwarebytes
                        2014-02-11 19:11 . 2014-02-11 19:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
                        2014-02-11 19:11 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
                        2014-02-11 16:02 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
                        2014-02-09 22:16 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                        2014-02-04 20:25 . 2014-02-04 20:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
                        2014-02-04 20:12 . 2014-02-04 20:12 -------- d-----w- c:\program files\Adobe
                        2014-02-04 20:10 . 2014-02-04 20:12 -------- d-----w- c:\program files\Common Files\Adobe
                        2014-02-04 20:09 . 2014-02-04 20:09 -------- d-----w- c:\program files (x86)\Adobe Media Player
                        2014-02-04 20:08 . 2014-02-04 20:08 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
                        2014-02-03 14:36 . 2014-02-03 14:36 -------- d-----w- c:\users\peepke\AppData\Roaming\IObit
                        2014-01-31 23:52 . 2014-01-31 23:52 -------- d-----w- c:\users\peepke\AppData\Local\Packages
                        2014-01-31 23:52 . 2014-02-11 19:20 -------- d-----w- c:\programdata\EEXECaheecckker
                        2014-01-31 23:52 . 2014-01-31 23:52 -------- d-----w- c:\programdata\diaplgmappeemkimmbhndinhjojnckja
                        2014-01-27 19:32 . 2014-01-27 19:32 -------- d-----w- c:\program files\CCleaner
                        2014-01-26 10:35 . 2014-01-26 10:35 -------- d-----w- c:\programdata\McAfee
                        2014-01-24 12:58 . 2014-01-27 14:30 -------- d-----w- c:\programdata\deal2Dealit
                        2014-01-24 12:58 . 2014-01-24 12:58 -------- d-----w- c:\programdata\beloplebiejaibjpebocalkaphiaomin
                        2014-01-24 12:57 . 2014-01-31 23:52 -------- d-----w- c:\programdata\ea5a2f57c7a4469e
                        2014-01-24 12:57 . 2014-01-24 12:57 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Packages
                        2014-01-24 06:30 . 2013-10-19 08:16 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F3DCADD0-B034-4FFD-99A3-04E2603A5CA1}\gapaengine.dll
                        2014-01-15 13:37 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
                        2014-01-15 13:37 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
                        2014-01-15 13:37 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
                        2014-01-15 13:37 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
                        2014-01-15 13:37 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
                        2014-01-15 13:37 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
                        2014-01-15 13:37 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
                        2014-01-15 13:37 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
                        2014-01-15 13:37 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
                        .
                        .
                        .
                        ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        2014-01-26 10:35 . 2013-03-10 11:06 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                        2014-01-26 10:35 . 2013-03-10 11:06 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                        2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
                        2014-01-15 22:44 . 2013-01-15 16:09 86054176 ----a-w- c:\windows\system32\MRT.exe
                        2014-01-13 20:33 . 2014-01-13 20:33 70776 ----a-w- c:\windows\system32\VtSrdAPO.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 388096 ----a-w- c:\windows\system32\VMWRP64.DLL
                        2014-01-13 20:33 . 2014-01-13 20:33 33456 ----a-w- c:\windows\system32\drivers\VMfilt64.sys
                        2014-01-13 20:33 . 2014-01-13 20:33 2103040 ----a-w- c:\windows\system32\WavesGUILib64.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 1985024 ----a-w- c:\windows\system32\VMAPO264.DLL
                        2014-01-13 20:33 . 2014-01-13 20:33 1713664 ----a-w- c:\windows\SysWow64\VMAPO232.DLL
                        2014-01-13 20:33 . 2014-01-13 20:33 95352 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 884400 ----a-w- c:\windows\system32\VIASysFx.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 689840 ----a-w- c:\windows\system32\drivers\viahduaa.sys
                        2014-01-13 20:33 . 2014-01-13 20:33 3322368 ----a-w- c:\windows\system32\VIAPropPageExt.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 27768 ----a-w- c:\windows\system32\ViakaraokeSrv.exe
                        2014-01-13 20:33 . 2014-01-13 20:33 1845424 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 123512 ----a-w- c:\windows\system32\ViaKaraokePropPageExt.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 1161336 ----a-w- c:\windows\system32\ViaKaraokeApo.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 55416 ----a-w- c:\windows\system32\PropPageExt.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 27646720 ----a-w- c:\windows\system32\MaxxAudioVnA64.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 92280 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 663296 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 248952 ----a-w- c:\windows\system32\Dts2APO.dll
                        2014-01-13 20:33 . 2014-01-13 20:33 1013504 ----a-w- c:\windows\system32\MaxxAudioAPOShell64.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 9700224 ----a-w- c:\windows\SysWow64\nvcuda.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 9657464 ----a-w- c:\windows\SysWow64\nvopencl.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 882464 ----a-w- c:\windows\system32\NvIFR64.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 879392 ----a-w- c:\windows\system32\NvFBC64.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 852768 ----a-w- c:\windows\SysWow64\NvIFR.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 847648 ----a-w- c:\windows\SysWow64\NvFBC.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 30372640 ----a-w- c:\windows\system32\nvoglv64.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 2698272 ----a-w- c:\windows\SysWow64\nvapi.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 22960416 ----a-w- c:\windows\SysWow64\nvoglv32.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 1884448 ----a-w- c:\windows\system32\nvdispco6433221.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 18222008 ----a-w- c:\windows\system32\nvd3dumx.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 168616 ----a-w- c:\windows\system32\nvinitx.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 15877216 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 1511712 ----a-w- c:\windows\system32\nvdispgenco6433221.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 12645664 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
                        2013-12-19 20:33 . 2014-01-13 20:35 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 11605752 ----a-w- c:\windows\system32\nvcuda.dll
                        2013-12-19 20:33 . 2014-01-13 20:35 11554264 ----a-w- c:\windows\system32\nvopencl.dll
                        2013-12-19 20:33 . 2013-04-26 19:17 15230352 ----a-w- c:\windows\SysWow64\nvd3dum.dll
                        2013-12-19 20:33 . 2013-02-25 22:32 3071656 ----a-w- c:\windows\system32\nvapi64.dll
                        2013-12-19 20:33 . 2013-02-25 22:32 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
                        2013-12-19 20:33 . 2013-02-25 22:32 18310112 ----a-w- c:\windows\system32\nvwgf2umx.dll
                        2013-12-19 20:33 . 2012-12-04 20:18 61216 ----a-w- c:\windows\system32\OpenCL.dll
                        2013-12-19 20:33 . 2012-12-04 20:18 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
                        2013-12-19 18:53 . 2012-12-04 20:18 6671648 ----a-w- c:\windows\system32\nvcpl.dll
                        2013-12-19 18:53 . 2012-12-04 20:18 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
                        2013-12-19 18:53 . 2012-12-04 20:18 922912 ----a-w- c:\windows\system32\nvvsvc.exe
                        2013-12-19 18:53 . 2012-12-04 20:18 63776 ----a-w- c:\windows\system32\nvshext.dll
                        2013-12-19 18:53 . 2012-12-04 20:18 386336 ----a-w- c:\windows\system32\nvmctray.dll
                        2013-12-19 11:20 . 2013-12-19 11:20 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
                        2013-12-19 05:01 . 2012-12-04 20:18 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
                        2013-12-18 11:33 . 2013-12-18 11:33 65152 ----a-w- c:\windows\system32\drivers\EtronHub3.sys
                        2013-12-18 11:33 . 2012-01-06 08:59 88576 ----a-w- c:\windows\system32\drivers\EtronXHCI.sys
                        2013-12-18 11:33 . 2013-12-18 11:33 64624 ----a-w- c:\windows\system32\drivers\HECIx64.sys
                        2013-12-18 11:32 . 2013-12-18 11:32 1510176 ----a-w- c:\windows\system32\nvhdagenco64.dll
                        2013-12-18 11:31 . 2013-12-18 11:31 28928 ----a-w- c:\windows\system32\drivers\Lycosa.sys
                        2013-12-18 11:27 . 2013-12-18 11:27 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
                        2013-12-18 11:27 . 2013-12-18 11:27 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
                        2013-12-10 02:15 . 2014-01-13 20:39 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
                        2013-12-10 02:14 . 2014-01-13 20:39 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
                        2013-12-05 08:42 . 2014-01-13 20:35 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
                        2013-12-05 08:42 . 2014-01-13 20:35 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
                        2013-12-05 08:42 . 2014-01-13 20:35 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
                        2013-11-28 13:38 . 2014-01-13 20:35 31520 ----a-w- c:\windows\system32\nvhdap64.dll
                        2013-11-28 13:38 . 2014-01-13 20:35 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
                        2013-11-24 22:46 . 2013-11-24 22:46 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
                        2013-11-24 22:46 . 2013-11-24 22:46 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
                        2013-11-24 22:46 . 2013-11-24 22:46 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
                        2013-11-24 22:46 . 2013-11-24 22:46 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 337408 ----a-w- c:\windows\SysWow64\html.iec
                        2013-11-24 22:46 . 2013-11-24 22:46 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 235008 ----a-w- c:\windows\system32\elshyph.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 182272 ----a-w- c:\windows\SysWow64\msls31.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
                        2013-11-24 22:46 . 2013-11-24 22:46 139264 ----a-w- c:\windows\SysWow64\wextract.exe
                        2013-11-24 22:46 . 2013-11-24 22:46 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 942592 ----a-w- c:\windows\system32\jsIntl.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
                        2013-11-24 22:46 . 2013-11-24 22:46 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
                        2013-11-24 22:46 . 2013-11-24 22:46 77312 ----a-w- c:\windows\system32\tdc.ocx
                        2013-11-24 22:46 . 2013-11-24 22:46 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
                        2013-11-24 22:46 . 2013-11-24 22:46 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
                        2013-11-24 22:46 . 2013-11-24 22:46 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
                        .
                        .
                        ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        .
                        *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                        REGEDIT4
                        .
                        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                        "LightShot"="c:\users\peepke\AppData\Local\Skillbrains\lightshot\LightShot.exe" [2013-09-27 226592]
                        "Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2013-10-02 2990304]
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                        "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-10-25 5299320]
                        "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
                        "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
                        "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
                        "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
                        "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                        "ConsentPromptBehaviorAdmin"= 0 (0x0)
                        "ConsentPromptBehaviorUser"= 3 (0x3)
                        "EnableLUA"= 0 (0x0)
                        "EnableUIADesktopToggle"= 0 (0x0)
                        "PromptOnSecureDesktop"= 0 (0x0)
                        .
                        [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
                        "LoadAppInit_DLLs"=1 (0x1)
                        .
                        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
                        @="Service"
                        .
                        R2 70e6ca8c;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
                        R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                        R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
                        R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                        R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleCh argerSrv.exe [x]
                        R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
                        R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
                        R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
                        R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
                        R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
                        R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
                        R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
                        R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
                        R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
                        R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                        R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
                        R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                        R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
                        S0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
                        S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYS NATIVE\Drivers\SmartDefragDriver.sys [x]
                        S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\ AppleCharger.sys [x]
                        S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
                        S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
                        S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
                        S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
                        S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
                        S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
                        S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
                        S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                        S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
                        S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
                        S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
                        S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
                        S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
                        S3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
                        S3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
                        S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
                        S3 Lycosa;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys;c:\windows\SYSNATIVE\drivers\Lycosa.sys [x]
                        S3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
                        S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
                        S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys;c:\windows\SYSNATIVE\drivers\CM10864.sys [x]
                        S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
                        .
                        .
                        --- Andere Services/Drivers In Geheugen ---
                        .
                        *NewlyCreated* - WS2IFSL
                        .
                        [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                        2013-12-04 21:29 1211344 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.41\Installer\chrmstp.exe
                        .
                        Inhoud van de 'Gedeelde Taken' map
                        .
                        2014-02-13 c:\windows\Tasks\Adobe Flash Player Updater.job
                        - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-10 10:35]
                        .
                        2014-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                        - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-09 15:06]
                        .
                        2014-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                        - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-09 15:06]
                        .
                        2014-02-13 c:\windows\Tasks\update-S-1-5-21-2821540343-4027598627-2607681465-1000.job
                        - c:\program files (x86)\Skillbrains\Updater\Updater.exe [2013-05-20 11:37]
                        .
                        2014-02-13 c:\windows\Tasks\update-sys.job
                        - c:\program files (x86)\Skillbrains\Updater\Updater.exe [2013-05-20 11:37]
                        .
                        .
                        --------- X64 Entries -----------
                        .
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                        "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-10-25 5299320]
                        "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
                        "Cm108Sound"="c:\windows\Syswow64\cm108.dll" [2010-10-13 8757248]
                        "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
                        "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
                        "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
                        "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
                        .
                        ------- Bijkomende Scan -------
                        .
                        uLocal Page = c:\windows\system32\blank.htm
                        uStart Page = https://www.google.nl/
                        mLocal Page = c:\windows\SysWOW64\blank.htm
                        IE: &Verzenden naar OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
                        IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
                        Trusted Zone: clonewarsadventures.com
                        Trusted Zone: freerealms.com
                        Trusted Zone: soe.com
                        Trusted Zone: sony.com
                        TCP: DhcpNameServer = 192.168.1.1
                        FF - ProfilePath -
                        .
                        - - - - ORPHANS VERWIJDERD - - - -
                        .
                        HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
                        BHO-{A1A4EE12-B7E8-93C0-A7A6-1567DBC85250} - (no file)
                        AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2729449 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2737019 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2789642 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2804576 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2835393 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2840628 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2840628v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2858302v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2898855v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2901110v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
                        .
                        .
                        .
                        --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                        @Denied: (A 2) (Everyone)
                        @="FlashBroker"
                        "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe,-101"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                        "Enabled"=dword:00000001
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                        @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                        @Denied: (A 2) (Everyone)
                        @="IFlashBroker5"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                        @="{00020424-0000-0000-C000-000000000046}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                        "Version"="1.0"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                        @Denied: (A 2) (Everyone)
                        @="FlashBroker"
                        "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe,-101"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                        "Enabled"=dword:00000001
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                        @Denied: (A 2) (Everyone)
                        @="Shockwave Flash Object"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
                        "ThreadingModel"="Apartment"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                        @="0"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                        @="ShockwaveFlash.ShockwaveFlash.11"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                        @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                        @="1.0"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                        @="ShockwaveFlash.ShockwaveFlash"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                        @Denied: (A 2) (Everyone)
                        @="Macromedia Flash Factory Object"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
                        "ThreadingModel"="Apartment"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                        @="FlashFactory.FlashFactory.1"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                        @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                        @="1.0"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                        @="FlashFactory.FlashFactory"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                        @Denied: (A 2) (Everyone)
                        @="IFlashBroker5"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                        @="{00020424-0000-0000-C000-000000000046}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                        "Version"="1.0"
                        .
                        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                        @Denied: (Full) (Everyone)
                        .
                        ------------------------ Andere Aktieve Processen ------------------------
                        .
                        c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
                        c:\windows\SysWOW64\rundll32.exe
                        c:\users\peepke\AppData\Local\Skillbrains\lightshot\4.4.2.10\LightShot.exe
                        c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                        c:\windows\SysWOW64\PnkBstrA.exe
                        .
                        **************************************************************************
                        .
                        Voltooingstijd: 2014-02-13 18:59:18 - machine werd herstart
                        ComboFix-quarantined-files.txt 2014-02-13 17:59
                        .
                        Pre-Run: 72.108.109.824 bytes beschikbaar
                        Post-Run: 71.807.549.440 bytes beschikbaar
                        .
                        - - End Of File - - E9553DBB38F9862FDAAA11257AA4CE68
                        A36C5E4F47E84449FF07ED3517B43A31

                        Comment


                        • #13
                          Mag ik een verse DDS log aub?
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            DDS (Ver_2012-11-20.01) - NTFS_AMD64
                            Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.51.2
                            Run by peepke at 12:46:44 on 2014-02-14
                            Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4058.2345 [GMT 1:00]
                            .
                            AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
                            SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                            SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
                            .
                            ============== Running Processes ===============
                            .
                            C:\Windows\system32\lsm.exe
                            C:\Windows\system32\svchost.exe -k DcomLaunch
                            C:\Windows\system32\nvvsvc.exe
                            C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
                            C:\Windows\system32\svchost.exe -k RPCSS
                            C:\Program Files\Microsoft Security Client\MsMpEng.exe
                            C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                            C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                            C:\Windows\system32\svchost.exe -k LocalService
                            C:\Windows\system32\svchost.exe -k netsvcs
                            C:\Windows\system32\svchost.exe -k GPSvcGroup
                            C:\Windows\system32\svchost.exe -k NetworkService
                            C:\Windows\System32\spoolsv.exe
                            C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                            C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                            C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                            C:\Windows\system32\nvvsvc.exe
                            C:\Windows\system32\taskhost.exe
                            C:\Windows\system32\Dwm.exe
                            C:\Windows\Explorer.EXE
                            C:\Windows\system32\taskeng.exe
                            C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
                            C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
                            C:\Program Files\Microsoft Security Client\msseces.exe
                            C:\Windows\SysWOW64\rundll32.exe
                            C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
                            C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
                            C:\Users\peepke\AppData\Local\Skillbrains\lightshot\4.4.2.10\LightShot.exe
                            C:\Program Files (x86)\Gyazo\GyStation.exe
                            C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
                            C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
                            C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                            C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
                            C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
                            C:\Program Files\Intel\iCLS Client\HeciServer.exe
                            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
                            C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
                            C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
                            C:\Windows\SysWOW64\PnkBstrA.exe
                            C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
                            C:\Windows\system32\viakaraokesrv.exe
                            C:\Windows\system32\rundll32.exe
                            C:\Windows\system32\SearchIndexer.exe
                            C:\Program Files\Microsoft Security Client\NisSrv.exe
                            C:\Windows\System32\WUDFHost.exe
                            C:\Program Files\Windows Media Player\wmpnetwk.exe
                            C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                            C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
                            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                            C:\Windows\system32\wbem\wmiprvse.exe
                            C:\Windows\System32\cscript.exe
                            .
                            ============== Pseudo HJT Report ===============
                            .
                            uStart Page = hxxps://www.google.nl/
                            BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
                            BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
                            BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
                            BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
                            uRun: [LightShot] C:\Users\peepke\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
                            uRun: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
                            mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
                            mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
                            mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                            mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
                            mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
                            mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
                            uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
                            uPolicies-Explorer: NoDrives = dword:0
                            mPolicies-Explorer: NoDrives = dword:0
                            mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
                            mPolicies-System: ConsentPromptBehaviorUser = dword:3
                            mPolicies-System: EnableLUA = dword:0
                            mPolicies-System: EnableUIADesktopToggle = dword:0
                            mPolicies-System: PromptOnSecureDesktop = dword:0
                            IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
                            IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
                            IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
                            IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
                            IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
                            .
                            INFO: HKCU has more than 50 listed domains.
                            If you wish to scan all of them, select the 'Force scan all domains' option.
                            .
                            DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - hxxp://www.chat-united.nl/controls/msnchat45.cab
                            TCP: NameServer = 192.168.1.1
                            TCP: Interfaces\{641F54E9-2BB3-4A4C-BD56-A29DD6D8EF5A} : DHCPNameServer = 192.168.1.1
                            Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
                            Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
                            Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
                            SSODL: WebCheck - <orphaned>
                            SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
                            mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.41\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
                            x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
                            x64-BHO: {A1A4EE12-B7E8-93C0-A7A6-1567DBC85250} - <orphaned>
                            x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
                            x64-Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
                            x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
                            x64-Run: [Cm108Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
                            x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
                            x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
                            x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
                            x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
                            x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
                            x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
                            x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
                            x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
                            x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
                            x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
                            x64-SSODL: WebCheck - <orphaned>
                            x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
                            .
                            ================= FIREFOX ===================
                            .
                            FF - ProfilePath - C:\Users\peepke\AppData\Roaming\Mozilla\Firefox\Profiles\soh60myg.default\
                            FF - prefs.js: browser.search.selectedEngine - Google
                            FF - prefs.js: browser.startup.homepage - www.google.nl
                            FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
                            FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
                            FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
                            FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
                            FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
                            FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
                            FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
                            FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
                            FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
                            FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
                            FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
                            FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
                            FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
                            FF - plugin: C:\Users\peepke\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
                            FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_165.dll
                            FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_170.dll
                            FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_50.dll
                            .
                            ============= SERVICES / DRIVERS ===============
                            .
                            R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;C:\Windows\System32\drivers\iusb3hcs.sys [2012-12-4 16152]
                            R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
                            R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-12-18 17720]
                            R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-12-4 21616]
                            R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-1-3 1363616]
                            R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-1-3 1748640]
                            R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
                            R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-12-4 161560]
                            R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 134944]
                            R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-13 1494304]
                            R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-13 15129376]
                            R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
                            R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-2-2 4915040]
                            R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-12-4 363800]
                            R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2014-1-13 27768]
                            R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-12-18 65152]
                            R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2012-1-6 88576]
                            R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;C:\Windows\System32\drivers\iusb3hub.sys [2012-12-4 356120]
                            R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;C:\Windows\System32\drivers\iusb3xhc.sys [2012-12-4 787736]
                            R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-12-4 104560]
                            R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
                            R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-13 39200]
                            R3 USBPNPA;USB PnP Sound Device Interface;C:\Windows\System32\drivers\CM10864.sys [2013-5-25 1310720]
                            R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2014-1-13 689840]
                            S2 70e6ca8c;Optimizer Pro Crash Monitor;C:\Windows\System32\rundll32.exe [2009-7-14 45568]
                            S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
                            S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
                            S2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
                            S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
                            S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
                            S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-11-23 49152]
                            S3 etdrv;etdrv;C:\Windows\etdrv.sys [2012-12-4 25640]
                            S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-12-4 30528]
                            S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-12-4 160256]
                            S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-13 111616]
                            S3 Lycosa;Lycosa Keyboard;C:\Windows\System32\drivers\Lycosa.sys [2013-12-18 28928]
                            S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
                            S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-15 19456]
                            S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
                            S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-15 57856]
                            S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-15 30208]
                            S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-6 1255736]
                            S4 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-3-9 574272]
                            .
                            =============== Created Last 30 ================
                            .
                            2014-02-13 18:07:11 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{083B2B5A-0A97-45D8-8697-E5ACF76828E1}\mpengine.dll
                            2014-02-13 17:56:22 -------- d-----w- C:\$RECYCLE.BIN
                            2014-02-13 17:49:23 98816 ----a-w- C:\Windows\sed.exe
                            2014-02-13 17:49:23 256000 ----a-w- C:\Windows\PEV.exe
                            2014-02-13 17:49:23 208896 ----a-w- C:\Windows\MBR.exe
                            2014-02-12 16:53:34 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
                            2014-02-12 16:15:42 3928064 ----a-w- C:\Windows\System32\d2d1.dll
                            2014-02-12 16:15:42 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
                            2014-02-12 16:15:42 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
                            2014-02-12 16:15:42 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
                            2014-02-11 22:08:15 -------- d-----w- C:\AdwCleaner
                            2014-02-11 19:12:18 -------- d-----w- C:\Users\peepke\AppData\Roaming\Malwarebytes
                            2014-02-11 19:11:54 -------- d-----w- C:\ProgramData\Malwarebytes
                            2014-02-11 19:11:52 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
                            2014-02-11 19:11:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
                            2014-02-09 22:16:00 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                            2014-02-04 20:25:42 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
                            2014-02-03 14:36:15 -------- d-----w- C:\Users\peepke\AppData\Roaming\IObit
                            2014-01-31 23:52:37 -------- d-----w- C:\Users\peepke\AppData\Local\Packages
                            2014-01-31 23:52:36 -------- d-----w- C:\ProgramData\EEXECaheecckker
                            2014-01-31 23:52:34 -------- d-----w- C:\ProgramData\diaplgmappeemkimmbhndinhjojnckja
                            2014-01-27 19:32:18 -------- d-----w- C:\Program Files\CCleaner
                            2014-01-24 12:58:02 -------- d-----w- C:\ProgramData\deal2Dealit
                            2014-01-24 12:58:02 -------- d-----w- C:\ProgramData\beloplebiejaibjpebocalkaphiaomin
                            2014-01-24 12:57:50 -------- d-----w- C:\ProgramData\ea5a2f57c7a4469e
                            2014-01-24 06:30:37 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F3DCADD0-B034-4FFD-99A3-04E2603A5CA1}\gapaengine.dll
                            2014-01-15 13:37:32 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
                            2014-01-15 13:37:32 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
                            2014-01-15 13:37:31 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
                            2014-01-15 13:37:31 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
                            2014-01-15 13:37:31 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
                            2014-01-15 13:37:31 3156480 ----a-w- C:\Windows\System32\win32k.sys
                            2014-01-15 13:37:31 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
                            2014-01-15 13:37:31 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
                            2014-01-15 13:37:30 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
                            .
                            ==================== Find3M ====================
                            .
                            2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
                            2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
                            2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
                            2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
                            2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
                            2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
                            2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
                            2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                            2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
                            2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
                            2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
                            2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
                            2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
                            2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
                            2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
                            2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
                            2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                            2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
                            2014-01-26 10:35:43 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                            2014-01-26 10:35:43 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                            2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe
                            2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
                            2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
                            2013-12-19 18:53:46 6671648 ----a-w- C:\Windows\System32\nvcpl.dll
                            2013-12-19 18:53:46 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll
                            2013-12-19 18:53:44 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
                            2013-12-19 18:53:44 63776 ----a-w- C:\Windows\System32\nvshext.dll
                            2013-12-19 18:53:44 386336 ----a-w- C:\Windows\System32\nvmctray.dll
                            2013-12-19 11:20:22 590112 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
                            2013-12-19 05:01:48 3539040 ----a-w- C:\Windows\System32\nvcoproc.bin
                            2013-12-18 11:33:38 88576 ----a-w- C:\Windows\System32\drivers\EtronXHCI.sys
                            2013-12-18 11:33:38 65152 ----a-w- C:\Windows\System32\drivers\EtronHub3.sys
                            2013-12-18 11:33:30 64624 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
                            2013-12-18 11:32:17 1510176 ----a-w- C:\Windows\System32\nvhdagenco64.dll
                            2013-12-18 11:31:50 28928 ----a-w- C:\Windows\System32\drivers\Lycosa.sys
                            2013-12-18 11:27:45 1884448 ----a-w- C:\Windows\System32\nvdispco6433182.dll
                            2013-12-18 11:27:45 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433182.dll
                            2013-12-10 02:15:06 982232 ----a-w- C:\Windows\SysWow64\nvspcap.dll
                            2013-12-10 02:14:54 1100248 ----a-w- C:\Windows\System32\nvspcap64.dll
                            2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll
                            2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll
                            2013-12-06 02:02:08 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
                            2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
                            2013-12-05 08:42:30 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
                            2013-12-05 08:42:26 35104 ----a-w- C:\Windows\System32\nvaudcap64v.dll
                            2013-12-05 08:42:26 32544 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
                            2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll
                            2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
                            2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll
                            2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll
                            2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll
                            2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
                            2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe
                            2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
                            2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
                            2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
                            2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
                            2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll
                            2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
                            2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
                            2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
                            2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe
                            2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe
                            2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
                            2013-11-28 13:38:22 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
                            2013-11-28 13:38:18 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
                            2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
                            2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
                            2013-11-22 08:36:08 1515296 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
                            .
                            ============= FINISH: 12:47:31,00 ===============

                            Comment


                            • #15
                              Schakel je beveiligingssoftware uit.

                              Note: Dit script is speciaal bedoeld voor deze PC,
                              gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.


                              Open een kladblokbestand.
                              Kopieer het onderstaande en plak dit in het kladblokbestand.
                              Sla het kladblokbestand op als CFScript.txt
                              Code:
                              KillAll::
                              ClearJavaCache::
                              Folder::
                              C:\ProgramData\EEXECaheecckker
                              C:\ProgramData\diaplgmappeemkimmbhndinhjojnckja
                              C:\ProgramData\beloplebiejaibjpebocalkaphiaomin
                              C:\ProgramData\deal2Dealit
                              C:\ProgramData\ea5a2f57c7a4469e
                              Sleep nu het bestand CFScript.txt in het bestand ComboFix.exe



                              ComboFix zal opnieuw starten.
                              Als Combofix vraagt om een update, dan staat je dit toe.

                              Wanneer ComboFix klaar is, dit kan na een herstart zijn, opent er een logfile. Post de inhoud van de logfile.

                              Maak een nieuwe DDS log en post deze ook.
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X