Mededeling

Collapse
No announcement yet.

Windows verkenner crasht telkens

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Windows verkenner crasht telkens

    Sinds enige maanden crasht Windows verkenner zeer regelmatig (bijna dagelijks). Wat hierbij wel opvalt is, dat als Windows verkenner gecrasht is en ik deze nogmaals open, dat dit dan wel zonder problemen.
    Maar als ik Windows verkenner weer afsluit, dan is de kans zeer groot dat de volgende keer/dag zich weer hetzelfde probleem voordoet.

    Verder had mijn laptop twee dagen geleden problemen met opstarten. Op zich leek deze op te starten, maar op een gegeven moment kreeg ik een blauwgrijs/antraciet scherm zonder tekst en daar bleef het bij. Door de aan/uit knop vervolgens 30 seconden ingedrukt te houden heb ik hem uiteindelijk weer tot leven kunnen wekken.

    Tot slot wil ik nog vermelden dat G-Data 5 keer een bestand in quarantaine heeft geplaatst vanwege een vermeend virus (Gen:[email protected]!oi).

    Hierbij de logbestanden van Malwarebytes, DDS en GMER;

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 22-7-2014
    Scantijd: 11:05:29
    Logbestand: mbam-log-2014-07-22(11-05-09).txt
    Beheerder: Ja

    Versie: 2.00.2.1012
    Malwaredatabase: v2014.07.22.02
    Rootkitdatabase: v2014.07.17.01
    Licentie: Premium
    Malwarebescherming: Ingeschakeld
    Kwaadaardige Website Bescherming: Ingeschakeld
    Self-protection: Uitgeschakeld

    Besturingssysteem: Windows 8
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Jack

    Scantype: Bedreigingsscan
    Resultaat: Voltooid
    Objecten Gescand: 309558
    Verstreken Tijd: 12 m, 59 s

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Ingeschakeld
    Heuristics: Ingeschakeld
    POP: Waarschuwen
    POA: Ingeschakeld

    Processen: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registersleutels: 0
    (No malicious items detected)

    Registerwaardes: 0
    (No malicious items detected)

    Registerdata: 0
    (No malicious items detected)

    Mappen: 0
    (No malicious items detected)

    Bestanden: 0
    (No malicious items detected)

    Fysieke Sectoren: 0
    (No malicious items detected)


    (end)


    --------------------------------------------------------------------------------------------------------

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.17028 BrowserJavaVersion: 10.45.2
    Run by Jack at 13:13:34 on 2014-07-22
    Microsoft Windows 8 6.2.9200.0.1252.31.1031.18.6091.3414 [GMT 2:00]
    .
    AV: G Data InternetSecurity *Enabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: G Data InternetSecurity *Enabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: G Data Personal Firewall *Enabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
    C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
    C:\Windows\system32\dwm.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
    C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
    C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    C:\Windows\system32\dashost.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
    C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
    C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Windows\system32\taskhostex.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
    C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
    C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
    C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
    C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
    C:\Program Files\Classic Shell\ClassicStartMenu.exe
    C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
    C:\Program Files\Sony\VAIO Update\VUAgent.exe
    C:\Windows\System32\RuntimeBroker.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
    C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
    C:\Program Files (x86)\SABnzbd\SABnzbd.exe
    C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
    C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Sony\VAIO Improvement\vim.exe
    C:\Program Files\Sony\VAIO Improvement\vim.exe
    C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
    C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
    C:\Windows\splwow64.exe
    C:\Program Files\Sony\VAIO Care\VCService.exe
    C:\Program Files\Sony\VAIO Care\VCAgent.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    mStart Page = about:blank
    mWinlogon: Userinit = userinit.exe,
    BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
    BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
    TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
    uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
    mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
    mRun: [G Data ASM] "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
    StartupFolder: C:\Users\Jack\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SABnzbd.lnk - C:\Program Files (x86)\SABnzbd\SABnzbd.exe
    mPolicies-System: DisableCAD = dword:1
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Formulieren Invullen - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
    IE: Formulieren opslaan - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
    IE: Menu aanpassen - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
    IE: RoboForm Werkbalk - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
    IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
    IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
    IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    TCP: NameServer = 192.168.1.254 195.241.77.55 195.241.77.58
    TCP: Interfaces\{B487C484-C29A-47DC-841F-AF20F2F42F04} : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{C5DB8A00-9FB0-43E6-8E40-14F9FCF66EAD} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
    TCP: Interfaces\{C5DB8A00-9FB0-43E6-8E40-14F9FCF66EAD}\3585535313542324544393 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{C5DB8A00-9FB0-43E6-8E40-14F9FCF66EAD}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    IFEO: AcroRd32.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    IFEO: vaiocare.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
    x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
    x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
    x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [BtTray] "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
    x64-Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
    x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
    x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    x64-Run: [Classic Start Menu] "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
    x64-mPolicies-System: DisableCAD = dword:1
    x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
    x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
    x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
    x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
    x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-IFEO: AcroRd32.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    x64-IFEO: vaiocare.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\a8ehqk7i.default\
    FF - prefs.js: browser.startup.homepage - hxxps://login.live.com/login.srf?wa=wsignin1.0&ct=1363802384&rver=6.1.6206.0&sa=1&ntprob=-1&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2F%3Fowa%3D1%26owasuffix%3Dowa%252f&id=64855&sn sc=1&cbcxt=mail
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.delta.tlbrSrchUrl -
    FF - user.js: extensions.delta.id - 862d94be000000000000a41731d03742
    FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    FF - user.js: extensions.delta.instlDay - 15976
    FF - user.js: extensions.delta.vrsn - 1.8.24.6
    FF - user.js: extensions.delta.vrsni - 1.8.24.6
    FF - user.js: extensions.delta.vrsnTs - 1.8.24.612:45:15
    FF - user.js: extensions.delta.prtnrId - delta
    FF - user.js: extensions.delta.prdct - delta
    FF - user.js: extensions.delta.aflt - babsst
    FF - user.js: extensions.delta.smplGrp - none
    FF - user.js: extensions.delta.tlbrId - base
    FF - user.js: extensions.delta.instlRef - sst
    FF - user.js: extensions.delta.dfltLng - nl
    FF - user.js: extensions.delta.excTlbr - false
    FF - user.js: extensions.delta.ffxUnstlRst - true
    FF - user.js: extensions.delta.admin - false
    FF - user.js: extensions.delta_i.babTrack - affID=121240&tt=240913_91215&tsp=5019
    FF - user.js: extensions.delta_i.babExt -
    FF - user.js: extensions.delta_i.srcExt - ss
    FF - user.js: extensions.delta.autoRvrt - false
    FF - user.js: extensions.delta.rvrt - false
    FF - user.js: extensions.delta.newTab - false
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 GDBehave;GDBehave;C:\Windows\System32\Drivers\GDBehave.sys [2014-4-13 55808]
    R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-11-30 645952]
    R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-30 92536]
    R1 GDKBFlt;G Data GDKBFlt Driver;C:\Windows\System32\Drivers\GDKBFlt64.sys [2014-5-13 20992]
    R1 GDMnIcpt;GDMnIcpt;C:\Windows\System32\Drivers\MiniIcpt.sys [2014-4-13 142336]
    R1 gdwfpcd;G Data WFP CD;C:\Windows\System32\Drivers\gdwfpcd64.sys [2014-4-13 67584]
    R1 GRD;G Data Rootkit Detector Driver;C:\Windows\System32\Drivers\GRD.sys [2014-4-13 106272]
    R1 HookCentre;HookCentre;C:\Windows\System32\Drivers\HookCentre.sys [2014-4-13 61440]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-21 239616]
    R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-10-9 219776]
    R2 AVKProxy;G Data AntiVirus Proxy;C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2014-5-27 2250360]
    R2 AVKService;G Data Scheduler;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2013-12-19 914552]
    R2 AVKWCtl;G Data Bestandssysteembewaker;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2014-5-20 2683760]
    R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-30 2445968]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-11-30 129856]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-30 166720]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-3 1809720]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-3 860472]
    R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-8 2099000]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-30 365376]
    R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-10-9 323584]
    R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2013-1-19 88728]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-8-21 98472]
    R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2013-1-19 344216]
    R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2013-1-19 114840]
    R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2013-1-19 33944]
    R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2013-1-19 178840]
    R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2013-1-19 76952]
    R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2013-1-19 135832]
    R3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\Drivers\btath_vdp.sys [2013-1-19 427416]
    R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-1-19 576152]
    R3 BthLEEnum;Bluetooth Low Energy-stuurprogramma;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
    R3 GDFwSvc;G Data Personal Firewall;C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2014-5-20 3203392]
    R3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\Drivers\PktIcpt.sys [2014-4-13 64000]
    R3 GDScan;G Data Scanner;C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2014-5-20 700536]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-7-3 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\Drivers\MBAMSwissArmy.sys [2014-7-3 122584]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\Drivers\mwac.sys [2014-7-3 64216]
    R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-7-31 683664]
    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\Drivers\SFEP.sys [2012-7-16 14336]
    R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-9-27 44344]
    R3 SOWS;Sony Wireless State Device;C:\Windows\System32\Drivers\sows.sys [2012-7-5 24280]
    R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2014-2-20 60504]
    R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2014-5-25 1642544]
    R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-10-28 107288]
    S3 e1yexpress;Stuurprogramma voor Intel(R) Gigabit-netwerkverbindingen;C:\Windows\System32\Drivers\e1y60x64.sys [2012-6-2 283136]
    S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\Drivers\ggflt.sys [2013-11-15 14448]
    S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [2013-10-16 235216]
    S3 NetworkSupport;NetworkSupport;C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2012-11-30 623784]
    S3 Revoflt;Revoflt;C:\Windows\System32\Drivers\revoflt.sys [2013-9-28 31800]
    S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\Drivers\RtsPStor.sys [2012-11-30 339600]
    S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-1-5 155824]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-10-28 204568]
    S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\System32\Drivers\ssudserd.sys [2013-10-28 204568]
    S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-11-30 476328]
    S3 WSDScan;Ondersteuning voor WSD-scan;C:\Windows\System32\Drivers\WSDScan.sys [2013-1-7 23552]
    S4 ESRV_SVC;Energy Server Service;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-19 377768]
    S4 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-8-8 123616]
    S4 SOHDms;VAIO Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-8-8 460512]
    S4 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-8-8 78048]
    S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
    S4 USER_ESRV_SVC;User Energy Server Service;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-19 377768]
    S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-8-8 972000]
    .
    =============== File Associations ===============
    .
    FileExt: .vbe: VBEFile=C:\Windows\SysWow64\WScript.exe "%1" %*
    FileExt: .vbs: VBSFile=C:\Windows\SysWow64\WScript.exe "%1" %*
    .
    =============== Created Last 30 ================
    .
    2014-07-18 12:14:35 -------- d-----w- C:\Program Files (x86)\Siber Systems
    2014-07-16 04:19:23 703968 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-07-16 04:19:23 105440 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-07-07 17:28:00 86528 ----a-w- C:\Windows\SysWow64\wudriver.dll
    2014-07-07 17:28:00 176640 ----a-w- C:\Windows\System32\storewuauth.dll
    2014-07-07 17:28:00 100352 ----a-w- C:\Windows\System32\wudriver.dll
    2014-07-07 17:27:56 253440 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
    2014-07-07 17:27:53 1623040 ----a-w- C:\Windows\System32\wucltux.dll
    2014-07-07 17:27:29 40448 ----a-w- C:\Windows\System32\wuapp.exe
    2014-07-07 17:27:29 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
    2014-07-07 17:27:29 144384 ----a-w- C:\Windows\System32\wuwebv.dll
    2014-07-07 17:27:29 128000 ----a-w- C:\Windows\SysWow64\wuwebv.dll
    2014-07-03 16:37:47 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-07-03 16:37:31 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-07-03 16:37:31 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-07-03 16:37:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-07-03 16:35:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-07-03 16:35:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    .
    ==================== Find3M ====================
    .
    2014-07-18 11:36:24 64000 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys
    2014-07-18 11:36:18 20992 ----a-w- C:\Windows\System32\drivers\GDKBFlt64.sys
    2014-07-18 11:36:14 67584 ----a-w- C:\Windows\System32\drivers\gdwfpcd64.sys
    2014-07-18 11:36:12 61440 ----a-w- C:\Windows\System32\drivers\HookCentre.sys
    2014-07-18 11:36:12 55808 ----a-w- C:\Windows\System32\drivers\GDBehave.sys
    2014-07-18 11:36:12 142336 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys
    2014-06-19 02:12:11 2239488 ----a-w- C:\Windows\System32\wininet.dll
    2014-06-19 02:12:02 915968 ----a-w- C:\Windows\System32\uxtheme.dll
    2014-06-19 02:12:02 53760 ----a-w- C:\Windows\System32\UXInit.dll
    2014-06-19 02:10:33 3959296 ----a-w- C:\Windows\System32\jscript9.dll
    2014-06-19 02:10:28 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2014-06-19 02:10:28 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2014-06-19 02:09:55 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-06-19 00:53:52 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-06-19 00:53:42 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
    2014-06-19 00:52:46 2863616 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-06-19 00:52:42 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-06-19 00:52:42 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2014-06-19 00:52:19 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-06-19 00:33:44 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-06-19 00:30:35 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-06-18 22:05:00 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
    2014-06-17 23:27:37 1440256 ----a-w- C:\Windows\SysWow64\osk.exe
    2014-06-17 23:24:48 1557504 ----a-w- C:\Windows\System32\osk.exe
    2014-06-11 04:18:14 4038144 ----a-w- C:\Windows\System32\win32k.sys
    2014-06-06 14:06:38 596480 ----a-w- C:\Windows\System32\qedit.dll
    2014-06-06 10:17:56 497152 ----a-w- C:\Windows\SysWow64\qedit.dll
    2014-06-05 12:11:26 9336 ------w- C:\Windows\SysWow64\GDScrSv.nl.dll
    2014-06-02 22:33:45 265216 ----a-w- C:\Windows\System32\InkEd.dll
    2014-05-29 23:31:26 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
    2014-05-29 23:03:04 588288 ----a-w- C:\Windows\System32\SHCore.dll
    2014-05-29 23:02:28 439808 ----a-w- C:\Windows\System32\lsm.dll
    2014-05-29 23:02:27 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
    2014-05-29 22:24:46 576512 ----a-w- C:\Windows\System32\drivers\afd.sys
    2014-05-26 10:37:29 18160 ----a-w- C:\Windows\System32\drivers\GdPhyMem.sys
    2014-05-22 10:53:32 106272 ----a-w- C:\Windows\System32\drivers\GRD.sys
    2014-05-03 06:34:30 6974808 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2014-05-03 06:33:02 1824808 ----a-w- C:\Windows\System32\ntdll.dll
    2014-05-03 05:47:22 3246592 ----a-w- C:\Windows\System32\rdpcorets.dll
    2014-05-03 04:51:57 1408976 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2014-05-03 03:34:54 235520 ----a-w- C:\Windows\System32\rdpudd.dll
    2014-05-01 22:37:16 1023488 ----a-w- C:\Windows\System32\localspl.dll
    2014-04-29 22:32:46 126464 ----a-w- C:\Windows\System32\Robocopy.exe
    2014-04-29 22:32:07 1301504 ----a-w- C:\Windows\System32\gdi32.dll
    2014-04-29 22:32:00 106496 ----a-w- C:\Windows\SysWow64\Robocopy.exe
    2014-04-29 22:22:23 1023488 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2014-04-28 05:08:05 13792 ----a-w- C:\Windows\System32\drivers\semav6thermal64ro.sys
    2014-04-23 23:51:02 566784 ----a-w- C:\Windows\SysWow64\WSShared.dll
    2014-04-23 23:51:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
    2014-04-23 23:38:47 693760 ----a-w- C:\Windows\System32\WSShared.dll
    2014-04-23 23:38:47 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
    .
    ============= FINISH: 13:14:42,82 ===============



    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-07-22 13:43:01
    Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003c TOSHIBA_MQ01ABD075 rev.AX0A3H 698,64GB
    Running: llte14to.exe; Driver: C:\Users\Jack\AppData\Local\Temp\pxloypog.sys


    ---- Kernel code sections - GMER 2.1 ----

    .text C:\Windows\System32\win32k.sys!W32pServiceTable fffff9600017bc00 7 bytes [00, 12, 81, 01, 00, 1B, F2]
    .text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff9600017bc08 7 bytes [01, 18, C0, FF, 00, D7, DA]

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe[2344] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fe7078177a 4 bytes [78, 70, FE, 07]
    .text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe[2344] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fe70781782 4 bytes [78, 70, FE, 07]
    .text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[4088] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fe7078177a 4 bytes [78, 70, FE, 07]
    .text C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe[4088] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fe70781782 4 bytes [78, 70, FE, 07]

    ---- Threads - GMER 2.1 ----

    Thread C:\Windows\system32\csrss.exe [676:700] fffff960009535e8
    Thread C:\Windows\System32\svchost.exe [940:5464] 000007fe6b3bd594
    Thread C:\Windows\System32\svchost.exe [940:5508] 000007fe6b3b4150
    Thread C:\Windows\System32\svchost.exe [940:9692] 000007fe672354c0
    Thread C:\Windows\system32\svchost.exe [1052:4896] 000007fe5a383158
    Thread C:\Windows\system32\svchost.exe [1052:2932] 000007fe5a331fe4
    Thread C:\Windows\system32\svchost.exe [1052:1136] 000007fe5a3e54f8
    Thread C:\Windows\system32\svchost.exe [1052:6528] 000007fe5a292520
    Thread C:\Windows\system32\svchost.exe [1052:1032] 000007fe59f710f0
    Thread C:\Windows\system32\svchost.exe [1052:11204] 000007fe5c0c16b0
    Thread C:\Windows\system32\svchost.exe [1700:1720] 000007fe6dbf3c90
    Thread C:\Windows\system32\svchost.exe [1700:1732] 000007fe6dbf3c90
    Thread C:\Windows\system32\svchost.exe [1700:1744] 000007fe6dbf3c90
    Thread C:\Windows\system32\svchost.exe [1700:1752] 000007fe68b09240
    Thread C:\Windows\system32\svchost.exe [1700:1776] 000007fe68ae7cf0
    Thread C:\Windows\system32\svchost.exe [1700:1784] 000007fe68b16d90
    Thread C:\Windows\system32\svchost.exe [1700:1788] 000007fe68ae7ea0
    Thread C:\Windows\system32\svchost.exe [1700:1264] 000007fe686131a0
    Thread C:\Windows\system32\svchost.exe [1700:2988] 000007fe68619c68
    Thread C:\Windows\system32\svchost.exe [1700:3124] 000007fe65aa24e8
    Thread C:\Windows\system32\svchost.exe [1700:3312] 000007fe65881544
    Thread C:\Windows\system32\svchost.exe [1700:3340] 000007fe658655dc
    Thread C:\Windows\system32\svchost.exe [1700:3732] 000007fe65524910
    Thread C:\Windows\system32\svchost.exe [1700:7836] 000007fe65521044
    Thread C:\Windows\SysWOW64\DllHost.exe [3104:3152] 00000000729e28f0
    Thread C:\Windows\SysWOW64\DllHost.exe [8932:5612] 0000000074d94f62

    ---- Disk sectors - GMER 2.1 ----

    Disk \Device\Harddisk0\DR0 unknown MBR code

    ---- EOF - GMER 2.1 ----
    Last edited by Jakeman07; 22-07-14, 13:43.

  • #2
    Hoi Jakeman87 en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub . ( INFO )
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Heb je deze richtlijnen gelezen en begrepen, mag je verder gaan.....



    Stap 1:

    Malware scannen en verwijderen....

    Heb je MBAM reeds op je pc staan, moet je niet downloaden uiteraard.

    Download Malwarebytes Anti-Malware naar je bureaublad .

    Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    KLIK HIER voor een vergroting! 
    Klik op de foto voor een vergroting...

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    .
    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs. Dus een tweede "snelle scan" log enkel indien de VOLLEDIGE scan "iets" gevonden heeft.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    .___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scannen
    • Klik op Verwijderen
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent een logfile (C:\ AdwCleaner\AdwCleaner[xx].txt
    Post deze inhoud hier op het Forum.

    Enkel de log na de "Verwijderen" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in.
    Deze word standaard door AdwCleaner terug gezet naar Google.com
    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.


    ___________________________________________________________

    Stap 4:

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.


    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Scandatum: 23-7-2014
      Scantijd: 06:14:47
      Logbestand: mbamlog 20140723.txt
      Beheerder: Ja

      Versie: 2.00.2.1012
      Malwaredatabase: v2014.07.22.11
      Rootkitdatabase: v2014.07.17.01
      Licentie: Premium
      Malwarebescherming: Ingeschakeld
      Kwaadaardige Website Bescherming: Ingeschakeld
      Self-protection: Uitgeschakeld

      Besturingssysteem: Windows 8
      Processor: x64
      Bestandssysteem: NTFS
      Gebruiker: Jack

      Scantype: Bedreigingsscan
      Resultaat: Voltooid
      Objecten Gescand: 308949
      Verstreken Tijd: 11 m, 52 s

      Geheugen: Ingeschakeld
      Opstarten: Ingeschakeld
      Bestandssysteem: Ingeschakeld
      Archieven: Ingeschakeld
      Rootkits: Ingeschakeld
      Heuristics: Ingeschakeld
      POP: Waarschuwen
      POA: Ingeschakeld

      Processen: 0
      (No malicious items detected)

      Modules: 0
      (No malicious items detected)

      Registersleutels: 0
      (No malicious items detected)

      Registerwaardes: 0
      (No malicious items detected)

      Registerdata: 0
      (No malicious items detected)

      Mappen: 0
      (No malicious items detected)

      Bestanden: 0
      (No malicious items detected)

      Fysieke Sectoren: 0
      (No malicious items detected)


      (end)

      -------------------------------------------------------------------------------------------------------------------------

      # AdwCleaner v3.216 - Bericht erstellt am 23/07/2014 um 07:30:59
      # Aktualisiert 17/07/2014 von Xplode
      # Betriebssystem : Windows 8 (64 bits)
      # Benutzername : Jack - VAIO
      # Gestartet von : C:\Users\Jack\Downloads\adwcleaner_3.216.exe
      # Option : Suchen

      ***** [ Dienste ] *****


      ***** [ Dateien / Ordner ] *****


      ***** [ Verknüpfungen ] *****


      ***** [ Registrierungsdatenbank ] *****

      Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
      Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

      ***** [ Browser ] *****

      -\\ Internet Explorer v10.0.9200.17028


      -\\ Mozilla Firefox v31.0 (x86 nl)

      [ Datei : C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\a8ehqk7i.default\prefs.js ]


      -\\ Google Chrome v36.0.1985.125

      [ Datei : C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\preferences ]


      *************************

      AdwCleaner[R0].txt - [1123 octets] - [23/07/2014 07:30:59]

      ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1183 octets] ##########


      ------------------------------------------------------------------------------------------------------------------------------------

      # AdwCleaner v3.216 - Bericht erstellt am 23/07/2014 um 07:31:59
      # Aktualisiert 17/07/2014 von Xplode
      # Betriebssystem : Windows 8 (64 bits)
      # Benutzername : Jack - VAIO
      # Gestartet von : C:\Users\Jack\Downloads\adwcleaner_3.216.exe
      # Option : Löschen

      ***** [ Dienste ] *****


      ***** [ Dateien / Ordner ] *****


      ***** [ Verknüpfungen ] *****


      ***** [ Registrierungsdatenbank ] *****

      Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
      Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

      ***** [ Browser ] *****

      -\\ Internet Explorer v10.0.9200.17028


      -\\ Mozilla Firefox v31.0 (x86 nl)

      [ Datei : C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\a8ehqk7i.default\prefs.js ]


      -\\ Google Chrome v36.0.1985.125

      [ Datei : C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\preferences ]


      *************************

      AdwCleaner[R0].txt - [1267 octets] - [23/07/2014 07:30:59]
      AdwCleaner[S0].txt - [1184 octets] - [23/07/2014 07:31:59]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1244 octets] ##########


      ------------------------------------------------------------------------------------------------------------------------------

      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 10.0.9200.17028 BrowserJavaVersion: 10.45.2
      Run by Jack at 7:44:47 on 2014-07-23
      Microsoft Windows 8 6.2.9200.0.1252.31.1031.18.6091.3944 [GMT 2:00]
      .
      AV: G Data InternetSecurity *Enabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
      AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      SP: G Data InternetSecurity *Enabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      FW: G Data Personal Firewall *Enabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
      .
      ============== Running Processes ===============
      .
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\svchost.exe -k RPCSS
      C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
      C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
      C:\Windows\system32\dwm.exe
      C:\Windows\system32\atiesrxx.exe
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\atieclxx.exe
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
      C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
      C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
      C:\Windows\system32\dashost.exe
      C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
      C:\Program Files\Intel\iCLS Client\HeciServer.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
      C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
      C:\Windows\system32\svchost.exe -k imgsvc
      C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
      C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
      C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
      C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
      C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
      C:\Windows\SysWOW64\DllHost.exe
      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
      C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
      C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      C:\Windows\system32\svchost.exe -k WindowsMobile
      C:\Windows\system32\SearchIndexer.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      C:\Program Files\Sony\VAIO Improvement\vim.exe
      C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
      C:\Windows\system32\taskhostex.exe
      C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
      C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
      C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
      C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
      C:\Program Files\Classic Shell\ClassicStartMenu.exe
      C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
      C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
      C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\System32\RuntimeBroker.exe
      C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
      C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
      C:\Windows\WindowsMobile\wmdc.exe
      C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
      C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
      C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
      C:\Program Files (x86)\SABnzbd\SABnzbd.exe
      C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
      C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
      C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
      C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
      C:\Program Files\Sony\VAIO Update\VUAgent.exe
      C:\Windows\explorer.exe
      C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
      C:\Windows\splwow64.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\system32\SearchProtocolHost.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Program Files\Sony\VAIO Improvement\vim.exe
      C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
      C:\Program Files\Sony\VAIO Care\VCService.exe
      C:\Program Files\Sony\VAIO Care\VCAgent.exe
      C:\Windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = about:blank
      mStart Page = about:blank
      mWinlogon: Userinit = userinit.exe,
      BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
      BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
      BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
      BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
      BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
      TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
      TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
      uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
      uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
      uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
      mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
      mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
      mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
      mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
      mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      mRun: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
      mRun: [G Data ASM] "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
      StartupFolder: C:\Users\Jack\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SABnzbd.lnk - C:\Program Files (x86)\SABnzbd\SABnzbd.exe
      mPolicies-System: DisableCAD = dword:1
      IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
      IE: Formulieren Invullen - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
      IE: Formulieren opslaan - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
      IE: Menu aanpassen - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
      IE: RoboForm Werkbalk - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
      IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
      IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
      IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
      IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
      IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
      IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
      IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
      TCP: NameServer = 192.168.1.254 195.241.77.55 195.241.77.58
      TCP: Interfaces\{B487C484-C29A-47DC-841F-AF20F2F42F04} : DHCPNameServer = 192.168.1.254
      TCP: Interfaces\{C5DB8A00-9FB0-43E6-8E40-14F9FCF66EAD} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
      TCP: Interfaces\{C5DB8A00-9FB0-43E6-8E40-14F9FCF66EAD}\3585535313542324544393 : DHCPNameServer = 192.168.2.1
      TCP: Interfaces\{C5DB8A00-9FB0-43E6-8E40-14F9FCF66EAD}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141
      Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
      SSODL: WebCheck - <orphaned>
      SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
      mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      IFEO: AcroRd32.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
      IFEO: vaiocare.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
      x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
      x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
      x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
      x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
      x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
      x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
      x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
      x64-BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
      x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
      x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
      x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
      x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
      x64-Run: [BtTray] "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
      x64-Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
      x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
      x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
      x64-Run: [Classic Start Menu] "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
      x64-mPolicies-System: DisableCAD = dword:1
      x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
      x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
      x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
      x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
      x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
      x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
      x64-SSODL: WebCheck - <orphaned>
      x64-IFEO: AcroRd32.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
      x64-IFEO: vaiocare.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\a8ehqk7i.default\
      FF - prefs.js: browser.startup.homepage - hxxps://login.live.com/login.srf?wa=wsignin1.0&ct=1363802384&rver=6.1.6206.0&sa=1&ntprob=-1&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2F%3Fowa%3D1%26owasuffix%3Dowa%252f&id=64855&sn sc=1&cbcxt=mail
      FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
      FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
      FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
      FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
      FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
      FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
      FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
      FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 GDBehave;GDBehave;C:\Windows\System32\Drivers\GDBehave.sys [2014-4-13 55808]
      R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-11-30 645952]
      R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-30 92536]
      R1 GDKBFlt;G Data GDKBFlt Driver;C:\Windows\System32\Drivers\GDKBFlt64.sys [2014-5-13 20992]
      R1 GDMnIcpt;GDMnIcpt;C:\Windows\System32\Drivers\MiniIcpt.sys [2014-4-13 142336]
      R1 gdwfpcd;G Data WFP CD;C:\Windows\System32\Drivers\gdwfpcd64.sys [2014-4-13 67584]
      R1 GRD;G Data Rootkit Detector Driver;C:\Windows\System32\Drivers\GRD.sys [2014-4-13 106272]
      R1 HookCentre;HookCentre;C:\Windows\System32\Drivers\HookCentre.sys [2014-4-13 61440]
      R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-21 239616]
      R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-10-9 219776]
      R2 AVKProxy;G Data AntiVirus Proxy;C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2014-5-27 2250360]
      R2 AVKService;G Data Scheduler;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2013-12-19 914552]
      R2 AVKWCtl;G Data Bestandssysteembewaker;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2014-5-20 2683760]
      R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-30 2445968]
      R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
      R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-11-30 129856]
      R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-30 166720]
      R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-3 1809720]
      R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-3 860472]
      R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-8 2099000]
      R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-30 365376]
      R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-10-9 323584]
      R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2013-1-19 88728]
      R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-8-21 98472]
      R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2013-1-19 344216]
      R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2013-1-19 114840]
      R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2013-1-19 33944]
      R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2013-1-19 178840]
      R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2013-1-19 76952]
      R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2013-1-19 135832]
      R3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\Drivers\btath_vdp.sys [2013-1-19 427416]
      R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-1-19 576152]
      R3 BthLEEnum;Bluetooth Low Energy-stuurprogramma;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
      R3 GDFwSvc;G Data Personal Firewall;C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2014-5-20 3203392]
      R3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\Drivers\PktIcpt.sys [2014-4-13 64000]
      R3 GDScan;G Data Scanner;C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2014-5-20 700536]
      R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-7-3 25816]
      R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\Drivers\MBAMSwissArmy.sys [2014-7-3 122584]
      R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\Drivers\mwac.sys [2014-7-3 64216]
      R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-7-31 683664]
      R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\Drivers\SFEP.sys [2012-7-16 14336]
      R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-9-27 44344]
      R3 SOWS;Sony Wireless State Device;C:\Windows\System32\Drivers\sows.sys [2012-7-5 24280]
      R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2014-2-20 60504]
      R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2014-5-25 1642544]
      S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-10-28 107288]
      S3 e1yexpress;Stuurprogramma voor Intel(R) Gigabit-netwerkverbindingen;C:\Windows\System32\Drivers\e1y60x64.sys [2012-6-2 283136]
      S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\Drivers\ggflt.sys [2013-11-15 14448]
      S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [2013-10-16 235216]
      S3 NetworkSupport;NetworkSupport;C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2012-11-30 623784]
      S3 Revoflt;Revoflt;C:\Windows\System32\Drivers\revoflt.sys [2013-9-28 31800]
      S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\Drivers\RtsPStor.sys [2012-11-30 339600]
      S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-1-5 155824]
      S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-10-28 204568]
      S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\System32\Drivers\ssudserd.sys [2013-10-28 204568]
      S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-11-30 476328]
      S3 WSDScan;Ondersteuning voor WSD-scan;C:\Windows\System32\Drivers\WSDScan.sys [2013-1-7 23552]
      S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
      S4 ESRV_SVC;Energy Server Service;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-19 377768]
      S4 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-8-8 123616]
      S4 SOHDms;VAIO Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-8-8 460512]
      S4 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-8-8 78048]
      S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
      S4 USER_ESRV_SVC;User Energy Server Service;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-19 377768]
      S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-8-8 972000]
      .
      =============== File Associations ===============
      .
      FileExt: .vbe: VBEFile=C:\Windows\SysWow64\WScript.exe "%1" %*
      FileExt: .vbs: VBSFile=C:\Windows\SysWow64\WScript.exe "%1" %*
      .
      =============== Created Last 30 ================
      .
      2014-07-23 05:30:49 -------- d-----w- C:\AdwCleaner
      2014-07-23 05:11:28 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
      2014-07-18 12:14:35 -------- d-----w- C:\Program Files (x86)\Siber Systems
      2014-07-16 04:19:23 703968 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2014-07-16 04:19:23 105440 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2014-07-07 17:28:00 86528 ----a-w- C:\Windows\SysWow64\wudriver.dll
      2014-07-07 17:28:00 176640 ----a-w- C:\Windows\System32\storewuauth.dll
      2014-07-07 17:28:00 100352 ----a-w- C:\Windows\System32\wudriver.dll
      2014-07-07 17:27:56 253440 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
      2014-07-07 17:27:53 1623040 ----a-w- C:\Windows\System32\wucltux.dll
      2014-07-07 17:27:29 40448 ----a-w- C:\Windows\System32\wuapp.exe
      2014-07-07 17:27:29 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
      2014-07-07 17:27:29 144384 ----a-w- C:\Windows\System32\wuwebv.dll
      2014-07-07 17:27:29 128000 ----a-w- C:\Windows\SysWow64\wuwebv.dll
      2014-07-03 16:37:47 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
      2014-07-03 16:37:31 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
      2014-07-03 16:37:31 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
      2014-07-03 16:37:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
      2014-07-03 16:35:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
      2014-07-03 16:35:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
      .
      ==================== Find3M ====================
      .
      2014-07-18 11:36:24 64000 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys
      2014-07-18 11:36:18 20992 ----a-w- C:\Windows\System32\drivers\GDKBFlt64.sys
      2014-07-18 11:36:14 67584 ----a-w- C:\Windows\System32\drivers\gdwfpcd64.sys
      2014-07-18 11:36:12 61440 ----a-w- C:\Windows\System32\drivers\HookCentre.sys
      2014-07-18 11:36:12 55808 ----a-w- C:\Windows\System32\drivers\GDBehave.sys
      2014-07-18 11:36:12 142336 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys
      2014-06-19 02:12:11 2239488 ----a-w- C:\Windows\System32\wininet.dll
      2014-06-19 02:12:02 915968 ----a-w- C:\Windows\System32\uxtheme.dll
      2014-06-19 02:12:02 53760 ----a-w- C:\Windows\System32\UXInit.dll
      2014-06-19 02:10:33 3959296 ----a-w- C:\Windows\System32\jscript9.dll
      2014-06-19 02:10:28 67072 ----a-w- C:\Windows\System32\iesetup.dll
      2014-06-19 02:10:28 136704 ----a-w- C:\Windows\System32\iesysprep.dll
      2014-06-19 02:09:55 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
      2014-06-19 00:53:52 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
      2014-06-19 00:53:42 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
      2014-06-19 00:52:46 2863616 ----a-w- C:\Windows\SysWow64\jscript9.dll
      2014-06-19 00:52:42 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
      2014-06-19 00:52:42 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
      2014-06-19 00:52:19 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
      2014-06-19 00:33:44 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
      2014-06-19 00:30:35 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
      2014-06-18 22:05:00 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
      2014-06-17 23:27:37 1440256 ----a-w- C:\Windows\SysWow64\osk.exe
      2014-06-17 23:24:48 1557504 ----a-w- C:\Windows\System32\osk.exe
      2014-06-11 04:18:14 4038144 ----a-w- C:\Windows\System32\win32k.sys
      2014-06-06 14:06:38 596480 ----a-w- C:\Windows\System32\qedit.dll
      2014-06-06 10:17:56 497152 ----a-w- C:\Windows\SysWow64\qedit.dll
      2014-06-05 12:11:26 9336 ------w- C:\Windows\SysWow64\GDScrSv.nl.dll
      2014-06-02 22:33:45 265216 ----a-w- C:\Windows\System32\InkEd.dll
      2014-05-29 23:31:26 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
      2014-05-29 23:03:04 588288 ----a-w- C:\Windows\System32\SHCore.dll
      2014-05-29 23:02:28 439808 ----a-w- C:\Windows\System32\lsm.dll
      2014-05-29 23:02:27 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
      2014-05-29 22:24:46 576512 ----a-w- C:\Windows\System32\drivers\afd.sys
      2014-05-26 10:37:29 18160 ----a-w- C:\Windows\System32\drivers\GdPhyMem.sys
      2014-05-22 10:53:32 106272 ----a-w- C:\Windows\System32\drivers\GRD.sys
      2014-05-03 06:34:30 6974808 ----a-w- C:\Windows\System32\ntoskrnl.exe
      2014-05-03 06:33:02 1824808 ----a-w- C:\Windows\System32\ntdll.dll
      2014-05-03 05:47:22 3246592 ----a-w- C:\Windows\System32\rdpcorets.dll
      2014-05-03 04:51:57 1408976 ----a-w- C:\Windows\SysWow64\ntdll.dll
      2014-05-03 03:34:54 235520 ----a-w- C:\Windows\System32\rdpudd.dll
      2014-05-01 22:37:16 1023488 ----a-w- C:\Windows\System32\localspl.dll
      2014-04-29 22:32:46 126464 ----a-w- C:\Windows\System32\Robocopy.exe
      2014-04-29 22:32:07 1301504 ----a-w- C:\Windows\System32\gdi32.dll
      2014-04-29 22:32:00 106496 ----a-w- C:\Windows\SysWow64\Robocopy.exe
      2014-04-29 22:22:23 1023488 ----a-w- C:\Windows\SysWow64\gdi32.dll
      2014-04-28 05:08:05 13792 ----a-w- C:\Windows\System32\drivers\semav6thermal64ro.sys
      .
      ============= FINISH: 7:45:38,37 ===============


      ------------------------------------------------------------------------------------------------------------------------------

      Results of screen317's Security Check version 0.99.86
      x64 (UAC is enabled)
      Internet Explorer 10 Out of date!
      ``````````````Antivirus/Firewall Check:``````````````
      Windows Firewall Enabled!
      G Data InternetSecurity
      Windows Defender
      Antivirus up to date!
      `````````Anti-malware/Other Utilities Check:`````````
      AVG PC TuneUp 2014
      AVG PC TuneUp 2014 (nl-NL)
      TuneUp Utilities Language Pack (en-US)
      Java 7 Update 45
      Java version out of Date!
      Adobe Flash Player 14.0.0.145
      Adobe Reader 10.1.10 Adobe Reader out of Date!
      Mozilla Firefox (31.0)
      Google Chrome 35.0.1916.153
      Google Chrome 36.0.1985.125
      ````````Process Check: objlist.exe by Laurent````````
      Malwarebytes Anti-Malware mbamservice.exe
      Malwarebytes Anti-Malware mbam.exe
      Malwarebytes Anti-Malware mbamscheduler.exe
      G Data InternetSecurity Firewall GDFwSvcx64.exe
      G Data InternetSecurity Firewall GDFirewallTray.exe
      `````````````````System Health check`````````````````
      Total Fragmentation on Drive C: %
      ````````````````````End of Log``````````````````````

      Comment


      • #4
        Verwijder de volgende tools via Software:

        Java 7 Update 45
        Adobe Reader 10.1.10

        PC herstarten


        Download of Update Ccleaner

        Start CCleaner op.
        • Run Ccleaner en klik in de linkse kolom op Opties
        • Selecteer het tabblad Geavanceerd
        • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
        • Selecteer het tabblad Instellingen
        • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
        • Klik in de linkse kolom op Cleaner.
        • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
        • Klik vervolgens in de linkse kolom op Register
        • Klik op Scan naar problemen.
        • Op de vraag of je een backup wil maken van het register, klik je "Ja".
        • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

        .

        Hoe is het nu?
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Ik heb de instructies uitgevoerd, maar helaas crasht Windows verkenner nog steeds.

          Na het opstarten verscheen overigens spontaan de map (C:\Windows\SysWOW64) waar volgens G-Data het virus in zit dat in quarantaine is geplaatst.

          Comment


          • #6
            mag ik die bewuste log van G-Data aub?
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              Het spijt mee, maar ik kan de bewuste logs niet terugvinden in het logboek, alleen in quarantaine lijst.

              Daarin staan 5 vermeldingen van het bewuste virus (Gen:[email protected]!oi) in 5 verschillende objecten, waarvan 4 in de map C:\Windows\SysWOW64 en 1 in de map C:\Windows\SxS\wow64_microsoft-windows-ehome-ehui.......

              Comment


              • #8
                OK

                Download Combofix naar je bureaublad.
                (Dus niet naar een download map of temp map)

                Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

                Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

                Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                Als Combofix vraagt om een update, dan staat je dit toe.

                Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                Deze kan je vinden als C:\combofix.txt.

                Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                • Illegal operation attempted on a registry key that has been marked for deletion.
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  ComboFix 14-07-22.01 - Jack 24-07-2014 7:40.1.4 - x64
                  Microsoft Windows 8 6.2.9200.0.1252.31.1031.18.6091.4311 [GMT 2:00]
                  Gestart vanuit: c:\users\Jack\Desktop\ComboFix.exe
                  AV: G Data InternetSecurity *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
                  AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  FW: G Data Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
                  SP: G Data InternetSecurity *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
                  SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  .
                  .
                  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  .
                  c:\users\Jack\AppData\Roaming\inst.exe
                  .
                  .
                  (((((((((((((((((((( Bestanden Gemaakt van 2014-06-24 to 2014-07-24 ))))))))))))))))))))))))))))))
                  .
                  .
                  2014-07-24 05:51 . 2014-07-24 05:51 -------- d-----w- c:\users\Default\AppData\Local\temp
                  2014-07-24 05:00 . 2014-07-24 05:00 -------- d-----w- c:\program files (x86)\Common Files\Adobe
                  2014-07-23 05:30 . 2014-07-23 05:51 -------- d-----w- C:\AdwCleaner
                  2014-07-23 05:11 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
                  2014-07-18 12:14 . 2014-07-18 12:14 -------- d-----w- c:\program files (x86)\Siber Systems
                  2014-07-16 04:19 . 2014-06-26 20:53 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                  2014-07-16 04:19 . 2014-06-26 20:53 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                  2014-07-07 17:28 . 2014-05-19 23:45 86528 ----a-w- c:\windows\SysWow64\wudriver.dll
                  2014-07-07 17:28 . 2014-05-19 23:24 100352 ----a-w- c:\windows\system32\wudriver.dll
                  2014-07-07 17:28 . 2014-05-19 23:24 176640 ----a-w- c:\windows\system32\storewuauth.dll
                  2014-07-07 17:27 . 2014-05-20 02:33 59416 ----a-w- c:\windows\system32\wuauclt.exe
                  2014-07-07 17:27 . 2014-05-19 23:24 253440 ----a-w- c:\windows\system32\WUSettingsProvider.dll
                  2014-07-07 17:27 . 2014-05-19 23:45 629248 ----a-w- c:\windows\SysWow64\wuapi.dll
                  2014-07-07 17:27 . 2014-05-19 23:24 3286528 ----a-w- c:\windows\system32\wuaueng.dll
                  2014-07-07 17:27 . 2014-05-19 23:24 1623040 ----a-w- c:\windows\system32\wucltux.dll
                  2014-07-07 17:27 . 2014-05-19 23:24 773632 ----a-w- c:\windows\system32\wuapi.dll
                  2014-07-07 17:27 . 2014-05-14 22:43 40448 ----a-w- c:\windows\system32\wuapp.exe
                  2014-07-07 17:27 . 2014-05-14 22:43 144384 ----a-w- c:\windows\system32\wuwebv.dll
                  2014-07-07 17:27 . 2014-05-14 22:42 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
                  2014-07-07 17:27 . 2014-05-14 22:42 128000 ----a-w- c:\windows\SysWow64\wuwebv.dll
                  2014-07-03 16:37 . 2014-07-24 03:41 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                  2014-07-03 16:37 . 2014-05-12 05:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
                  2014-07-03 16:37 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
                  2014-07-03 16:37 . 2014-07-03 16:37 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
                  2014-07-03 16:35 . 2014-07-03 16:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
                  2014-07-03 16:35 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
                  .
                  .
                  .
                  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  2014-07-18 11:36 . 2014-04-13 18:03 64000 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
                  2014-07-18 11:36 . 2014-05-13 09:34 20992 ----a-w- c:\windows\system32\drivers\GDKBFlt64.sys
                  2014-07-18 11:36 . 2014-04-13 18:02 67584 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys
                  2014-07-18 11:36 . 2014-04-13 18:02 61440 ----a-w- c:\windows\system32\drivers\HookCentre.sys
                  2014-07-18 11:36 . 2014-04-13 18:02 55808 ----a-w- c:\windows\system32\drivers\GDBehave.sys
                  2014-07-18 11:36 . 2014-04-13 18:02 142336 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
                  2014-07-09 15:16 . 2013-01-06 11:45 96441528 ----a-w- c:\windows\system32\MRT.exe
                  2014-06-05 12:11 . 2014-06-05 12:11 9336 ------w- c:\windows\SysWow64\GDScrSv.nl.dll
                  2014-05-26 10:37 . 2014-04-13 18:33 18160 ----a-w- c:\windows\system32\drivers\GdPhyMem.sys
                  2014-05-22 10:53 . 2014-04-13 18:33 106272 ----a-w- c:\windows\system32\drivers\GRD.sys
                  2014-05-03 05:47 . 2014-06-11 05:25 3246592 ----a-w- c:\windows\system32\rdpcorets.dll
                  2014-05-03 03:34 . 2014-06-11 05:25 235520 ----a-w- c:\windows\system32\rdpudd.dll
                  2014-04-29 22:32 . 2014-06-11 05:25 1301504 ----a-w- c:\windows\system32\gdi32.dll
                  2014-04-29 22:22 . 2014-06-11 05:25 1023488 ----a-w- c:\windows\SysWow64\gdi32.dll
                  2014-04-28 05:08 . 2014-04-28 05:10 13792 ----a-w- c:\windows\system32\drivers\semav6thermal64ro.sys
                  .
                  .
                  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  .
                  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                  REGEDIT4
                  .
                  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ShareOverlay]
                  @="{594D4122-1F87-41E2-96C7-825FB4796516}"
                  [HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
                  2014-03-30 16:33 683200 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
                  .
                  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-10-31 449760]
                  "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-02-21 39408]
                  "RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2014-07-18 109784]
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                  "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
                  "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2012-08-17 68776]
                  "Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-06-25 152896]
                  "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
                  "GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2014-05-20 1756792]
                  "G Data ASM"="c:\program files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" [2013-12-19 431224]
                  .
                  c:\users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
                  SABnzbd.lnk - c:\program files (x86)\SABnzbd\SABnzbd.exe -b0 [2013-1-5 103424]
                  .
                  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                  "ConsentPromptBehaviorAdmin"= 5 (0x5)
                  "EnableUIADesktopToggle"= 0 (0x0)
                  "EnableCursorSuppression"= 1 (0x1)
                  "ConsentPromptBehaviorUser"= 3 (0x3)
                  "DisableCAD"= 1 (0x1)
                  .
                  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
                  @=""
                  .
                  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
                  @=""
                  .
                  R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
                  R3 e1yexpress;Stuurprogramma voor Intel(R) Gigabit-netwerkverbindingen;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.s ys [x]
                  R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys;c:\windows\SYSNATIVE\drivers\ggflt.sys [x]
                  R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
                  R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
                  R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
                  R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
                  R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
                  R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
                  R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
                  R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
                  R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
                  R4 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
                  R4 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
                  R4 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
                  R4 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
                  R4 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
                  R4 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
                  R4 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
                  S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
                  S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
                  S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DR IVERS\CLVirtualDrive.sys [x]
                  S1 GDKBFlt;G Data GDKBFlt Driver;c:\windows\system32\drivers\GDKBFlt64.sys;c:\windows\SYSNATIVE\drivers\GDKBFlt64.sys [x]
                  S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
                  S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
                  S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]
                  S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCe ntre.sys [x]
                  S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
                  S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
                  S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
                  S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [x]
                  S2 AVKWCtl;G Data Bestandssysteembewaker;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [x]
                  S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
                  S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
                  S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
                  S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
                  S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
                  S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
                  S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
                  S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                  S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
                  S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
                  S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
                  S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
                  S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
                  S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
                  S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
                  S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
                  S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
                  S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
                  S3 BthLEEnum;Bluetooth Low Energy-stuurprogramma;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
                  S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
                  S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
                  S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
                  S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
                  S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\ drivers\mwac.sys [x]
                  S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
                  S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
                  S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_dr iver_Intel.sys [x]
                  S3 SOWS;Sony Wireless State Device;c:\windows\System32\drivers\sows.sys;c:\windows\SYSNATIVE\drivers\sows.sys [x]
                  S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
                  .
                  .
                  [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
                  2014-07-18 19:49 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
                  .
                  Inhoud van de 'Gedeelde Taken' map
                  .
                  2014-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
                  - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-30 16:36]
                  .
                  2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
                  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05 06:58]
                  .
                  2014-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
                  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05 06:58]
                  .
                  .
                  --------- X64 Entries -----------
                  .
                  .
                  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Sh areOverlay]
                  @="{594D4122-1F87-41E2-96C7-825FB4796516}"
                  [HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
                  2014-03-30 16:33 803008 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-20 1214608]
                  "BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-10-09 765056]
                  "BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-10-09 127616]
                  "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
                  "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
                  "Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2014-03-30 161984]
                  .
                  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
                  UxTuneUp
                  .
                  ------- Bijkomende Scan -------
                  .
                  uLocal Page = c:\windows\system32\blank.htm
                  uStart Page = about:blank
                  mStart Page = about:blank
                  mLocal Page = c:\windows\SysWOW64\blank.htm
                  IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
                  IE: Formulieren Invullen - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
                  IE: Formulieren opslaan - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
                  IE: Menu aanpassen - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
                  IE: RoboForm Werkbalk - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
                  TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
                  FF - ProfilePath - c:\users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\a8ehqk7i.default\
                  FF - prefs.js: browser.startup.homepage - hxxps://login.live.com/login.srf?wa=wsignin1.0&ct=1363802384&rver=6.1.6206.0&sa=1&ntprob=-1&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2F%3Fowa%3D1%26owasuffix%3Dowa%252f&id=64855&sn sc=1&cbcxt=mail
                  .
                  - - - - ORPHANS VERWIJDERD - - - -
                  .
                  HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
                  .
                  .
                  .
                  --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
                  @="?????????????????? v1"
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
                  @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
                  @="?????????????????? v2"
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
                  @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
                  "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
                  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
                  "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
                  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
                  @Denied: (A) (Everyone)
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
                  @Denied: (A) (Everyone)
                  .
                  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
                  "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
                  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
                  .
                  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
                  @Denied: (A) (Users)
                  @Denied: (A) (Everyone)
                  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                  "BlindDial"=dword:00000000
                  .
                  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                  @Denied: (Full) (Everyone)
                  @SACL=(02 0000)
                  .
                  Voltooingstijd: 2014-07-24 08:07:34
                  ComboFix-quarantined-files.txt 2014-07-24 06:07
                  .
                  Pre-Run: 503.405.408.256 bytes free
                  Post-Run: 503.284.514.816 bytes free
                  .
                  - - End Of File - - 1C18BEB314F4FDFDD161CDBE71E2B05E

                  ------------------------------------------------------------------------------------------------------------------------------

                  DDS (Ver_2012-11-20.01) - NTFS_AMD64
                  Internet Explorer: 10.0.9200.17028
                  Run by Jack at 8:35:00 on 2014-07-24
                  Microsoft Windows 8 6.2.9200.0.1252.31.1031.18.6091.4268 [GMT 2:00]
                  .
                  AV: G Data InternetSecurity *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
                  AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  SP: G Data InternetSecurity *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
                  SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  FW: G Data Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
                  .
                  ============== Running Processes ===============
                  .
                  C:\Windows\system32\svchost.exe -k DcomLaunch
                  C:\Windows\system32\svchost.exe -k RPCSS
                  C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
                  C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
                  C:\Windows\system32\dwm.exe
                  C:\Windows\system32\atiesrxx.exe
                  C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                  C:\Windows\system32\svchost.exe -k netsvcs
                  C:\Windows\system32\svchost.exe -k LocalService
                  C:\Windows\system32\atieclxx.exe
                  C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                  C:\Windows\system32\svchost.exe -k NetworkService
                  C:\Windows\System32\spoolsv.exe
                  C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                  C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
                  C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
                  C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
                  C:\Windows\system32\dashost.exe
                  C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
                  C:\Program Files\Intel\iCLS Client\HeciServer.exe
                  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
                  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
                  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
                  C:\Windows\system32\svchost.exe -k imgsvc
                  C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
                  C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
                  C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
                  C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
                  C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
                  C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
                  C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                  C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
                  C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                  C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
                  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
                  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                  C:\Windows\system32\svchost.exe -k WindowsMobile
                  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                  C:\Program Files\Sony\VAIO Improvement\vim.exe
                  C:\Program Files\Sony\VAIO Update\VUAgent.exe
                  C:\Windows\system32\wbem\wmiprvse.exe
                  C:\Windows\system32\taskhostex.exe
                  C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
                  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
                  C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
                  C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
                  C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
                  C:\Program Files\Classic Shell\ClassicStartMenu.exe
                  C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
                  C:\Windows\System32\RuntimeBroker.exe
                  C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
                  C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
                  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
                  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                  C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
                  C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
                  C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
                  C:\Windows\WindowsMobile\wmdc.exe
                  C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
                  C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
                  C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                  C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
                  C:\Program Files (x86)\SABnzbd\SABnzbd.exe
                  C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
                  C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
                  C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
                  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
                  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
                  C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
                  C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
                  C:\Windows\splwow64.exe
                  C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
                  C:\Program Files\Sony\VAIO Care\VCService.exe
                  C:\Program Files\Sony\VAIO Care\VCAgent.exe
                  C:\Windows\system32\taskhost.exe
                  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                  C:\Windows\system32\SearchIndexer.exe
                  C:\Program Files (x86)\G Data\InternetSecurity\GUI\GDSC.exe
                  C:\Windows\explorer.exe
                  C:\Windows\System32\cscript.exe
                  .
                  ============== Pseudo HJT Report ===============
                  .
                  uStart Page = about:blank
                  mStart Page = about:blank
                  BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
                  BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
                  BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
                  BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
                  BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
                  BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
                  TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
                  TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
                  uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
                  uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
                  uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
                  mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
                  mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
                  mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
                  mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
                  mRun: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
                  mRun: [G Data ASM] "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
                  StartupFolder: C:\Users\Jack\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SABnzbd.lnk - C:\Program Files (x86)\SABnzbd\SABnzbd.exe
                  uPolicies-Explorer: NoDrives = dword:0
                  mPolicies-Explorer: NoDrives = dword:0
                  mPolicies-System: DisableCAD = dword:1
                  IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
                  IE: Formulieren Invullen - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
                  IE: Formulieren opslaan - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
                  IE: Menu aanpassen - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
                  IE: RoboForm Werkbalk - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
                  IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
                  IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
                  IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
                  IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
                  IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
                  IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
                  IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
                  IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
                  TCP: NameServer = 192.168.1.254 195.241.77.55 195.241.77.58
                  TCP: Interfaces\{B487C484-C29A-47DC-841F-AF20F2F42F04} : DHCPNameServer = 192.168.1.254
                  TCP: Interfaces\{C5DB8A00-9FB0-43E6-8E40-14F9FCF66EAD} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
                  TCP: Interfaces\{C5DB8A00-9FB0-43E6-8E40-14F9FCF66EAD}\3585535313542324544393 : DHCPNameServer = 192.168.2.1
                  TCP: Interfaces\{C5DB8A00-9FB0-43E6-8E40-14F9FCF66EAD}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141
                  Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
                  SSODL: WebCheck - <orphaned>
                  SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
                  mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
                  x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
                  x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
                  x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
                  x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
                  x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
                  x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
                  x64-BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
                  x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
                  x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
                  x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
                  x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
                  x64-Run: [BtTray] "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
                  x64-Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
                  x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
                  x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
                  x64-Run: [Classic Start Menu] "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
                  x64-mPolicies-Explorer: NoDrives = dword:0
                  x64-mPolicies-System: DisableCAD = dword:1
                  x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
                  x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
                  x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
                  x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
                  x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
                  x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
                  x64-SSODL: WebCheck - <orphaned>
                  .
                  ================= FIREFOX ===================
                  .
                  FF - ProfilePath - C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\a8ehqk7i.default\
                  FF - prefs.js: browser.startup.homepage - hxxps://login.live.com/login.srf?wa=wsignin1.0&ct=1363802384&rver=6.1.6206.0&sa=1&ntprob=-1&wp=MBI_SSL_SHARED&wreply=https:%2F%2Fmail.live.com%2F%3Fowa%3D1%26owasuffix%3Dowa%252f&id=64855&sn sc=1&cbcxt=mail
                  FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
                  FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
                  FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
                  FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
                  FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
                  FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
                  .
                  ============= SERVICES / DRIVERS ===============
                  .
                  R0 GDBehave;GDBehave;C:\Windows\System32\Drivers\GDBehave.sys [2014-4-13 55808]
                  R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-11-30 645952]
                  R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-30 92536]
                  R1 GDKBFlt;G Data GDKBFlt Driver;C:\Windows\System32\Drivers\GDKBFlt64.sys [2014-5-13 20992]
                  R1 GDMnIcpt;GDMnIcpt;C:\Windows\System32\Drivers\MiniIcpt.sys [2014-4-13 142336]
                  R1 gdwfpcd;G Data WFP CD;C:\Windows\System32\Drivers\gdwfpcd64.sys [2014-4-13 67584]
                  R1 GRD;G Data Rootkit Detector Driver;C:\Windows\System32\Drivers\GRD.sys [2014-4-13 106272]
                  R1 HookCentre;HookCentre;C:\Windows\System32\Drivers\HookCentre.sys [2014-4-13 61440]
                  R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-21 239616]
                  R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-10-9 219776]
                  R2 AVKProxy;G Data AntiVirus Proxy;C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2014-5-27 2250360]
                  R2 AVKService;G Data Scheduler;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2013-12-19 914552]
                  R2 AVKWCtl;G Data Bestandssysteembewaker;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2014-5-20 2683760]
                  R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-30 2445968]
                  R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
                  R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-11-30 129856]
                  R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-30 166720]
                  R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-3 1809720]
                  R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-3 860472]
                  R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-8 2099000]
                  R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-30 365376]
                  R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-10-9 323584]
                  R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2013-1-19 88728]
                  R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-8-21 98472]
                  R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2013-1-19 344216]
                  R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2013-1-19 114840]
                  R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2013-1-19 33944]
                  R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2013-1-19 178840]
                  R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2013-1-19 76952]
                  R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2013-1-19 135832]
                  R3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\Drivers\btath_vdp.sys [2013-1-19 427416]
                  R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-1-19 576152]
                  R3 BthLEEnum;Bluetooth Low Energy-stuurprogramma;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
                  R3 GDFwSvc;G Data Personal Firewall;C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2014-5-20 3203392]
                  R3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\Drivers\PktIcpt.sys [2014-4-13 64000]
                  R3 GDScan;G Data Scanner;C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2014-5-20 700536]
                  R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-7-3 25816]
                  R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\Drivers\MBAMSwissArmy.sys [2014-7-3 122584]
                  R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\Drivers\mwac.sys [2014-7-3 64216]
                  R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-7-31 683664]
                  R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\Drivers\SFEP.sys [2012-7-16 14336]
                  R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-9-27 44344]
                  R3 SOWS;Sony Wireless State Device;C:\Windows\System32\Drivers\sows.sys [2012-7-5 24280]
                  R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2014-2-20 60504]
                  R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2014-5-25 1642544]
                  S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-10-28 107288]
                  S3 e1yexpress;Stuurprogramma voor Intel(R) Gigabit-netwerkverbindingen;C:\Windows\System32\Drivers\e1y60x64.sys [2012-6-2 283136]
                  S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\Drivers\ggflt.sys [2013-11-15 14448]
                  S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [2013-10-16 235216]
                  S3 NetworkSupport;NetworkSupport;C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2012-11-30 623784]
                  S3 Revoflt;Revoflt;C:\Windows\System32\Drivers\revoflt.sys [2013-9-28 31800]
                  S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\Drivers\RtsPStor.sys [2012-11-30 339600]
                  S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-1-5 155824]
                  S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2013-10-28 204568]
                  S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\System32\Drivers\ssudserd.sys [2013-10-28 204568]
                  S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-11-30 476328]
                  S3 WSDScan;Ondersteuning voor WSD-scan;C:\Windows\System32\Drivers\WSDScan.sys [2013-1-7 23552]
                  S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
                  S4 ESRV_SVC;Energy Server Service;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-19 377768]
                  S4 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-8-8 123616]
                  S4 SOHDms;VAIO Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-8-8 460512]
                  S4 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-8-8 78048]
                  S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
                  S4 USER_ESRV_SVC;User Energy Server Service;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-19 377768]
                  S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-8-8 972000]
                  .
                  =============== Created Last 30 ================
                  .
                  2014-07-24 06:08:39 -------- d-sh--w- C:\$RECYCLE.BIN
                  2014-07-24 05:39:08 98816 ----a-w- C:\Windows\sed.exe
                  2014-07-24 05:39:08 256000 ----a-w- C:\Windows\PEV.exe
                  2014-07-24 05:39:08 208896 ----a-w- C:\Windows\MBR.exe
                  2014-07-23 05:30:49 -------- d-----w- C:\AdwCleaner
                  2014-07-23 05:11:28 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
                  2014-07-18 12:14:35 -------- d-----w- C:\Program Files (x86)\Siber Systems
                  2014-07-16 04:19:23 703968 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                  2014-07-16 04:19:23 105440 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                  2014-07-07 17:28:00 86528 ----a-w- C:\Windows\SysWow64\wudriver.dll
                  2014-07-07 17:28:00 176640 ----a-w- C:\Windows\System32\storewuauth.dll
                  2014-07-07 17:28:00 100352 ----a-w- C:\Windows\System32\wudriver.dll
                  2014-07-07 17:27:56 253440 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
                  2014-07-07 17:27:53 1623040 ----a-w- C:\Windows\System32\wucltux.dll
                  2014-07-07 17:27:29 40448 ----a-w- C:\Windows\System32\wuapp.exe
                  2014-07-07 17:27:29 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
                  2014-07-07 17:27:29 144384 ----a-w- C:\Windows\System32\wuwebv.dll
                  2014-07-07 17:27:29 128000 ----a-w- C:\Windows\SysWow64\wuwebv.dll
                  2014-07-03 16:37:47 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
                  2014-07-03 16:37:31 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
                  2014-07-03 16:37:31 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
                  2014-07-03 16:37:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
                  2014-07-03 16:35:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
                  2014-07-03 16:35:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
                  .
                  ==================== Find3M ====================
                  .
                  2014-07-18 11:36:24 64000 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys
                  2014-07-18 11:36:18 20992 ----a-w- C:\Windows\System32\drivers\GDKBFlt64.sys
                  2014-07-18 11:36:14 67584 ----a-w- C:\Windows\System32\drivers\gdwfpcd64.sys
                  2014-07-18 11:36:12 61440 ----a-w- C:\Windows\System32\drivers\HookCentre.sys
                  2014-07-18 11:36:12 55808 ----a-w- C:\Windows\System32\drivers\GDBehave.sys
                  2014-07-18 11:36:12 142336 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys
                  2014-06-19 02:12:11 2239488 ----a-w- C:\Windows\System32\wininet.dll
                  2014-06-19 02:12:02 915968 ----a-w- C:\Windows\System32\uxtheme.dll
                  2014-06-19 02:12:02 53760 ----a-w- C:\Windows\System32\UXInit.dll
                  2014-06-19 02:10:33 3959296 ----a-w- C:\Windows\System32\jscript9.dll
                  2014-06-19 02:10:28 67072 ----a-w- C:\Windows\System32\iesetup.dll
                  2014-06-19 02:10:28 136704 ----a-w- C:\Windows\System32\iesysprep.dll
                  2014-06-19 02:09:55 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
                  2014-06-19 00:53:52 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
                  2014-06-19 00:53:42 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
                  2014-06-19 00:52:46 2863616 ----a-w- C:\Windows\SysWow64\jscript9.dll
                  2014-06-19 00:52:42 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
                  2014-06-19 00:52:42 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
                  2014-06-19 00:52:19 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                  2014-06-19 00:33:44 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
                  2014-06-19 00:30:35 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                  2014-06-18 22:05:00 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
                  2014-06-17 23:27:37 1440256 ----a-w- C:\Windows\SysWow64\osk.exe
                  2014-06-17 23:24:48 1557504 ----a-w- C:\Windows\System32\osk.exe
                  2014-06-11 04:18:14 4038144 ----a-w- C:\Windows\System32\win32k.sys
                  2014-06-06 14:06:38 596480 ----a-w- C:\Windows\System32\qedit.dll
                  2014-06-06 10:17:56 497152 ----a-w- C:\Windows\SysWow64\qedit.dll
                  2014-06-05 12:11:26 9336 ------w- C:\Windows\SysWow64\GDScrSv.nl.dll
                  2014-06-02 22:33:45 265216 ----a-w- C:\Windows\System32\InkEd.dll
                  2014-05-29 23:31:26 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
                  2014-05-29 23:03:04 588288 ----a-w- C:\Windows\System32\SHCore.dll
                  2014-05-29 23:02:28 439808 ----a-w- C:\Windows\System32\lsm.dll
                  2014-05-29 23:02:27 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
                  2014-05-29 22:24:46 576512 ----a-w- C:\Windows\System32\drivers\afd.sys
                  2014-05-26 10:37:29 18160 ----a-w- C:\Windows\System32\drivers\GdPhyMem.sys
                  2014-05-22 10:53:32 106272 ----a-w- C:\Windows\System32\drivers\GRD.sys
                  2014-05-03 06:34:30 6974808 ----a-w- C:\Windows\System32\ntoskrnl.exe
                  2014-05-03 06:33:02 1824808 ----a-w- C:\Windows\System32\ntdll.dll
                  2014-05-03 05:47:22 3246592 ----a-w- C:\Windows\System32\rdpcorets.dll
                  2014-05-03 04:51:57 1408976 ----a-w- C:\Windows\SysWow64\ntdll.dll
                  2014-05-03 03:34:54 235520 ----a-w- C:\Windows\System32\rdpudd.dll
                  2014-05-01 22:37:16 1023488 ----a-w- C:\Windows\System32\localspl.dll
                  2014-04-29 22:32:46 126464 ----a-w- C:\Windows\System32\Robocopy.exe
                  2014-04-29 22:32:07 1301504 ----a-w- C:\Windows\System32\gdi32.dll
                  2014-04-29 22:32:00 106496 ----a-w- C:\Windows\SysWow64\Robocopy.exe
                  2014-04-29 22:22:23 1023488 ----a-w- C:\Windows\SysWow64\gdi32.dll
                  2014-04-28 05:08:05 13792 ----a-w- C:\Windows\System32\drivers\semav6thermal64ro.sys
                  .
                  ============= FINISH: 8:35:07,86 ===============

                  Comment


                  • #10
                    Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

                    ComboFix /Uninstall

                    Zorg ervoor dat er dus een spatie is tussen Combofix en /
                    Daarna klik je op Enter.


                    Klik op de afbeelding om te vergroten....


                    Dit zal Combofix verwijderen+gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw,
                    verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen
                    en reset je Systeemherstel opnieuw.




                    Download of Update Ccleaner

                    Start CCleaner op.
                    • Run Ccleaner en klik in de linkse kolom op Opties
                    • Selecteer het tabblad Geavanceerd
                    • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                    • Selecteer het tabblad Instellingen
                    • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                    • Klik in de linkse kolom op Cleaner.
                    • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                    • Klik vervolgens in de linkse kolom op Register
                    • Klik op Scan naar problemen.
                    • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                    • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                    .
                    Vertel nu eens even of er nog problemen zijn?

                    Emphyrio
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Helaas, de eerste de beste keer dat ik Windows verkenner open, crasht hij weer.
                      Last edited by Jakeman07; 24-07-14, 14:02.

                      Comment


                      • #12
                        Oorspronkelijk geplaatst door Jakeman07 Bekijk Berichten
                        Helaas, de eerste de beste keer dat ik Windows verkenner open, crasht hij weer.
                        In je logs hebt ik gemerkt dat je een "Classic Shell" hebt toegevoegd.
                        Dit is niet standaard in W 8

                        Wanneer zijn deze problemen begonnen?
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          De problemen doen zich al geruime tijd voor. Hoe lang precies weet ik helaas niet meer, maar als ik een schatting moet maken denk ik zeker een maand of 3-4.

                          Classic shell verwijderen misschien?

                          Comment


                          • #14
                            Dat is het eerste waar ik aan denk, zeker als je Classic Shell in die periode hebt geinstalleerd.

                            Vermits je pc malware vrij is en dit een Windows probleem is, zou ik je willen advizeren om voor verdere assistentie (ivm Windows) een nieuw topic aan te maken in de Windows sectie van ons forum.

                            Meldt dan wel even dat je van hier komt en je pc malwarevrij is.


                            1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                            2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                            Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                            3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                            4) Allerlei tips en hints kan je hier raadplegen.


                            Ik zet het topic op opgelost.

                            Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                            naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                            Dit is gedaan om het forum netjes en overzichtelijk te houden.

                            Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                            Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                            Emphyrio
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment


                            • #15
                              Heel hartelijk dank voor je hulp!

                              Zoals je reeds hebt gezien staat mijn probleem inmiddels al in de sectie Windows.

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X