Mededeling

Collapse
No announcement yet.

Ernstige malware-infectie

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Ernstige malware-infectie

    Hoi,

    deze laptop staat vol met hardnekkige rotprogramma's die zich voordoen als diskcleaner, registry cleaners en dat soort troep. Voorbeelden : Optimizer Pro, Registry Helper, UniBlue Speedupmypc, etc. Ik krijg ontzettend hardnekkige popups en ze zijn natuurlijk niet zomaar te verwijderen door ze te deïnstalleren. Ik ben hier al vaker geweest dus ben bekend met het protocol. Ik heb de stappen alvast gevolgd en zal hieronder de logjes posten. Wel een opmerking bij MBAM : Het is een hele andere versie als de laatste keer dat ik hem gebruikt heb, en jullie instructies m.b.t. het gebruiken ervan zijn niet helemaal meer up to date (je krijgt bv. niet meer de kans om infecties na het scannen te verwijderen, maar alleen om ze in quarantaine te zetten) tenzij dat hetzelfde is maar dat lijkt me sterk want eerst kon je beide dingen kiezen.

    Ok om één of andere godvergeten reden kan ik de MBAM en DDS logs niet voluit posten dus die heb ik toegevoegd als attachment, en de GMER log kan ik juist weer niet als attachment toevoegen... dit is echt hekserij

    GMER log
    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-06-26 11:03:54
    Windows 6.0.6000 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 OCZ-AGILITY3 rev.2.25 55,90GB
    Running: 4vtjw3dp.exe; Driver: C:\Users\Acer\AppData\Local\Temp\uxldaaob.sys


    ---- Devices - GMER 2.1 ----

    AttachedDevice \Driver\tdx \Device\Tcp {4bbc3b2f-4023-460e-8404-cfddb6e4477d}t.sys
    AttachedDevice \Driver\tdx \Device\Tcp tStLibG.sys
    AttachedDevice \Driver\tdx \Device\Udp {4bbc3b2f-4023-460e-8404-cfddb6e4477d}t.sys
    AttachedDevice \Driver\tdx \Device\Udp tStLibG.sys

    ---- Processes - GMER 2.1 ----

    Process (*** hidden *** ) [4] 82B234B8

    ---- EOF - GMER 2.1 ----




    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 26-6-2014
    Scantijd: 10:36:48
    Logbestand: mbamlog.txt
    Beheerder: Ja

    Versie: 2.00.2.1012
    Malwaredatabase: v2014.06.26.02
    Rootkitdatabase: v2014.06.23.02
    Licentie: Gratis
    Malwarebescherming: Uitgeschakeld
    Kwaadaardige Website Bescherming: Uitgeschakeld
    Self-protection: Uitgeschakeld

    Besturingssysteem: Windows Vista
    Processor: x86
    Bestandssysteem: NTFS
    Gebruiker: Acer

    Scantype: Bedreigingsscan
    Resultaat: Voltooid
    Objecten Gescand: 254649
    Verstreken Tijd: 4 m, 48 s

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Uitgeschakeld
    Heuristics: Ingeschakeld
    POP: Waarschuwen
    POA: Ingeschakeld

    Processen: 17
    PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\VOsrv.exe, 4144, , [1bef81fcd9a2e155b45dd8d653afa45c]
    PUP.Optional.WpManager.A, C:\ProgramData\WPM\wprotectmanager.exe, 1848, , [7694ea93324996a06967b93cfa099868]
    PUP.Optional.Wajam.A, C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 4308, , [a26888f506758ea88974721f55ad28d8]
    PUP.Optional.Wajam.A, C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe, 4164, , [a26888f506758ea88974721f55ad28d8]
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\Lrcnta.exe, 1120, , [de2c0578b1ca7eb80ffc09898181b24e]
    PUP.Optional.SaveSense, C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe, 2112, , [e92139442e4d2313791e2370a260b947]
    PUP.Optional.WeatherAlerts, C:\Users\Acer\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe, 2876, , [c1497508245757dfbc9c177d3dc59e62]
    PUP.Optional.WeatherAlerts, C:\Users\Acer\AppData\Local\WeatherAlerts\WeatherAlerts.exe, 2892, , [c1497508245757dfbc9c177d3dc59e62]
    PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, 1612, , [6f9bc9b491ea0f2713d80490e220c43c]
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bservice.exe, 2732, , [0505bac32952b97d97c05e380bf715eb]
    PUP.Optional.Bench.A, C:\Program Files\Bench\Wd\wd.exe, 2744, , [fc0e235a6813e551540491055fa329d7]
    PUP.Optional.BlockAndSurf.A, C:\Program Files\BlockAndSurfS\BlockAndSurf.exe, 2832, , [e723fd802952fc3aedc96831c141be42]
    PUP.Optional.BlockAndSurf.A, C:\Program Files\BlockAndSurfS\BlockAndSurfA.exe, 2320, , [e723fd802952fc3aedc96831c141be42]
    Adware.EoRezo, C:\Users\Acer\AppData\Local\fst_nl_53\upfst_nl_53.exe, 2156, , [61a9720b9edddc5a8a055f3c34ced22e]
    Adware.EoRezo, C:\Program Files\fst_nl_53\fst_nl_53.exe, 2724, , [cc3eb8c51d5e1224abe7bbe039c94ab6]
    PUP.Optional.Bench.A, C:\Program Files\Bench\Proxy\pwdg.exe, 2752, , [e02ab5c842392f07ae4aecb350b2b64a]
    PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\PluginService.exe, 1704, , [e9213a43f78482b4f626a4046e948977]

    Modules: 44
    PUP.Optional.Wajam.A, C:\Program Files\Wajam\Wajam Internet Enhancer\FiddlerCore.dll, , [a26888f506758ea88974721f55ad28d8],
    PUP.Optional.Wajam.A, C:\Program Files\Wajam\Wajam Internet Enhancer\Newtonsoft.Json.dll, , [a26888f506758ea88974721f55ad28d8],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\lrcnt.dll, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\sppsm.dll, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\srut.dll, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SaveSense, C:\Program Files\SaveSenseLive\Update\1.3.23.0\goopdate.dll, , [e92139442e4d2313791e2370a260b947],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.BlockAndSurf.A, C:\Program Files\BlockAndSurfS\BlockAndSurfPH173.dll, , [e723fd802952fc3aedc96831c141be42],

    Registersleutels: 10
    PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{06D01E72-64CF-E704-3C56-448FAFB6B2EE}, , [6d9ddca14a312e08211a4f00669b5aa6],
    PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{06D01E72-64CF-E704-3C56-448FAFB6B2EE}, , [6d9ddca14a312e08211a4f00669b5aa6],
    PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\FuNi2uSave.FuNi2uSave, , [6d9ddca14a312e08211a4f00669b5aa6],
    PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\FuNi2uSave.FuNi2uSave.4.5, , [6d9ddca14a312e08211a4f00669b5aa6],
    PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{06D01E72-64CF-E704-3C56-448FAFB6B2EE}, , [6d9ddca14a312e08211a4f00669b5aa6],
    PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{06D01E72-64CF-E704-3C56-448FAFB6B2EE}\INPROCSERVER32, , [6d9ddca14a312e08211a4f00669b5aa6],
    PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}, , [62a8423b34479f9797a46de268995fa1],
    PUP.Optional.SaveSense.A, HKLM\SOFTWARE\SaveSenseLive, , [ba50b1cc80fb4fe74ed3ba3a0bf88d73],
    PUP.Optional.Wajam.A, HKLM\SOFTWARE\Wajam, , [e228324bb4c7f44216d7c33cd033966a],
    PUP.Optional.Yula.A, HKLM\SOFTWARE\Yula, , [49c1e697fc7fcf673972249a34ceae52],

    Registerwaardes: 1
    Adware.EoRezo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|upfst_nl_53.exe, C:\Users\Acer\AppData\Local\fst_nl_53\upfst_nl_53.exe -runonce, , [61a9720b9edddc5a8a055f3c34ced22e]

    Registerdata: 0
    (No malicious items detected)

    Mappen: 104
    PUP.Optional.Updater, C:\Users\Acer\AppData\Roaming\DigitalSites\UpdateProc, , [da30aad3750643f3580d537c09f9db25],
    PUP.Optional.Wajam.A, C:\Program Files\Wajam, , [a26888f506758ea88974721f55ad28d8],
    PUP.Optional.Wajam.A, C:\Program Files\Wajam\Wajam Internet Enhancer, , [a26888f506758ea88974721f55ad28d8],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SaveSense, C:\Program Files\SaveSenseLive, , [e92139442e4d2313791e2370a260b947],
    PUP.Optional.SaveSense, C:\Program Files\SaveSenseLive\Update, , [e92139442e4d2313791e2370a260b947],
    PUP.Optional.SaveSense, C:\Program Files\SaveSenseLive\Update\1.3.23.0, , [e92139442e4d2313791e2370a260b947],
    PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive, , [0109f8857b000e28ecacdbb8d230b54b],
    PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update, , [0109f8857b000e28ecacdbb8d230b54b],
    PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log, , [0109f8857b000e28ecacdbb8d230b54b],
    PUP.Optional.WeatherAlerts, C:\Users\Acer\AppData\Local\WeatherAlerts, , [c1497508245757dfbc9c177d3dc59e62],
    PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, , [6f9bc9b491ea0f2713d80490e220c43c],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\Wd, , [fc0e235a6813e551540491055fa329d7],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce, , [32d85d20fe7d03330fdb8414b84a2dd3],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce\1.26.129_0, , [32d85d20fe7d03330fdb8414b84a2dd3],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce\1.26.129_0\extensionData, , [32d85d20fe7d03330fdb8414b84a2dd3],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce\1.26.129_0\extensionData\userCode, , [32d85d20fe7d03330fdb8414b84a2dd3],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce\1.26.129_0\icons, , [32d85d20fe7d03330fdb8414b84a2dd3],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce\1.26.129_0\icons\actions, , [32d85d20fe7d03330fdb8414b84a2dd3],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce\1.26.129_0\js, , [32d85d20fe7d03330fdb8414b84a2dd3],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce\1.26.129_0\js\api, , [32d85d20fe7d03330fdb8414b84a2dd3],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce\1.26.129_0\js\lib, , [32d85d20fe7d03330fdb8414b84a2dd3],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce\1.26.129_0\js\lib\popupResource, , [32d85d20fe7d03330fdb8414b84a2dd3],
    PUP.Optional.BlockAndSurf.A, C:\Program Files\BlockAndSurfS, , [e723fd802952fc3aedc96831c141be42],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iobhlofholalpkgbeoeobhckdmfpcpce, , [65a5126b780366d08779f7a350b250b0],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_iobhlofholalpkgbeoeobhckdmfpcpce_0, , [87835d20205b95a13bc6297109f96c94],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0, , [7d8d364795e689ade02b14865ba7ce32],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba, , [eb1f89f4d5a6b97d3adbc8d2e61c2fd1],
    PUP.Optional.SimilarSites.A, C:\Users\Acer\AppData\Roaming\SimilarSites, , [a66459244a31ce68d14fd2c89e642cd4],
    PUP.Optional.SiteFinder.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\[email protected], , [0ffbbbc22e4d6fc732f19bff55ad8080],
    PUP.Optional.SiteFinder.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\[email protected]\chrome, , [0ffbbbc22e4d6fc732f19bff55ad8080],
    PUP.Optional.SiteFinder.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\[email protected]\chrome\content, , [0ffbbbc22e4d6fc732f19bff55ad8080],
    PUP.Optional.SiteFinder.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\[email protected]\chrome\locale, , [0ffbbbc22e4d6fc732f19bff55ad8080],
    PUP.Optional.SiteFinder.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\[email protected]\chrome\locale\en-US, , [0ffbbbc22e4d6fc732f19bff55ad8080],
    PUP.Optional.SiteFinder.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\[email protected]\chrome\skin, , [0ffbbbc22e4d6fc732f19bff55ad8080],
    PUP.Optional.SiteFinder.A, C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\[email protected]\chrome\skin\classic, , [0ffbbbc22e4d6fc732f19bff55ad8080],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0, , [3ecc6914e2997fb778a46833e51d5ba5],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kfgaibfbmkjgmimhbbaikfnpkkjkpoan_0, , [9575bac31d5e86b0e03ed2c954aec23e],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam, , [ac5ed4a9e4972f07f12f6f2cad550cf4],
    PUP.Optional.CrossRider.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfgaibfbmkjgmimhbbaikfnpkkjkpoan, , [56b4532a4338092d99895c3fc33f0df3],
    Adware.EoRezo, C:\Users\Acer\AppData\Local\fst_nl_53, , [61a9720b9edddc5a8a055f3c34ced22e],
    Adware.EoRezo, C:\Users\Acer\AppData\Local\fst_nl_53\Download, , [61a9720b9edddc5a8a055f3c34ced22e],
    Adware.EoRezo, C:\Users\Acer\AppData\Local\fst_nl_53\fst_nl_53, , [61a9720b9edddc5a8a055f3c34ced22e],
    Adware.EoRezo, C:\Users\Acer\AppData\Local\fst_nl_53\fst_nl_53\1.10, , [61a9720b9edddc5a8a055f3c34ced22e],
    Adware.EoRezo, C:\Program Files\fst_nl_53, , [cc3eb8c51d5e1224abe7bbe039c94ab6],
    PUP.Optional.Bench.A, C:\Program Files\Bench\Proxy, , [e02ab5c842392f07ae4aecb350b2b64a],
    PUP.Optional.CostMin.A, C:\ProgramData\CostMin, , [a6641c613a4170c6c994a9f7e41ec63a],
    PUP.Optional.DiscountDragon.A, C:\Users\Acer\AppData\Local\Discount Dragon, , [37d32e4fa1dae74fa51d247d50b2f20e],
    PUP.Optional.DiscountDragon.A, C:\Users\Acer\AppData\Local\Discount Dragon\firefox, , [37d32e4fa1dae74fa51d247d50b2f20e],
    PUP.Optional.DiscountDragon.A, C:\Users\Acer\AppData\Local\Discount Dragon\firefox\AppFramework, , [37d32e4fa1dae74fa51d247d50b2f20e],
    PUP.Optional.DiscountDragon.A, C:\Users\Acer\AppData\Local\Discount Dragon\firefox\assets, , [37d32e4fa1dae74fa51d247d50b2f20e],
    PUP.Optional.DiscountDragon.A, C:\Users\Acer\AppData\Local\Discount Dragon\firefox\CanvasFramework, , [37d32e4fa1dae74fa51d247d50b2f20e],
    PUP.Optional.DiscountDragon.A, C:\Users\Acer\AppData\Local\Discount Dragon\firefox\framework, , [37d32e4fa1dae74fa51d247d50b2f20e],
    PUP.Optional.DiscountDragon.A, C:\Users\Acer\AppData\Local\Discount Dragon\firefox\framework-ui, , [37d32e4fa1dae74fa51d247d50b2f20e],
    PUP.Optional.DiscountDragon.A, C:\Users\Acer\AppData\Local\Discount Dragon\firefox\icons, , [37d32e4fa1dae74fa51d247d50b2f20e],
    PUP.Optional.DiscountDragon.A, C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discount Dragon, , [2bdf710c1566fa3c4ffbffa71ee447b9],
    PUP.Optional.Costmin.A, C:\Program Files\CostMin, , [23e79de05724b6801fa8693e62a09769],
    PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [e9213a43f78482b4f626a4046e948977],
    PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [e9213a43f78482b4f626a4046e948977],
    PUP.Optional.SearchProtect.A, C:\Users\Acer\AppData\Local\SearchProtect, , [57b37508b8c376c0011c6a3ebd4520e0],
    PUP.Optional.SearchProtect.A, C:\Users\Acer\AppData\Local\SearchProtect\SearchProtect, , [57b37508b8c376c0011c6a3ebd4520e0],
    PUP.Optional.SearchProtect.A, C:\Users\Acer\AppData\Local\SearchProtect\SearchProtect\rep, , [57b37508b8c376c0011c6a3ebd4520e0],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\images, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\images, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\css, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\images, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\de, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\en, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\en_US, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\es, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\es_419, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-BE, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-CA, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-CH, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-LU, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\it-CH, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\ja, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\lt, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pl, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pt_BR, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pt_PT, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\ru, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\tr, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\vi, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\zh_CN, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\zh_TW, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.QuickSideBar.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_metadata, , [51b9d4a925562610ecd5beead2300000],
    PUP.Optional.Feven.A, C:\Program Files\Fraveen 1.4, , [35d50c718af152e4d30ba40412f0f20e],

    Bestanden: 36
    PUP.Optional.MultiPlug.A, C:\ProgramData\Fun22Save\x.dll, , [6d9ddca14a312e08211a4f00669b5aa6],
    PUP.Optional.MultiPlug.A, C:\ProgramData\Fun22Save\x.exe, , [62a8423b34479f9797a46de268995fa1],
    PUP.Optional.VOPackage.A, C:\Users\Acer\AppData\Roaming\VOPackage\VOsrv.exe, , [1bef81fcd9a2e155b45dd8d653afa45c],
    PUP.Optional.Updater, C:\Users\Acer\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe, , [da30aad3750643f3580d537c09f9db25],
    PUP.Optional.Updater, C:\Users\Acer\AppData\Roaming\DigitalSites\UpdateProc\STTL.DAT, , [da30aad3750643f3580d537c09f9db25],
    PUP.Optional.Updater, C:\Users\Acer\AppData\Roaming\DigitalSites\UpdateProc\TTL.DAT, , [da30aad3750643f3580d537c09f9db25],
    PUP.Optional.WpManager.A, C:\ProgramData\WPM\wprotectmanager.exe, , [7694ea93324996a06967b93cfa099868],
    PUP.Optional.Wajam.A, C:\Program Files\Wajam\Wajam Internet Enhancer\FiddlerCore.dll, , [a26888f506758ea88974721f55ad28d8],
    PUP.Optional.Wajam.A, C:\Program Files\Wajam\Wajam Internet Enhancer\Newtonsoft.Json.dll, , [a26888f506758ea88974721f55ad28d8],
    PUP.Optional.Wajam.A, C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, , [a26888f506758ea88974721f55ad28d8],
    PUP.Optional.Wajam.A, C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe, , [a26888f506758ea88974721f55ad28d8],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\lrcnt.dll, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\Lrcnta.exe, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\sppsm.dll, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SmartBar.A, C:\Users\Acer\AppData\Local\Smartbar\Application\srut.dll, , [de2c0578b1ca7eb80ffc09898181b24e],
    PUP.Optional.SaveSense, C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe, , [e92139442e4d2313791e2370a260b947],
    PUP.Optional.SaveSense, C:\Program Files\SaveSenseLive\Update\1.3.23.0\goopdate.dll, , [e92139442e4d2313791e2370a260b947],
    PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log\SaveSenseLive.log, , [0109f8857b000e28ecacdbb8d230b54b],
    PUP.Optional.WeatherAlerts, C:\Users\Acer\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe, , [c1497508245757dfbc9c177d3dc59e62],
    PUP.Optional.WeatherAlerts, C:\Users\Acer\AppData\Local\WeatherAlerts\WeatherAlerts.exe, , [c1497508245757dfbc9c177d3dc59e62],
    PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, , [6f9bc9b491ea0f2713d80490e220c43c],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bhelper.dll, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\BService\1.1\bservice.exe, , [0505bac32952b97d97c05e380bf715eb],
    PUP.Optional.Bench.A, C:\Program Files\Bench\Wd\wd.exe, , [fc0e235a6813e551540491055fa329d7],
    PUP.Optional.BlockAndSurf.A, C:\Program Files\BlockAndSurfS\BlockAndSurf.exe, , [e723fd802952fc3aedc96831c141be42],
    PUP.Optional.BlockAndSurf.A, C:\Program Files\BlockAndSurfS\BlockAndSurfA.exe, , [e723fd802952fc3aedc96831c141be42],
    PUP.Optional.BlockAndSurf.A, C:\Program Files\BlockAndSurfS\BlockAndSurfPH173.dll, , [e723fd802952fc3aedc96831c141be42],
    PUP.Optional.BlockAndSurf.A, C:\Program Files\BlockAndSurfS\BlockAndSurfPH173.exe, , [e723fd802952fc3aedc96831c141be42],
    Adware.EoRezo, C:\Users\Acer\AppData\Local\fst_nl_53\upfst_nl_53.exe, , [61a9720b9edddc5a8a055f3c34ced22e],
    Adware.EoRezo, C:\Users\Acer\AppData\Local\fst_nl_53\fst_nl_53\1.10\cnf.cyl, , [61a9720b9edddc5a8a055f3c34ced22e],
    Adware.EoRezo, C:\Program Files\fst_nl_53\fst_nl_53.exe, , [cc3eb8c51d5e1224abe7bbe039c94ab6],
    PUP.Optional.Bench.A, C:\Program Files\Bench\Proxy\pwdg.exe, , [e02ab5c842392f07ae4aecb350b2b64a],
    PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\PluginService.exe, , [e9213a43f78482b4f626a4046e948977],
    PUP.Optional.Trovi.A, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Preferences, Goed: (), Slecht: ( "search_url": "http://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M40CCA49D-17F4-4B41-B219-281349ABA86D&SearchSource=58&CUI=&UM=5&UP=SP90522A02-A5D2-4649-B521-3ECE4EA7E9B4&q={searchTerms}&SSPV=SP215B_sp_ch",), ,[c743334a09729a9c0ef27343f50f54ac]

    Fysieke Sectoren: 0
    (No malicious items detected)


    (end)

  • #2
    DDS (Ver_2012-11-05.02) - NTFS_x86
    Internet Explorer: 7.0.6000.16386
    Run by Acer at 10:50:29 on 2014-06-26
    Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.31.1043.18.1014.141 [GMT 2:00]
    .
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Desk 365\deskSvc.exe
    C:\ProgramData\IePluginService\PluginService.exe
    C:\ProgramData\IePluginServices\PluginService.exe
    C:\Windows\system32\WLANExt.exe
    C:\Program Files\WinZipper\winzipersvc.exe
    C:\ProgramData\WPM\wprotectmanager.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
    C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe
    C:\Users\Acer\AppData\Local\fst_nl_53\upfst_nl_53.exe
    C:\Program Files\BlockAndSurfS\BlockAndSurfA.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
    C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
    C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
    C:\Program Files\Mobogenie\DaemonProcess.exe
    C:\Program Files\Update Software\ntvmon32.exe
    C:\Program Files\Update Software\winclient32.exe
    C:\Program Files\Registry Helper\RegistryHelper.exe
    C:\Program Files\fst_nl_53\fst_nl_53.exe
    C:\Program Files\Bench\BService\1.1\bservice.exe
    C:\Program Files\Bench\Wd\wd.exe
    C:\Program Files\Bench\Proxy\pwdg.exe
    C:\Program Files\Desk 365\desk365.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\BlockAndSurfS\BlockAndSurf.exe
    C:\Program Files\Software Updater\SoftwareUpdater.exe
    C:\Users\Acer\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe
    C:\Program Files\MyPC Backup\MyPC Backup.exe
    C:\Users\Acer\AppData\Local\WeatherAlerts\WeatherAlerts.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Optimizer Pro\OptProReminder.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\MyPC Backup\BackupStack.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\LPT\srpts.exe
    C:\Program Files\Mobogenie\MgAssist.exe
    C:\Program Files\Registry Helper\RegistryHelperService.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\LPT\srptsl.exe
    C:\Users\Acer\AppData\Roaming\VOPackage\VOsrv.exe
    C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Optimizer Pro\OptimizerPro.exe
    C:\Users\Acer\AppData\Local\Smartbar\Application\Lrcnta.exe
    C:\Program Files\Yula\updateYulasee.exe
    C:\Program Files\Yula\bin\utilYulasee.exe
    C:\Users\Acer\AppData\Local\LPT\srptm.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Yula\bin\Yulasee.PurBrowse.exe
    C:\Users\Acer\Desktop\Defogger.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    C:\Windows\system32\wbem\WmiApSrv.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\RacAgent.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com
    uSearch Page = hxxp://www.google.com
    uDefault_Page_URL = www.google.com
    uDefault_Search_URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=OCZ-AGILITY3_OCZ-13TDOZ35F9T99G65&ts=1393453133&type=default&q={searchTerms}
    mStart Page = www.google.com
    mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394972675&from=adks&uid=OCZ-AGILITY3_OCZ-13TDOZ35F9T99G65&q={searchTerms}
    mDefault_Page_URL = www.google.com
    mDefault_Search_URL = hxxp://www.google.com
    uProxyOverride = <-loopback>
    uSearchAssistant = hxxp://www.google.com
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    uRun: [Optimizer Pro] c:\program files\optimizer pro\OptProLauncher.exe
    mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [LogitechCommunicationsManager] "c:\program files\common files\logitech\lcommgr\Communications_Helper.exe"
    mRun: [AcerOrbicamRibbon] "c:\program files\acer\orbicam10\OrbiCam.exe" /hide
    mRun: [LVCOMSX] "c:\program files\common files\logitech\lcommgr\LVComSX.exe"
    mRun: [mobilegeni daemon] c:\program files\mobogenie\DaemonProcess.exe
    mRun: [Windows DLL Host Monitor] c:\program files\update software\ntvmon32.exe
    mRun: [Windows Client Manager] c:\program files\update software\winclient32.exe
    mRun: [Windows X64 Service Manager] c:\program files\flashnow updater\flsysio.exe
    mRun: [Registry Helper] "c:\program files\registry helper\RegistryHelper.Exe" /boot
    mRun: [Windows Update Manager] c:\program files\javalive! manager\jvsystem32.exe
    mRunOnce: [upfst_nl_53.exe] c:\users\acer\appdata\local\fst_nl_53\upfst_nl_53.exe -runonce
    StartupFolder: c:\users\acer\appdata\roaming\micros~1\windows\startm~1\programs\startup\mypcba~1.lnk - c:\program files\mypc backup\MyPC Backup.exe
    mPolicies-System: EnableLUA = dword:0
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001051-0002-0051-ABCDEFFEDCBC} - <orphaned>
    TCP: NameServer = 213.46.228.196 62.179.104.196
    TCP: Interfaces\{64BC5B85-F2F2-4A4C-943A-A372A10C10E6} : DHCPNameServer = 213.46.228.196 62.179.104.196
    TCP: Interfaces\{847E5936-8D65-44F5-AA70-FACBCECC2D92} : DHCPNameServer = 192.168.1.1
    Notify: igfxcui - igfxdev.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\35.0.1916.153\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    Hosts: 54.225.95.126 nikdaiaidiiiogaidkkekcmokcgcdeac
    ============= SERVICES / DRIVERS ===============
    .
    R1 {4bbc3b2f-4023-460e-8404-cfddb6e4477d}t;{4bbc3b2f-4023-460e-8404-cfddb6e4477d}t;c:\windows\system32\drivers\{4bbc3b2f-4023-460e-8404-cfddb6e4477d}t.sys [2014-6-6 55216]
    R1 tStLibG;tStLibG;c:\windows\system32\drivers\tStLibG.sys [2014-2-19 55224]
    R2 BackupStack;Computer Backup (MyPC Backup);c:\program files\mypc backup\BackupStack.exe [2014-3-14 36392]
    R2 ca82e1a5;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe [2006-11-2 44544]
    R2 MgAssistService;MgAssist Service;c:\program files\mobogenie\MgAssist.exe [2014-2-7 70848]
    R2 Registry Helper Service;Registry Helper Service;c:\program files\registry helper\RegistryHelperService.exe [2014-1-26 84328]
    R2 winzipersvc;WinZiper service;c:\program files\winzipper\winzipersvc.exe [2014-2-27 425104]
    R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2014-2-3 847392]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-6-26 110296]
    R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
    RUnknown 40030ae4;40030ae4; [x]
    RUnknown desksvc;desksvc; [x]
    RUnknown IePluginService;IePluginService; [x]
    RUnknown IePluginServices;IePluginServices; [x]
    RUnknown LPTSystemUpdater;LPTSystemUpdater; [x]
    RUnknown Update Yula;Update Yula; [x]
    RUnknown Util Yula;Util Yula; [x]
    RUnknown vosr;vosr; [x]
    RUnknown Wajam Internet Enhancer Service;Wajam Internet Enhancer Service; [x]
    RUnknown Wpm;Wpm; [x]
    S2 globalUpdate;globalUpdate Update Service (globalUpdate);c:\program files\globalupdate\update\GoogleUpdate.exe [2014-6-19 68608]
    S3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files\globalupdate\update\GoogleUpdate.exe [2014-6-19 68608]
    SUnknown BlockAndSurf;BlockAndSurf; [x]
    SUnknown savesenselive;savesenselive; [x]
    SUnknown savesenselivem;savesenselivem; [x]
    SUnknown spdfrmon;spdfrmon; [x]
    .
    =============== Created Last 30 ================
    .
    2014-06-26 08:36:19 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-06-26 08:36:09 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-06-26 08:36:09 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
    2014-06-26 08:36:06 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
    2014-06-26 08:35:11 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
    2014-06-26 08:35:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2014-06-26 08:15:58 -------- d-----w- c:\users\acer\appdata\roaming\Desk 365
    2014-06-26 07:30:33 -------- d-----w- c:\programdata\Fun22Save
    2014-06-26 07:09:00 -------- d-----w- c:\users\acer\appdata\roaming\Malwarebytes
    2014-06-26 07:08:40 -------- d-----w- c:\programdata\Malwarebytes
    2014-06-20 12:00:11 -------- d-----w- c:\users\acer\appdata\local\Discount Dragon
    2014-06-20 12:00:11 -------- d-----w- c:\program files\Bench
    2014-06-20 08:49:33 -------- d-----w- c:\users\acer\appdata\local\SearchProtect
    2014-06-19 20:50:58 -------- d-----w- c:\program files\Uninstaller
    2014-06-19 20:48:41 -------- d-----w- c:\program files\LPT
    2014-06-19 20:48:35 -------- d-----w- c:\users\acer\appdata\roaming\Uniblue
    2014-06-19 20:48:35 -------- d-----w- c:\program files\Uniblue
    2014-06-19 18:26:57 6010880 ----a-w- c:\program files\GUTC609.tmp
    2014-06-19 18:26:57 -------- d-----w- c:\program files\GUMC5AB.tmp
    2014-06-16 08:06:01 -------- d-----w- c:\program files\BlockAndSurfS
    2014-06-15 14:05:02 830792 ----a-w- c:\users\acer\appdata\local\nse62EA.tmp
    2014-06-15 14:05:00 -------- d-----w- c:\program files\AnyProtectEx
    2014-06-15 12:53:46 -------- d-----w- c:\program files\JavaLive! Manager
    2014-06-15 12:53:34 -------- d-----w- c:\users\acer\appdata\roaming\VOPackage
    2014-06-15 12:52:38 -------- d-----w- c:\program files\Wajam
    2014-06-15 12:51:39 -------- d-----w- c:\program files\SearchProtect
    2014-06-12 11:20:53 -------- d-----w- c:\users\acer\appdata\roaming\337Games
    2014-06-12 11:20:52 -------- d-----w- c:\programdata\IePluginServices
    2014-06-06 19:02:20 -------- d-----w- c:\users\acer\appdata\roaming\Optimizer Pro
    2014-06-06 18:58:05 -------- d-----w- c:\programdata\Registry Helper
    2014-06-06 18:57:29 -------- d-----w- c:\program files\Registry Helper
    2014-06-06 18:56:56 -------- d-----w- c:\program files\Optimizer Pro
    2014-06-06 17:04:05 55216 ----a-w- c:\windows\system32\drivers\{4bbc3b2f-4023-460e-8404-cfddb6e4477d}t.sys
    2014-06-06 16:00:16 -------- d-----w- c:\program files\FlashNow Updater
    2014-06-06 15:59:20 -------- d-----w- c:\program files\Yula
    2014-06-06 15:59:07 -------- d-----w- c:\users\acer\appdata\local\WeatherAlerts
    2014-06-03 07:03:35 -------- d-----w- c:\users\acer\appdata\roaming\WinZip
    2014-06-03 07:03:33 -------- d-----w- c:\program files\WinZip Driver Updater
    .
    ==================== Find3M ====================
    .
    2014-06-15 14:50:33 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2014-06-15 14:50:33 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2014-06-04 07:43:58 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2014-03-31 07:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe
    .
    ============= FINISH: 10:50:47,02 ===============
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Ik zal hier later op de dag naar kijken, want blijkbaar is er dus iets aan de hand met de hosting van ons forum.

      Ik wil alvast kwijt dat ik zie dat je de items in MBAM niet geslecteerd hebt voor verwijdering?

      Start MBAM
      Klik bovenin het scherm van Malwarebytes Anti-Malware op Scan.
      Kies in het scherm voor de bedreigingsscan en klik vervolgens op de knop Scan nu.
      Voor het scannen wordt er altijd eerst automatisch gecontroleerd of er updates van de virusdefinities beschikbaar zijn, indien er een update beschikbaar is, moet je deze eerst laten installeren.

      Wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.
      Selecteer om allen in quarantaine te plaatsen.
      Bij de melding dat uw computer opnieuw opgestart moet worden klikt u op Ja.

      Na herstart van de PC, indien Malwarebytes heeft gevraagd om de PC opnieuw op te starten, open Malwarebytes opnieuw.
      Klik de Historie knop bovenaan in het menu.
      Klik vervolgens op de optie programmalogboeken en selecteer het Scanlogboek wat u wilt exporteren. Dit is de laatste scan die je hebt gedaan (kan je zien aan de datum en tijd).
      Selecteer deze om te bekijken.
      In een nieuw venster dat zal openen zal je de resultaten van je scan zien.
      Onderaan, selecteer ofwel om te exporteren als tekstbestand en geef het tekstbestand een naam, bijvoorbeeld mbamlog.
      Ofwel kan je selecteren om te kopieren naar het klembord, zodat de inhoud van de log naar je klembord wordt gekopieerd en je die zo in je volgende post kan plakken.
      Last edited by Emphyrio; 26-06-14, 11:37.
      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

      Comment


      • #4
        Hoi,

        hieronder een nieuw mbam logje :

        Malwarebytes Anti-Malware
        www.malwarebytes.org

        Scandatum: 26-6-2014
        Scantijd: 13:50:46
        Logbestand:
        Beheerder: Ja

        Versie: 2.00.2.1012
        Malwaredatabase: v2014.06.26.03
        Rootkitdatabase: v2014.06.23.02
        Licentie: Gratis
        Malwarebescherming: Uitgeschakeld
        Kwaadaardige Website Bescherming: Uitgeschakeld
        Self-protection: Uitgeschakeld

        Besturingssysteem: Windows Vista
        Processor: x86
        Bestandssysteem: NTFS
        Gebruiker: Acer

        Scantype: Bedreigingsscan
        Resultaat: Voltooid
        Objecten Gescand: 252881
        Verstreken Tijd: 4 m, 33 s

        Geheugen: Ingeschakeld
        Opstarten: Ingeschakeld
        Bestandssysteem: Ingeschakeld
        Archieven: Ingeschakeld
        Rootkits: Uitgeschakeld
        Heuristics: Ingeschakeld
        POP: Waarschuwen
        POA: Ingeschakeld

        Processen: 0
        (No malicious items detected)

        Modules: 0
        (No malicious items detected)

        Registersleutels: 0
        (No malicious items detected)

        Registerwaardes: 0
        (No malicious items detected)

        Registerdata: 0
        (No malicious items detected)

        Mappen: 4
        PUP.Optional.SearchProtect.A, C:\Users\Acer\AppData\Local\SearchProtect, In Quarantaine, [9576c4b95f1cd16574ce15937f831ee2],
        PUP.Optional.SearchProtect.A, C:\Users\Acer\AppData\Local\SearchProtect\SearchProtect, In Quarantaine, [9576c4b95f1cd16574ce15937f831ee2],
        PUP.Optional.SearchProtect.A, C:\Users\Acer\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantaine, [9576c4b95f1cd16574ce15937f831ee2],
        PUP.Optional.Feven.A, C:\Program Files\Fraveen 1.4, In Quarantaine, [45c69ce118636fc74ab93277837f7e82],

        Bestanden: 0
        (No malicious items detected)

        Fysieke Sectoren: 0
        (No malicious items detected)


        (end)

        Comment


        • #5
          Prima

          Download AdwCleaner by Xplode naar je Bureaublad.
          • Sluit alle openstaande vensters
          • Start AdwCleaner
          • Klik op Scannen
          • Klik op Verwijderen
          • KLIK HIER voor een vergroting! 

          Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
          Je PC word opnieuw opgestart en er een opent een logfile (C:\ AdwCleaner\AdwCleaner[xx].txt
          Post deze inhoud hier op het Forum.

          Enkel de log na de "Verwijderen" optie heb ik nodig.

          Vergeet niet om je "smileys" uit te schakelen.

          Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in.
          Deze word standaard door AdwCleaner terug gezet naar Google.com
          ___________________________________________________________
          Download of Update Ccleaner

          Start CCleaner op.
          • Run Ccleaner en klik in de linkse kolom op Opties
          • Selecteer het tabblad Geavanceerd
          • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
          • Selecteer het tabblad Instellingen
          • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
          • Klik in de linkse kolom op Cleaner.
          • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
          • Klik vervolgens in de linkse kolom op Register
          • Klik op Scan naar problemen.
          • Op de vraag of je een backup wil maken van het register, klik je "Ja".
          • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

          ___________________________________________________________
          Download Security Check op je bureaublad via hier of hier

          Start Security Check
          Volg de Instructies in het scherm
          Aan het eind verschijnt een log ( checkup.txt )
          Plaats de inhoud ervan in je volgende antwoord.


          In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
          .
          • MBAM
          • AdwCleaner
          • DDS.txt en attached.txt (deze laatste als bijlage)
          • checkup.txt

          .

          Emphyrio
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            Hoi, bedankt voor de snelle reactie! Hieronder de logs :

            MBAM
            Malwarebytes Anti-Malware
            www.malwarebytes.org

            Scandatum: 26-6-2014
            Scantijd: 15:01:38
            Logbestand:
            Beheerder: Ja

            Versie: 2.00.2.1012
            Malwaredatabase: v2014.06.26.04
            Rootkitdatabase: v2014.06.23.02
            Licentie: Gratis
            Malwarebescherming: Uitgeschakeld
            Kwaadaardige Website Bescherming: Uitgeschakeld
            Self-protection: Uitgeschakeld

            Besturingssysteem: Windows Vista
            Processor: x86
            Bestandssysteem: NTFS
            Gebruiker: Acer

            Scantype: Bedreigingsscan
            Resultaat: Voltooid
            Objecten Gescand: 251457
            Verstreken Tijd: 5 m, 5 s

            Geheugen: Ingeschakeld
            Opstarten: Ingeschakeld
            Bestandssysteem: Ingeschakeld
            Archieven: Ingeschakeld
            Rootkits: Uitgeschakeld
            Heuristics: Ingeschakeld
            POP: Waarschuwen
            POA: Ingeschakeld

            Processen: 0
            (No malicious items detected)

            Modules: 0
            (No malicious items detected)

            Registersleutels: 0
            (No malicious items detected)

            Registerwaardes: 0
            (No malicious items detected)

            Registerdata: 0
            (No malicious items detected)

            Mappen: 0
            (No malicious items detected)

            Bestanden: 0
            (No malicious items detected)

            Fysieke Sectoren: 0
            (No malicious items detected)


            (end)



            AdwCleaner
            # AdwCleaner v3.213 - Rapport aangemaakt 26/06/2014 op 14:50:42
            # Laatste Update 23/06/2014 door Xplode
            # Besturingssysteem : Windows Vista (TM) Home Premium (32 bits)
            # Gebruikersnaam : Acer - PC_VAN_ACER
            # Gestart vanuit : C:\Users\Acer\Desktop\adwcleaner_3.213.exe
            # Optie : Verwijderen

            ***** [ Services ] *****

            Service Verwijderd : BackupStack
            Service Verwijderd : ca82e1a5
            [#] Service Verwijderd : globalUpdate
            [#] Service Verwijderd : globalUpdatem
            Service Verwijderd : MgAssistService
            Service Verwijderd : Registry Helper Service
            [#] Service Verwijderd : tStLibG
            Service Verwijderd : winzipersvc

            ***** [ Bestanden / Mappen ] *****

            Map Verwijderd : C:\ProgramData\PC Optimizer Pro
            Map Verwijderd : C:\ProgramData\Registry Helper
            Map Verwijderd : C:\ProgramData\WPM
            Map Verwijderd : C:\ProgramData\Fun22Save
            Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
            Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
            Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Helper
            Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Retro PC Calculator
            Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Updater
            Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
            Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
            Map Verwijderd : C:\Program Files\AnyProtectEx
            Map Verwijderd : C:\Program Files\Bench
            Map Verwijderd : C:\Program Files\Desk 365
            Map Verwijderd : C:\Program Files\globalUpdate
            Map Verwijderd : C:\Program Files\GrabRez
            Map Verwijderd : C:\Program Files\LPT
            Map Verwijderd : C:\Program Files\Mobogenie
            Map Verwijderd : C:\Program Files\MyPC Backup
            Map Verwijderd : C:\Program Files\openit
            Map Verwijderd : C:\Program Files\Optimizer Pro
            Map Verwijderd : C:\Program Files\PC Optimizer Pro
            Map Verwijderd : C:\Program Files\Registry Helper
            Map Verwijderd : C:\Program Files\Retro PC Calculator
            Map Verwijderd : C:\Program Files\SearchProtect
            Map Verwijderd : C:\Program Files\SimilarSites
            Map Verwijderd : C:\Program Files\Software Updater
            Map Verwijderd : C:\Program Files\SpeedItup Free
            Map Verwijderd : C:\Program Files\supporter
            Map Verwijderd : C:\Program Files\Uniblue
            Map Verwijderd : C:\Program Files\Uninstaller
            Map Verwijderd : C:\Program Files\WinZipper
            Map Verwijderd : C:\Program Files\Common Files\337
            Map Verwijderd : C:\Users\Acer\AppData\Local\Chromatic Browser
            Map Verwijderd : C:\Users\Acer\AppData\Local\genienext
            Map Verwijderd : C:\Users\Acer\AppData\Local\globalUpdate
            Map Verwijderd : C:\Users\Acer\AppData\Local\LPT
            Map Verwijderd : C:\Users\Acer\AppData\Local\Mobogenie
            Map Verwijderd : C:\Users\Acer\AppData\Local\torch
            Map Verwijderd : C:\Users\Acer\AppData\Local\Temp\Smartbar
            Map Verwijderd : C:\Users\Acer\AppData\LocalLow\buenosearch LTD
            Map Verwijderd : C:\Users\Acer\AppData\LocalLow\Smartbar
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\337Games
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\Desk 365
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\DigitalSites
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\Optimizer Pro
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\SupTab
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\sweet-page
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\Systweak
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\Uniblue
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\VOPackage
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\WinZipper
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\337Games
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
            Map Verwijderd : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
            Map Verwijderd : C:\Users\Acer\Documents\Mobogenie
            Map Verwijderd : C:\Users\Acer\Documents\Optimizer Pro
            Map Verwijderd : C:\Users\Administrator\AppData\Local\Chromatic Browser
            Map Verwijderd : C:\Users\Administrator\AppData\Local\torch
            Map Verwijderd : C:\Users\Gast\AppData\Local\Chromatic Browser
            Map Verwijderd : C:\Users\Gast\AppData\Local\torch
            Map Verwijderd : C:\Users\Public\Documents\ShopperPro
            Bestand Verwijderd : C:\Users\Public\Desktop\Registry Helper.lnk
            Bestand Verwijderd : C:\Windows\system32\drivers\tStLibG.sys
            Bestand Verwijderd : C:\Windows\system32\RegistryHelperLM.ocx
            Bestand Verwijderd : C:\Windows\system32\roboot.exe
            Bestand Verwijderd : C:\Users\Acer\daemonprocess.txt
            Bestand Verwijderd : C:\Users\Acer\AppData\Roaming\aps.scan.quick.results
            Bestand Verwijderd : C:\Users\Acer\AppData\Roaming\aps.scan.results
            Bestand Verwijderd : C:\Users\Acer\AppData\Roaming\aps.uninstall.scan.results
            Bestand Verwijderd : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
            Bestand Verwijderd : C:\Users\Acer\Desktop\AnyProtect.lnk
            Bestand Verwijderd : C:\Users\Acer\Desktop\Continue VuuPC Installation.lnk
            Bestand Verwijderd : C:\Users\Acer\Desktop\MyPC Backup.lnk
            Bestand Verwijderd : C:\Users\Acer\Desktop\Optimizer Pro.lnk
            Bestand Verwijderd : C:\Users\Acer\Desktop\Sync Folder.lnk
            Bestand Verwijderd : C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\searchplugins\bingp.xml
            Bestand Verwijderd : C:\Windows\Tasks\APSnotifierPP1.job
            Bestand Verwijderd : C:\Windows\System32\Tasks\APSnotifierPP1
            Bestand Verwijderd : C:\Windows\Tasks\APSnotifierPP2.job
            Bestand Verwijderd : C:\Windows\System32\Tasks\APSnotifierPP2
            Bestand Verwijderd : C:\Windows\Tasks\APSnotifierPP3.job
            Bestand Verwijderd : C:\Windows\System32\Tasks\APSnotifierPP3
            Bestand Verwijderd : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
            Bestand Verwijderd : C:\Windows\Tasks\Digital Sites.job
            Bestand Verwijderd : C:\Windows\System32\Tasks\Digital Sites
            Bestand Verwijderd : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
            Bestand Verwijderd : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
            Bestand Verwijderd : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
            Bestand Verwijderd : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
            Bestand Verwijderd : C:\Windows\Tasks\SaveSense.job
            Bestand Verwijderd : C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
            Bestand Verwijderd : C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
            Bestand Verwijderd : C:\Windows\Tasks\SpeedUpMyPC Startup.job
            Bestand Verwijderd : C:\Windows\System32\Tasks\SpeedUpMyPC Startup

            ***** [ Snelkoppelingen ] *****

            Snelkoppeling Gedesinfecteerd : C:\Users\Public\Desktop\Google Chrome.lnk
            Snelkoppeling Gedesinfecteerd : C:\Users\Acer\Desktop\Search.lnk
            Snelkoppeling Gedesinfecteerd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
            Snelkoppeling Gedesinfecteerd : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
            Snelkoppeling Gedesinfecteerd : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
            Snelkoppeling Gedesinfecteerd : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
            Snelkoppeling Gedesinfecteerd : C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
            Snelkoppeling Gedesinfecteerd : C:\Users\Acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Search.lnk

            ***** [ Register ] *****

            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1CA7534-834C-4954-818E-98B1289B450D}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1CA7534-834C-4954-818E-98B1289B450D}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF559487-04A3-4941-8C19-90061B25C4C4}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF559487-04A3-4941-8C19-90061B25C4C4}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C2402B1-6B4D-45C8-89A8-FCC61F3DA14B}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C2402B1-6B4D-45C8-89A8-FCC61F3DA14B}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE33718A-EE89-4471-A75B-DDA2850AF4F1}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE33718A-EE89-4471-A75B-DDA2850AF4F1}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B9DE6235-369A-4CF6-917B-C43B8DDBDCBC}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9DE6235-369A-4CF6-917B-C43B8DDBDCBC}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4068283B-B61A-4B34-AA72-5ABE53DC6DCC}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4068283B-B61A-4B34-AA72-5ABE53DC6DCC}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{864A7D03-4301-4A74-BD9D-68F2954FE64B}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{864A7D03-4301-4A74-BD9D-68F2954FE64B}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FA31409-D64B-407A-9A38-32F4965C81DB}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FA31409-D64B-407A-9A38-32F4965C81DB}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D605F24A-C993-4AAE-A260-92AA73567293}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D605F24A-C993-4AAE-A260-92AA73567293}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B99DF60E-B6BC-408C-AD43-A918595E4C12}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B99DF60E-B6BC-408C-AD43-A918595E4C12}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A53AF6C2-4081-4378-B7EA-4363B4404027}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A53AF6C2-4081-4378-B7EA-4363B4404027}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25A9CF21-7B7B-4DEA-A922-7027B249B4A3}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25A9CF21-7B7B-4DEA-A922-7027B249B4A3}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7920CEF-04D8-49E3-AD94-55F9D973A56F}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD0F42E4-B9D1-4155-B739-D9C4F5F3E48F}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7920CEF-04D8-49E3-AD94-55F9D973A56F}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD0F42E4-B9D1-4155-B739-D9C4F5F3E48F}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{248CF314-0E1A-4B2E-938A-C2061EA3DDA2}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{248CF314-0E1A-4B2E-938A-C2061EA3DDA2}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B27A6CD-F707-40B4-913F-F886E8AD3519}
            [#] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B27A6CD-F707-40B4-913F-F886E8AD3519}
            Waarde Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escort.DLL
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\speedupmypc
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
            Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
            Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Registry Helper]
            Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
            Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
            Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
            Sleutel Verwijderd : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{40030ae4}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E6772887-C1E1-405E-94BB-D8760A1CF8DF}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
            Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
            Sleutel Verwijderd : HKCU\Software\AnyProtect
            Sleutel Verwijderd : HKCU\Software\dsiteproducts
            Sleutel Verwijderd : HKCU\Software\FreeSoftToday
            Sleutel Verwijderd : HKCU\Software\GOffers
            Sleutel Verwijderd : HKCU\Software\Optimizer Pro
            Sleutel Verwijderd : HKCU\Software\pc optimizer pro
            Sleutel Verwijderd : HKCU\Software\RegisteredApplicationsEx
            Sleutel Verwijderd : HKCU\Software\SoftwareUpdater
            Sleutel Verwijderd : HKCU\Software\systweak
            Sleutel Verwijderd : HKCU\Software\Tutorials
            Sleutel Verwijderd : HKCU\Software\TutoTag
            Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
            Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\blockAndSurf
            Sleutel Verwijderd : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
            Sleutel Verwijderd : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
            Sleutel Verwijderd : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
            Sleutel Verwijderd : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
            Sleutel Verwijderd : HKLM\Software\delta-homesSoftware
            Sleutel Verwijderd : HKLM\Software\Desksvc
            Sleutel Verwijderd : HKLM\Software\hdcode
            Sleutel Verwijderd : HKLM\Software\IePlugin
            Sleutel Verwijderd : HKLM\Software\Registry Helper
            Sleutel Verwijderd : HKLM\Software\SupDp
            Sleutel Verwijderd : HKLM\Software\SupTab
            Sleutel Verwijderd : HKLM\Software\supWPM
            Sleutel Verwijderd : HKLM\Software\systweak
            Sleutel Verwijderd : HKLM\Software\TENCENT
            Sleutel Verwijderd : HKLM\Software\Tutorials
            Sleutel Verwijderd : HKLM\Software\Uniblue
            Sleutel Verwijderd : HKLM\Software\V9
            Sleutel Verwijderd : HKLM\Software\winzipersvc
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry Helper
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Software Updater_is1
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstaller
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2F5F003B-C71B-72E3-42B4-DE51AB079EB2}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AnyProtect
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\awesomehp uninstaller
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\buenosearch
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Desk 365
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Digital Sites
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DMUninstaller
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IePlugins
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mobogenie
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\openit open it!
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Registry Helper
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SaveSense
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Software Updater_is1
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SupTab
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\sweet-page uninstaller
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VOPackage
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\winzipper
            Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
            Sleutel Verwijderd : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38D D4

            ***** [ Browsers ] *****

            -\\ Internet Explorer v7.0.6000.16386

            Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
            Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
            Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

            -\\ Mozilla Firefox v

            [ Bestand : C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\prefs.js ]

            Regel verwijderd : user_pref("accessibility.lightning.homepage", "hxxp://www.sweet-page.com/?type=hp&ts=1393280185&from=cor&uid=OCZ-AGILITY3_OCZ-13TDOZ35F9T99G65");
            Regel verwijderd : user_pref("browser.search.defaultenginename", "awesomehp");

            -\\ Google Chrome v35.0.1916.153

            [ Bestand : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\preferences ]

            Verwijderd [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3319709&octid=EB_ORIGINAL_CTID&ISID=M40CCA49D-17F4-4B41-B219-281349ABA86D&SearchSource=58&CUI=&UM=5&UP=SP90522A02-A5D2-4649-B521-3ECE4EA7E9B4&q={searchTerms}&SSPV=SP215B_sp_ch

            *************************

            AdwCleaner[R0].txt - [26157 octets] - [26/06/2014 14:48:38]
            AdwCleaner[S0].txt - [24259 octets] - [26/06/2014 14:50:42]

            ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24320 octets] ##########




            DDS
            DDS (Ver_2012-11-05.02) - NTFS_x86
            Internet Explorer: 7.0.6000.16386
            Run by Acer at 15:08:40 on 2014-06-26
            Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.31.1043.18.1014.404 [GMT 2:00]
            .
            .
            ============== Running Processes ================
            .
            C:\Windows\system32\wininit.exe
            C:\Windows\system32\lsm.exe
            C:\Windows\system32\SLsvc.exe
            C:\Windows\System32\spoolsv.exe
            C:\Windows\system32\Dwm.exe
            C:\Windows\system32\taskeng.exe
            C:\Windows\Explorer.EXE
            C:\Windows\system32\WLANExt.exe
            C:\Program Files\Windows Defender\MSASCui.exe
            C:\Windows\System32\igfxtray.exe
            C:\Windows\System32\hkcmd.exe
            C:\Windows\System32\igfxpers.exe
            C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
            C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
            C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
            C:\Program Files\JavaLive! Manager\jvsystem32.exe
            C:\Program Files\Windows Media Player\wmpnscfg.exe
            C:\Windows\system32\igfxsrvc.exe
            C:\Windows\system32\taskeng.exe
            C:\Windows\system32\NOTEPAD.EXE
            C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
            C:\Program Files\Intel\WiFi\bin\EvtEng.exe
            C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
            C:\Windows\system32\SearchIndexer.exe
            C:\Windows\system32\DRIVERS\xaudio.exe
            C:\Program Files\Windows Media Player\wmpnetwk.exe
            C:\Windows\system32\wbem\wmiprvse.exe
            C:\Windows\system32\conime.exe
            C:\Windows\system32\notepad.exe
            C:\Windows\system32\taskeng.exe
            C:\Windows\servicing\TrustedInstaller.exe
            C:\Windows\system32\wbem\wmiprvse.exe
            C:\Windows\system32\DllHost.exe
            C:\Windows\system32\svchost.exe -k DcomLaunch
            C:\Windows\system32\svchost.exe -k rpcss
            C:\Windows\System32\svchost.exe -k secsvcs
            C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
            C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
            C:\Windows\system32\svchost.exe -k netsvcs
            C:\Windows\system32\svchost.exe -k LocalService
            C:\Windows\system32\svchost.exe -k NetworkService
            C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
            C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
            C:\Windows\system32\svchost.exe -k imgsvc
            C:\Windows\System32\svchost.exe -k WerSvcGroup
            .
            ============== Pseudo HJT Report ===============
            .
            uStart Page = hxxp://www.google.com
            uSearch Bar = hxxp://www.google.com
            uSearch Page = hxxp://www.google.com
            uDefault_Page_URL = www.google.com
            uDefault_Search_URL = hxxp://www.google.com
            mStart Page = www.google.com
            mSearch Page = hxxp://www.google.com
            mDefault_Page_URL = www.google.com
            mDefault_Search_URL = hxxp://www.google.com
            uProxyOverride = <-loopback>
            uSearchAssistant = hxxp://www.google.com
            BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
            BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
            uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
            mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
            mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
            mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
            mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
            mRun: [Persistence] c:\windows\system32\igfxpers.exe
            mRun: [LogitechCommunicationsManager] "c:\program files\common files\logitech\lcommgr\Communications_Helper.exe"
            mRun: [AcerOrbicamRibbon] "c:\program files\acer\orbicam10\OrbiCam.exe" /hide
            mRun: [LVCOMSX] "c:\program files\common files\logitech\lcommgr\LVComSX.exe"
            mRun: [Windows DLL Host Monitor] c:\program files\update software\ntvmon32.exe
            mRun: [Windows Client Manager] c:\program files\update software\winclient32.exe
            mRun: [Windows X64 Service Manager] c:\program files\flashnow updater\flsysio.exe
            mRun: [Windows Update Manager] c:\program files\javalive! manager\jvsystem32.exe
            mPolicies-System: EnableLUA = dword:0
            IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001051-0002-0051-ABCDEFFEDCBC} - <orphaned>
            TCP: NameServer = 213.46.228.196 62.179.104.196
            TCP: Interfaces\{64BC5B85-F2F2-4A4C-943A-A372A10C10E6} : DHCPNameServer = 213.46.228.196 62.179.104.196
            TCP: Interfaces\{847E5936-8D65-44F5-AA70-FACBCECC2D92} : DHCPNameServer = 192.168.1.1
            Notify: igfxcui - igfxdev.dll
            LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
            mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\35.0.1916.153\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
            Hosts: 54.225.95.126 nikdaiaidiiiogaidkkekcmokcgcdeac
            ============= SERVICES / DRIVERS ===============
            .
            R1 {4bbc3b2f-4023-460e-8404-cfddb6e4477d}t;{4bbc3b2f-4023-460e-8404-cfddb6e4477d}t;c:\windows\system32\drivers\{4bbc3b2f-4023-460e-8404-cfddb6e4477d}t.sys [2014-6-6 55216]
            R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2014-2-3 847392]
            R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
            .
            =============== Created Last 30 ================
            .
            2014-06-26 12:49:06 536576 ----a-w- c:\windows\system32\sqlite3.dll
            2014-06-26 12:48:33 -------- dc----w- C:\AdwCleaner
            2014-06-26 08:36:19 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
            2014-06-26 08:36:09 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
            2014-06-26 08:36:09 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
            2014-06-26 08:36:06 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
            2014-06-26 08:35:11 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
            2014-06-26 08:35:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
            2014-06-26 07:09:00 -------- d-----w- c:\users\acer\appdata\roaming\Malwarebytes
            2014-06-26 07:08:40 -------- d-----w- c:\programdata\Malwarebytes
            2014-06-19 20:47:30 -------- d-----w- c:\programdata\de082e2d24a43840
            2014-06-19 20:47:22 -------- d-----w- c:\users\acer\appdata\local\Comodo
            2014-06-19 18:26:57 6010880 ----a-w- c:\program files\GUTC609.tmp
            2014-06-19 18:26:57 -------- d-----w- c:\program files\GUMC5AB.tmp
            2014-06-15 14:05:02 830792 ----a-w- c:\users\acer\appdata\local\nse62EA.tmp
            2014-06-15 12:53:46 -------- d-----w- c:\program files\JavaLive! Manager
            2014-06-06 17:04:05 55216 ----a-w- c:\windows\system32\drivers\{4bbc3b2f-4023-460e-8404-cfddb6e4477d}t.sys
            2014-06-06 16:00:16 -------- d-----w- c:\program files\FlashNow Updater
            2014-06-06 15:59:20 -------- d-----w- c:\program files\Yula
            .
            ==================== Find3M ====================
            .
            2014-06-15 14:50:33 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
            2014-06-15 14:50:33 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
            2014-06-04 07:43:58 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
            2014-03-31 07:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe
            .
            ============= FINISH: 15:08:51,73 ===============



            Checkup.txt
            Results of screen317's Security Check version 0.99.85
            Windows Vista x86 (UAC is disabled!)
            Out of date service pack!!
            Internet Explorer 7 Out of date!
            ``````````````Antivirus/Firewall Check:``````````````
            WMI entry may not exist for antivirus; attempting automatic update.
            `````````Anti-malware/Other Utilities Check:`````````
            CCleaner
            Adobe Flash Player 13.0.0.214 Flash Player out of Date!
            Adobe Reader XI
            Google Chrome 35.0.1916.114
            Google Chrome 35.0.1916.153
            ````````Process Check: objlist.exe by Laurent````````
            Windows Defender MSASCui.exe
            Windows Defender MSASCui.exe
            `````````````````System Health check`````````````````
            Total Fragmentation on Drive C: %
            ````````````````````End of Log``````````````````````
            Bijgevoegde Bestanden

            Comment


            • #7
              Wat is de reden dat je Vista niet is geupdate tot SP2 ?
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                Dat zie ik nu ook ja. Het is niet mijn laptop, en de eigenaar is niet bepaald een techneut. Zal het gelijk even updaten. Kun je nog iets uit de logs halen?

                Comment


                • #9
                  Oorspronkelijk geplaatst door MetallicA Bekijk Berichten
                  Wel een opmerking bij MBAM : Het is een hele andere versie als de laatste keer dat ik hem gebruikt heb, en jullie instructies m.b.t. het gebruiken ervan zijn niet helemaal meer up to date (je krijgt bv. niet meer de kans om infecties na het scannen te verwijderen, maar alleen om ze in quarantaine te zetten) tenzij dat hetzelfde is maar dat lijkt me sterk want eerst kon je beide dingen kiezen.
                  De instructies slaan op versie 1.75, de versie die ook gehanteerd wordt hier, staat ook zo in de posting.
                  Oorspronkelijk geplaatst door Nucia Bekijk Berichten
                  Stap 2: scannen op malware met Malwarebytes Anti-Malware

                  Download Malwarebytes Anti-Malware 1.75 naar je bureaublad .
                  De download link is tevens deze van 1.75. Bijgevolg zijn de instructies correct.



                  Als de Windows is geupdate tot SP2 dan gaan we verder.
                  Anders is het "dweilen met de kraan open".
                  Installeer eveneens een actieve Antivirus tool.


                  Als dit is gebeurt plaats dan een verse DDS log.
                  Last edited by Emphyrio; 26-06-14, 14:55.
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    Geupdate naar SP2 en AVG geinstalleerd!

                    Hier is een nieuwe DDS log :

                    DDS (Ver_2012-11-05.02) - NTFS_x86
                    Internet Explorer: 7.0.6002.18005
                    Run by Acer at 18:38:40 on 2014-06-26
                    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1013.282 [GMT 2:00]
                    .
                    AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
                    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                    SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
                    .
                    ============== Running Processes ================
                    .
                    c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
                    C:\Program Files\AVG\AVG2014\avgcsrvx.exe
                    C:\Windows\system32\wininit.exe
                    C:\Windows\system32\lsm.exe
                    C:\Windows\system32\SLsvc.exe
                    C:\Windows\servicing\TrustedInstaller.exe
                    C:\Windows\system32\WLANExt.exe
                    C:\Windows\System32\spoolsv.exe
                    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
                    C:\Program Files\AVG\AVG2014\avgidsagent.exe
                    C:\Program Files\AVG\AVG2014\avgwdsvc.exe
                    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
                    C:\Program Files\AVG\AVG2014\avgnsx.exe
                    C:\Program Files\AVG\AVG2014\avgemcx.exe
                    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
                    C:\Windows\system32\SearchIndexer.exe
                    C:\Windows\system32\DRIVERS\xaudio.exe
                    C:\Windows\system32\wbem\wmiprvse.exe
                    C:\Windows\system32\taskeng.exe
                    C:\Windows\system32\SearchProtocolHost.exe
                    C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
                    C:\Windows\system32\taskeng.exe
                    C:\Windows\system32\Dwm.exe
                    C:\Windows\Explorer.EXE
                    C:\Windows\system32\taskeng.exe
                    C:\Windows\System32\igfxtray.exe
                    C:\Windows\System32\hkcmd.exe
                    C:\Windows\System32\igfxpers.exe
                    C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
                    C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
                    C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
                    C:\Program Files\Update Software\winclient32.exe
                    C:\Program Files\AVG\AVG2014\avgui.exe
                    C:\Program Files\Windows Media Player\wmpnscfg.exe
                    C:\Windows\system32\igfxsrvc.exe
                    C:\Program Files\Windows Media Player\wmpnetwk.exe
                    C:\Windows\system32\ctfmon.exe
                    C:\Windows\system32\wbem\wmiprvse.exe
                    \\?\C:\Windows\system32\wbem\WMIADAP.EXE
                    C:\Windows\system32\SearchFilterHost.exe
                    C:\Windows\system32\conime.exe
                    C:\Windows\system32\svchost.exe -k DcomLaunch
                    C:\Windows\system32\svchost.exe -k rpcss
                    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                    C:\Windows\system32\svchost.exe -k netsvcs
                    C:\Windows\system32\svchost.exe -k LocalService
                    C:\Windows\system32\svchost.exe -k NetworkService
                    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                    C:\Windows\system32\svchost.exe -k imgsvc
                    C:\Windows\System32\svchost.exe -k WerSvcGroup
                    .
                    ============== Pseudo HJT Report ===============
                    .
                    uStart Page = hxxp://www.google.com
                    uSearch Bar = hxxp://www.google.com
                    uSearch Page = hxxp://www.google.com
                    uDefault_Page_URL = www.google.com
                    uDefault_Search_URL = hxxp://www.google.com
                    mStart Page = www.google.com
                    mSearch Page = hxxp://www.google.com
                    mDefault_Page_URL = www.google.com
                    mDefault_Search_URL = hxxp://www.google.com
                    uProxyOverride = <-loopback>
                    uSearchAssistant = hxxp://www.google.com
                    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
                    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
                    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
                    mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
                    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
                    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
                    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
                    mRun: [Persistence] c:\windows\system32\igfxpers.exe
                    mRun: [LogitechCommunicationsManager] "c:\program files\common files\logitech\lcommgr\Communications_Helper.exe"
                    mRun: [AcerOrbicamRibbon] "c:\program files\acer\orbicam10\OrbiCam.exe" /hide
                    mRun: [LVCOMSX] "c:\program files\common files\logitech\lcommgr\LVComSX.exe"
                    mRun: [Windows Client Manager] c:\program files\update software\winclient32.exe
                    mRun: [Windows X64 Service Manager] c:\program files\flashnow updater\flsysio.exe
                    mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
                    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
                    mPolicies-System: EnableLUA = dword:0
                    mPolicies-System: EnableUIADesktopToggle = dword:0
                    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001051-0002-0051-ABCDEFFEDCBC} - <orphaned>
                    TCP: NameServer = 213.46.228.196 62.179.104.196
                    TCP: Interfaces\{64BC5B85-F2F2-4A4C-943A-A372A10C10E6} : DHCPNameServer = 213.46.228.196 62.179.104.196
                    TCP: Interfaces\{847E5936-8D65-44F5-AA70-FACBCECC2D92} : DHCPNameServer = 192.168.1.1
                    Notify: igfxcui - igfxdev.dll
                    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
                    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\35.0.1916.153\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
                    Hosts: 54.225.95.126 nikdaiaidiiiogaidkkekcmokcgcdeac
                    ============= SERVICES / DRIVERS ===============
                    .
                    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-17 147736]
                    R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-6-17 241944]
                    R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-6-17 98584]
                    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-17 27416]
                    R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-17 121624]
                    R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-6-17 199960]
                    R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-17 21272]
                    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-6-17 188696]
                    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-6-17 197400]
                    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-6-17 3242000]
                    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2014-6-17 289328]
                    R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2014-2-3 847392]
                    R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
                    .
                    =============== Created Last 30 ================
                    .
                    2014-06-26 16:30:02 -------- d-----w- c:\windows\system32\eu-ES
                    2014-06-26 16:30:02 -------- d-----w- c:\windows\system32\ca-ES
                    2014-06-26 16:30:01 -------- d-----w- c:\windows\system32\vi-VN
                    2014-06-26 16:16:25 -------- d-----w- c:\windows\system32\EventProviders
                    2014-06-26 15:48:59 619864 ----a-w- c:\windows\system32\icardagt.exe
                    2014-06-26 15:47:57 247808 ----a-w- c:\windows\system32\drvstore.dll
                    2014-06-26 15:45:16 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
                    2014-06-26 15:45:15 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
                    2014-06-26 15:45:15 1205080 ----a-w- c:\windows\system32\ntdll.dll
                    2014-06-26 15:36:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
                    2014-06-26 15:36:04 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
                    2014-06-26 15:32:41 128000 ----a-w- c:\windows\system32\spoolsv.exe
                    2014-06-26 15:31:58 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
                    2014-06-26 15:17:16 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
                    2014-06-26 15:17:16 49472 ----a-w- c:\windows\system32\netfxperf.dll
                    2014-06-26 15:17:16 297808 ----a-w- c:\windows\system32\mscoree.dll
                    2014-06-26 15:17:16 295264 ----a-w- c:\windows\system32\PresentationHost.exe
                    2014-06-26 15:17:16 1130824 ----a-w- c:\windows\system32\dfshim.dll
                    2014-06-26 15:03:15 -------- d-----w- c:\users\acer\appdata\roaming\AVG2014
                    2014-06-26 15:02:15 -------- d-----w- c:\users\acer\appdata\roaming\TuneUp Software
                    2014-06-26 15:02:03 -------- dc-h--w- C:\$AVG
                    2014-06-26 15:02:03 -------- d-----w- c:\programdata\AVG2014
                    2014-06-26 15:01:38 -------- d-----w- c:\program files\AVG
                    2014-06-26 15:00:00 -------- d--h--w- c:\programdata\Common Files
                    2014-06-26 15:00:00 -------- d-----w- c:\users\acer\appdata\local\MFAData
                    2014-06-26 15:00:00 -------- d-----w- c:\users\acer\appdata\local\Avg2014
                    2014-06-26 15:00:00 -------- d-----w- c:\programdata\MFAData
                    2014-06-26 14:51:19 -------- dc----w- C:\PerfLogs
                    2014-06-26 14:34:20 6656 ----a-w- c:\windows\system32\sdspres.dll
                    2014-06-26 14:34:19 193024 ----a-w- c:\windows\system32\recdisc.exe
                    2014-06-26 14:34:02 28160 ----a-w- c:\windows\system32\sxproxy.dll
                    2014-06-26 14:31:59 81408 ----a-w- c:\windows\system32\bootcfg.exe
                    2014-06-26 14:18:57 -------- d-----w- c:\windows\CheckSur
                    2014-06-26 13:57:38 -------- dc----w- C:\44be441f42d5819f933ed8cb80
                    2014-06-26 13:44:50 8140904 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{8bf96e57-4928-47b7-acad-21896936a8dd}\mpengine.dll
                    2014-06-26 12:49:06 536576 ----a-w- c:\windows\system32\sqlite3.dll
                    2014-06-26 12:48:33 -------- dc----w- C:\AdwCleaner
                    2014-06-26 08:36:19 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                    2014-06-26 08:36:09 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
                    2014-06-26 08:36:09 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
                    2014-06-26 08:36:06 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
                    2014-06-26 08:35:11 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
                    2014-06-26 08:35:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
                    2014-06-26 07:09:00 -------- d-----w- c:\users\acer\appdata\roaming\Malwarebytes
                    2014-06-26 07:08:40 -------- d-----w- c:\programdata\Malwarebytes
                    2014-06-19 20:47:30 -------- d-----w- c:\programdata\de082e2d24a43840
                    2014-06-19 20:47:22 -------- d-----w- c:\users\acer\appdata\local\Comodo
                    2014-06-19 18:26:57 6010880 ----a-w- c:\program files\GUTC609.tmp
                    2014-06-19 18:26:57 -------- d-----w- c:\program files\GUMC5AB.tmp
                    2014-06-17 14:22:02 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys
                    2014-06-17 14:21:22 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys
                    2014-06-17 14:18:00 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys
                    2014-06-17 14:17:58 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys
                    2014-06-17 14:06:40 199960 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
                    2014-06-17 14:06:38 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
                    2014-06-17 14:06:22 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
                    2014-06-17 14:06:20 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
                    2014-06-15 14:05:02 830792 ----a-w- c:\users\acer\appdata\local\nse62EA.tmp
                    2014-06-15 12:53:46 -------- d-----w- c:\program files\JavaLive! Manager
                    2014-06-06 16:00:16 -------- d-----w- c:\program files\FlashNow Updater
                    2014-06-06 15:59:20 -------- d-----w- c:\program files\Yula
                    .
                    ==================== Find3M ====================
                    .
                    2014-06-26 14:47:38 101888 ----a-w- c:\windows\system32\ifxcardm.dll
                    2014-06-26 14:47:37 82432 ----a-w- c:\windows\system32\axaltocm.dll
                    2014-06-15 14:50:33 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
                    2014-06-15 14:50:33 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
                    2014-06-04 07:43:58 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
                    2014-03-31 07:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe
                    .
                    ============= FINISH: 18:39:14,35 ===============

                    Comment


                    • #11
                      Download of Update Ccleaner

                      Start CCleaner op.
                      • Run Ccleaner en klik in de linkse kolom op Opties
                      • Selecteer het tabblad Geavanceerd
                      • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                      • Selecteer het tabblad Instellingen
                      • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                      • Klik in de linkse kolom op Cleaner.
                      • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                      • Klik vervolgens in de linkse kolom op Register
                      • Klik op Scan naar problemen.
                      • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                      • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK




                      Download Combofix naar je bureaublad.
                      (Dus niet naar een download map of temp map)

                      Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                      Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

                      Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

                      Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                      Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                      Als Combofix vraagt om een update, dan staat je dit toe.

                      Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                      Deze kan je vinden als C:\combofix.txt.

                      Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                      * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                      • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                      • Illegal operation attempted on a registry key that has been marked for deletion.
                      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                      Comment


                      • #12
                        Combofix log :
                        ComboFix 14-06-27.01 - Acer 27-06-2014 17:23:31.1.2 - x86
                        Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1013.157 [GMT 2:00]
                        Gestart vanuit: c:\users\Acer\Desktop\ComboFix.exe
                        AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
                        SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
                        SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                        .
                        .
                        (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        .
                        c:\programdata\Roaming
                        c:\users\Acer\AppData\Local\nse62EA.tmp
                        c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\staged\[email protected]
                        c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\staged\[email protected]\bootstrap.js
                        c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\staged\[email protected]\chrome.manifest
                        c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\staged\[email protected]\content\bg.js
                        c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\staged\[email protected]\install.rdf
                        c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\staged\[email protected]
                        c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\staged\[email protected]\bootstrap.js
                        c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\staged\[email protected]\chrome.manifest
                        c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\staged\[email protected]\content\bg.js
                        c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\uxp3qlu1.default-1391614794722\extensions\staged\[email protected]\install.rdf
                        .
                        .
                        (((((((((((((((((((( Bestanden Gemaakt van 2014-05-27 to 2014-06-27 ))))))))))))))))))))))))))))))
                        .
                        .
                        2014-06-27 15:31 . 2014-06-27 15:31 -------- d-----w- c:\users\Default\AppData\Local\temp
                        2014-06-27 15:20 . 2014-06-27 15:20 -------- d-----w- c:\programdata\Avg_Update_0214d
                        2014-06-27 15:14 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
                        2014-06-27 15:14 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
                        2014-06-27 15:14 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
                        2014-06-27 15:14 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
                        2014-06-27 15:14 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
                        2014-06-27 15:14 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
                        2014-06-26 16:30 . 2014-06-26 16:30 -------- d-----w- c:\windows\system32\ca-ES
                        2014-06-26 16:30 . 2014-06-26 16:30 -------- d-----w- c:\windows\system32\eu-ES
                        2014-06-26 16:30 . 2014-06-26 16:30 -------- d-----w- c:\windows\system32\vi-VN
                        2014-06-26 16:16 . 2014-06-26 16:16 -------- d-----w- c:\windows\system32\EventProviders
                        2014-06-26 15:48 . 2009-04-11 06:28 114176 ----a-w- c:\windows\system32\EhStorShell.dll
                        2014-06-26 15:47 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
                        2014-06-26 15:45 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
                        2014-06-26 15:45 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
                        2014-06-26 15:45 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
                        2014-06-26 15:36 . 2011-02-22 13:23 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
                        2014-06-26 15:36 . 2011-04-14 14:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
                        2014-06-26 15:32 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
                        2014-06-26 15:31 . 2010-06-17 18:08 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll
                        2014-06-26 15:17 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
                        2014-06-26 15:17 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
                        2014-06-26 15:17 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
                        2014-06-26 15:17 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
                        2014-06-26 15:17 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
                        2014-06-26 15:03 . 2014-06-26 15:03 -------- d-----w- c:\users\Acer\AppData\Roaming\AVG2014
                        2014-06-26 15:02 . 2014-06-26 15:02 -------- d-----w- c:\users\Acer\AppData\Roaming\TuneUp Software
                        2014-06-26 15:02 . 2014-06-26 15:03 -------- d-----w- c:\programdata\AVG2014
                        2014-06-26 15:02 . 2014-06-26 15:02 -------- dc----w- C:\$AVG
                        2014-06-26 15:01 . 2014-06-26 15:01 -------- d-----w- c:\program files\AVG
                        2014-06-26 15:00 . 2014-06-27 15:20 -------- d-----w- c:\programdata\MFAData
                        2014-06-26 15:00 . 2014-06-26 15:03 -------- d-----w- c:\users\Acer\AppData\Local\Avg2014
                        2014-06-26 15:00 . 2014-06-26 15:00 -------- d--h--w- c:\programdata\Common Files
                        2014-06-26 15:00 . 2014-06-26 15:00 -------- d-----w- c:\users\Acer\AppData\Local\MFAData
                        2014-06-26 14:51 . 2014-06-26 14:51 -------- dc----w- C:\PerfLogs
                        2014-06-26 14:34 . 2008-01-18 21:36 6656 ----a-w- c:\windows\system32\sdspres.dll
                        2014-06-26 14:34 . 2008-01-18 21:33 193024 ----a-w- c:\windows\system32\recdisc.exe
                        2014-06-26 14:34 . 2008-01-18 21:36 28160 ----a-w- c:\windows\system32\sxproxy.dll
                        2014-06-26 14:31 . 2008-01-18 21:33 81408 ----a-w- c:\windows\system32\bootcfg.exe
                        2014-06-26 14:18 . 2014-06-26 14:18 -------- d-----w- c:\windows\CheckSur
                        2014-06-26 13:57 . 2014-06-26 13:57 -------- dc----w- C:\44be441f42d5819f933ed8cb80
                        2014-06-26 13:44 . 2014-06-17 00:57 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8BF96E57-4928-47B7-ACAD-21896936A8DD}\mpengine.dll
                        2014-06-26 12:49 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
                        2014-06-26 12:48 . 2014-06-26 12:50 -------- dc----w- C:\AdwCleaner
                        2014-06-26 08:36 . 2014-06-26 13:12 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                        2014-06-26 08:36 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
                        2014-06-26 08:36 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
                        2014-06-26 08:36 . 2014-06-26 08:36 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
                        2014-06-26 08:35 . 2014-06-26 08:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
                        2014-06-26 08:35 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
                        2014-06-26 07:09 . 2014-06-26 08:36 -------- d-----w- c:\users\Acer\AppData\Roaming\Malwarebytes
                        2014-06-26 07:08 . 2014-06-26 07:22 -------- d-----w- c:\programdata\Malwarebytes
                        2014-06-19 20:47 . 2014-06-26 12:21 -------- d-----w- c:\programdata\de082e2d24a43840
                        2014-06-19 20:47 . 2014-06-19 20:47 -------- d-----w- c:\users\Gast
                        2014-06-19 20:47 . 2014-06-19 20:47 -------- d-----w- c:\users\Administrator
                        2014-06-19 20:47 . 2014-06-19 20:47 -------- d-----w- c:\users\Acer\AppData\Local\Comodo
                        2014-06-19 18:26 . 2014-06-19 18:27 -------- d-----w- c:\program files\GUMC5AB.tmp
                        2014-06-19 18:26 . 2014-06-19 18:26 6010880 ----a-w- c:\program files\GUTC609.tmp
                        2014-06-17 14:22 . 2014-06-17 14:22 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys
                        2014-06-17 14:21 . 2014-06-17 14:21 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys
                        2014-06-17 14:18 . 2014-06-17 14:18 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys
                        2014-06-17 14:17 . 2014-06-17 14:17 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys
                        2014-06-17 14:06 . 2014-06-17 14:06 199960 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
                        2014-06-17 14:06 . 2014-06-17 14:06 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
                        2014-06-17 14:06 . 2014-06-17 14:06 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
                        2014-06-17 14:06 . 2014-06-17 14:06 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
                        2014-06-17 14:06 . 2014-06-17 14:06 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
                        2014-06-15 12:53 . 2014-06-26 15:23 -------- d-----w- c:\program files\JavaLive! Manager
                        2014-06-06 16:00 . 2014-06-06 16:00 -------- d-----w- c:\program files\FlashNow Updater
                        2014-06-06 15:59 . 2014-06-26 07:40 -------- d-----w- c:\program files\Yula
                        .
                        .
                        .
                        ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        2014-06-26 14:47 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
                        2014-06-26 14:47 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
                        2014-06-15 14:50 . 2014-02-03 01:51 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
                        2014-06-15 14:50 . 2014-02-03 01:51 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
                        2014-06-04 07:43 . 2014-02-25 15:12 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
                        2014-03-31 07:35 . 2014-02-03 12:22 231584 ------w- c:\windows\system32\MpSigStub.exe
                        .
                        .
                        ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                        .
                        .
                        *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                        REGEDIT4
                        .
                        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                        "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                        "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
                        "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
                        "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
                        "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
                        "LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 304664]
                        "AcerOrbicamRibbon"="c:\program files\Acer\OrbiCam10\OrbiCam.exe" [2006-11-28 754712]
                        "LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-11-28 244512]
                        "Windows Client Manager"="c:\program files\Update Software\winclient32.exe" [2014-02-19 639488]
                        "Windows X64 Service Manager"="c:\program files\FlashNow Updater\flsysio.exe" [2014-06-01 371200]
                        "AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-06-17 5179408]
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                        "EnableLUA"= 0 (0x0)
                        "EnableUIADesktopToggle"= 0 (0x0)
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2138739178-3110540395-2451758336-1000]
                        "EnableNotificationsRef"=dword:00000001
                        .
                        [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                        2014-06-14 18:11 1091912 ----a-w- c:\program files\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
                        .
                        Inhoud van de 'Gedeelde Taken' map
                        .
                        2014-06-27 c:\windows\Tasks\Adobe Flash Player Updater.job
                        - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-03 14:50]
                        .
                        .
                        ------- Bijkomende Scan -------
                        .
                        uStart Page = hxxp://www.google.com
                        uDefault_Search_URL = hxxp://www.google.com
                        mStart Page = www.google.com
                        uInternet Settings,ProxyOverride = <-loopback>
                        uSearchAssistant = hxxp://www.google.com
                        TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
                        .
                        - - - - ORPHANS VERWIJDERD - - - -
                        .
                        Toolbar-{CD38ABA3-B44E-435B-92BD-FB13EA30B0EE} - (no file)
                        AddRemove-337Games - c:\users\Acer\AppData\Roaming\337Games\uninstall.exe
                        AddRemove-{E74EAF7D-BDFA-4334-8759-1774D64F1744} - c:\users\Acer\AppData\Local\TNT2\2.0.0.1812\TNT2User.exe
                        .
                        .
                        .
                        **************************************************************************
                        .
                        catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                        Rootkit scan 2014-06-27 17:31
                        Windows 6.0.6002 Service Pack 2 NTFS
                        .
                        scannen van verborgen processen ...
                        .
                        scannen van verborgen autostart items ...
                        .
                        scannen van verborgen bestanden ...
                        .
                        Scan succesvol afgerond
                        verborgen bestanden: 0
                        .
                        **************************************************************************
                        .
                        --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                        @Denied: (A 2) (Everyone)
                        @="FlashBroker"
                        "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                        "Enabled"=dword:00000001
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                        @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                        @Denied: (A 2) (Everyone)
                        @="IFlashBroker5"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                        @="{00020424-0000-0000-C000-000000000046}"
                        .
                        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                        "Version"="1.0"
                        .
                        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
                        @Denied: (A) (Users)
                        @Denied: (A) (Everyone)
                        @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                        "BlindDial"=dword:00000000
                        .
                        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
                        @Denied: (A) (Users)
                        @Denied: (A) (Everyone)
                        @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                        "BlindDial"=dword:00000000
                        .
                        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
                        @Denied: (A) (Users)
                        @Denied: (A) (Everyone)
                        @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                        "BlindDial"=dword:00000000
                        .
                        Voltooingstijd: 2014-06-27 17:33:01
                        ComboFix-quarantined-files.txt 2014-06-27 15:32
                        .
                        Pre-Run: 34.432.716.800 bytes beschikbaar
                        Post-Run: 34.307.231.744 bytes beschikbaar
                        .
                        - - End Of File - - E2D14701C5247C1EE5D31F186F2C0A31
                        5C616939100B85E558DA92B899A0FC36


                        DDS log :
                        DDS (Ver_2012-11-05.02) - NTFS_x86
                        Internet Explorer: 7.0.6002.18005
                        Run by Acer at 17:36:16 on 2014-06-27
                        Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.1013.306 [GMT 2:00]
                        .
                        AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
                        SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                        SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
                        .
                        ============== Running Processes ================
                        .
                        C:\Windows\system32\wininit.exe
                        C:\Windows\system32\lsm.exe
                        C:\Windows\system32\SLsvc.exe
                        C:\Windows\system32\WLANExt.exe
                        C:\Windows\System32\spoolsv.exe
                        C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
                        C:\Program Files\AVG\AVG2014\avgwdsvc.exe
                        C:\Program Files\Intel\WiFi\bin\EvtEng.exe
                        C:\Program Files\AVG\AVG2014\avgnsx.exe
                        C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
                        C:\Windows\system32\SearchIndexer.exe
                        C:\Windows\system32\wbem\wmiprvse.exe
                        C:\Windows\system32\taskeng.exe
                        C:\Windows\system32\Dwm.exe
                        C:\Windows\system32\taskeng.exe
                        C:\Windows\System32\igfxtray.exe
                        C:\Windows\System32\hkcmd.exe
                        C:\Windows\System32\igfxpers.exe
                        C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
                        C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
                        C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
                        C:\Program Files\AVG\AVG2014\avgui.exe
                        C:\Program Files\Windows Media Player\wmpnscfg.exe
                        C:\Windows\system32\igfxsrvc.exe
                        C:\Program Files\Windows Media Player\wmpnetwk.exe
                        C:\Windows\system32\ctfmon.exe
                        C:\Windows\System32\wsqmcons.exe
                        C:\Windows\system32\conime.exe
                        C:\Windows\explorer.exe
                        C:\Windows\system32\wbem\wmiprvse.exe
                        C:\Windows\system32\DllHost.exe
                        C:\Windows\system32\svchost.exe -k DcomLaunch
                        C:\Windows\system32\svchost.exe -k rpcss
                        C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                        C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                        C:\Windows\system32\svchost.exe -k netsvcs
                        C:\Windows\system32\svchost.exe -k LocalService
                        C:\Windows\system32\svchost.exe -k NetworkService
                        C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                        C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                        C:\Windows\system32\svchost.exe -k imgsvc
                        C:\Windows\System32\svchost.exe -k WerSvcGroup
                        .
                        ============== Pseudo HJT Report ===============
                        .
                        uStart Page = hxxp://www.google.com
                        uDefault_Search_URL = hxxp://www.google.com
                        mStart Page = www.google.com
                        uProxyOverride = <-loopback>
                        uSearchAssistant = hxxp://www.google.com
                        BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
                        BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
                        uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
                        mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
                        mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
                        mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
                        mRun: [Persistence] c:\windows\system32\igfxpers.exe
                        mRun: [LogitechCommunicationsManager] "c:\program files\common files\logitech\lcommgr\Communications_Helper.exe"
                        mRun: [AcerOrbicamRibbon] "c:\program files\acer\orbicam10\OrbiCam.exe" /hide
                        mRun: [LVCOMSX] "c:\program files\common files\logitech\lcommgr\LVComSX.exe"
                        mRun: [Windows Client Manager] c:\program files\update software\winclient32.exe
                        mRun: [Windows X64 Service Manager] c:\program files\flashnow updater\flsysio.exe
                        mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
                        uPolicies-Explorer: NoDrives = dword:0
                        mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
                        mPolicies-Explorer: NoDrives = dword:0
                        mPolicies-System: EnableLUA = dword:0
                        mPolicies-System: EnableUIADesktopToggle = dword:0
                        IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001051-0002-0051-ABCDEFFEDCBC} - <orphaned>
                        TCP: NameServer = 213.46.228.196 62.179.104.196
                        TCP: Interfaces\{64BC5B85-F2F2-4A4C-943A-A372A10C10E6} : DHCPNameServer = 213.46.228.196 62.179.104.196
                        TCP: Interfaces\{847E5936-8D65-44F5-AA70-FACBCECC2D92} : DHCPNameServer = 192.168.1.1
                        Notify: igfxcui - igfxdev.dll
                        LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
                        mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\35.0.1916.153\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
                        .
                        ============= SERVICES / DRIVERS ===============
                        .
                        R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-6-17 147736]
                        R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-6-17 241944]
                        R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-6-17 98584]
                        R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-6-17 27416]
                        R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-6-17 121624]
                        R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-6-17 199960]
                        R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-6-17 21272]
                        R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-6-17 188696]
                        R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-6-17 197400]
                        R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2014-6-17 289328]
                        R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2014-2-3 847392]
                        R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
                        S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-6-17 3242000]
                        .
                        =============== Created Last 30 ================
                        .
                        2014-06-27 15:33:09 -------- dcsh--w- C:\$RECYCLE.BIN
                        2014-06-27 15:22:22 98816 ----a-w- c:\windows\sed.exe
                        2014-06-27 15:22:22 256000 ----a-w- c:\windows\PEV.exe
                        2014-06-27 15:22:22 208896 ----a-w- c:\windows\MBR.exe
                        2014-06-27 15:22:18 -------- dc----w- C:\ComboFix
                        2014-06-27 15:20:20 -------- d-----w- c:\programdata\Avg_Update_0214d
                        2014-06-27 15:14:35 2422272 ----a-w- c:\windows\system32\wucltux.dll
                        2014-06-27 15:14:23 33792 ----a-w- c:\windows\system32\wuapp.exe
                        2014-06-27 15:14:23 171904 ----a-w- c:\windows\system32\wuwebv.dll
                        2014-06-26 16:30:02 -------- d-----w- c:\windows\system32\eu-ES
                        2014-06-26 16:30:02 -------- d-----w- c:\windows\system32\ca-ES
                        2014-06-26 16:30:01 -------- d-----w- c:\windows\system32\vi-VN
                        2014-06-26 16:16:25 -------- d-----w- c:\windows\system32\EventProviders
                        2014-06-26 15:48:59 619864 ----a-w- c:\windows\system32\icardagt.exe
                        2014-06-26 15:47:57 247808 ----a-w- c:\windows\system32\drvstore.dll
                        2014-06-26 15:45:16 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe
                        2014-06-26 15:45:15 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
                        2014-06-26 15:45:15 1205080 ----a-w- c:\windows\system32\ntdll.dll
                        2014-06-26 15:36:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
                        2014-06-26 15:36:04 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
                        2014-06-26 15:32:41 128000 ----a-w- c:\windows\system32\spoolsv.exe
                        2014-06-26 15:31:58 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
                        2014-06-26 15:17:16 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
                        2014-06-26 15:17:16 49472 ----a-w- c:\windows\system32\netfxperf.dll
                        2014-06-26 15:17:16 297808 ----a-w- c:\windows\system32\mscoree.dll
                        2014-06-26 15:17:16 295264 ----a-w- c:\windows\system32\PresentationHost.exe
                        2014-06-26 15:17:16 1130824 ----a-w- c:\windows\system32\dfshim.dll
                        2014-06-26 15:03:15 -------- d-----w- c:\users\acer\appdata\roaming\AVG2014
                        2014-06-26 15:02:15 -------- d-----w- c:\users\acer\appdata\roaming\TuneUp Software
                        2014-06-26 15:02:03 -------- dc----w- C:\$AVG
                        2014-06-26 15:02:03 -------- d-----w- c:\programdata\AVG2014
                        2014-06-26 15:01:38 -------- d-----w- c:\program files\AVG
                        2014-06-26 15:00:00 -------- d--h--w- c:\programdata\Common Files
                        2014-06-26 15:00:00 -------- d-----w- c:\users\acer\appdata\local\MFAData
                        2014-06-26 15:00:00 -------- d-----w- c:\users\acer\appdata\local\Avg2014
                        2014-06-26 15:00:00 -------- d-----w- c:\programdata\MFAData
                        2014-06-26 14:51:19 -------- dc----w- C:\PerfLogs
                        2014-06-26 14:34:20 6656 ----a-w- c:\windows\system32\sdspres.dll
                        2014-06-26 14:34:19 193024 ----a-w- c:\windows\system32\recdisc.exe
                        2014-06-26 14:34:02 28160 ----a-w- c:\windows\system32\sxproxy.dll
                        2014-06-26 14:31:59 81408 ----a-w- c:\windows\system32\bootcfg.exe
                        2014-06-26 14:18:57 -------- d-----w- c:\windows\CheckSur
                        2014-06-26 13:57:38 -------- dc----w- C:\44be441f42d5819f933ed8cb80
                        2014-06-26 13:44:50 8140904 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{8bf96e57-4928-47b7-acad-21896936a8dd}\mpengine.dll
                        2014-06-26 12:49:06 536576 ----a-w- c:\windows\system32\sqlite3.dll
                        2014-06-26 12:48:33 -------- dc----w- C:\AdwCleaner
                        2014-06-26 08:36:19 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                        2014-06-26 08:36:09 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
                        2014-06-26 08:36:09 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
                        2014-06-26 08:36:06 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
                        2014-06-26 08:35:11 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
                        2014-06-26 08:35:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
                        2014-06-26 07:09:00 -------- d-----w- c:\users\acer\appdata\roaming\Malwarebytes
                        2014-06-26 07:08:40 -------- d-----w- c:\programdata\Malwarebytes
                        2014-06-19 20:47:30 -------- d-----w- c:\programdata\de082e2d24a43840
                        2014-06-19 20:47:22 -------- d-----w- c:\users\acer\appdata\local\Comodo
                        2014-06-19 18:26:57 6010880 ----a-w- c:\program files\GUTC609.tmp
                        2014-06-19 18:26:57 -------- d-----w- c:\program files\GUMC5AB.tmp
                        2014-06-17 14:22:02 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys
                        2014-06-17 14:21:22 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys
                        2014-06-17 14:18:00 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys
                        2014-06-17 14:17:58 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys
                        2014-06-17 14:06:40 199960 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
                        2014-06-17 14:06:38 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
                        2014-06-17 14:06:22 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
                        2014-06-17 14:06:20 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
                        2014-06-15 12:53:46 -------- d-----w- c:\program files\JavaLive! Manager
                        2014-06-06 16:00:16 -------- d-----w- c:\program files\FlashNow Updater
                        2014-06-06 15:59:20 -------- d-----w- c:\program files\Yula
                        .
                        ==================== Find3M ====================
                        .
                        2014-06-26 14:47:38 101888 ----a-w- c:\windows\system32\ifxcardm.dll
                        2014-06-26 14:47:37 82432 ----a-w- c:\windows\system32\axaltocm.dll
                        2014-06-15 14:50:33 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
                        2014-06-15 14:50:33 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
                        2014-06-04 07:43:58 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
                        2014-03-31 07:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe
                        .
                        ============= FINISH: 17:36:36,82 ===============

                        Comment


                        • #13
                          Download Security Check op je bureaublad via hier of hier

                          Start Security Check
                          Volg de Instructies in het scherm
                          Aan het eind verschijnt een log ( checkup.txt )
                          Plaats de inhoud ervan in je volgende antwoord.
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            Wil het lukken?
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment


                            • #15
                              Sorry voor de vertraging, had de laptop even niet tot mijn beschikking.

                              Hier is de SecurityCheckup log :

                              Results of screen317's Security Check version 0.99.85
                              Windows Vista Service Pack 2 x86 (UAC is disabled!)
                              Internet Explorer 9
                              Internet Explorer 8
                              ``````````````Antivirus/Firewall Check:``````````````
                              AVG AntiVirus Free Edition 2014
                              Antivirus up to date!
                              `````````Anti-malware/Other Utilities Check:`````````
                              CCleaner
                              Adobe Flash Player 13.0.0.214 Flash Player out of Date!
                              Adobe Reader XI
                              Google Chrome 35.0.1916.114
                              Google Chrome 35.0.1916.153
                              ````````Process Check: objlist.exe by Laurent````````
                              AVG avgwdsvc.exe
                              AVG avgrsx.exe
                              AVG avgnsx.exe
                              AVG avgemc.exe
                              `````````````````System Health check`````````````````
                              Total Fragmentation on Drive C: %
                              ````````````````````End of Log``````````````````````

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X