Mededeling

Collapse
No announcement yet.

V9 virus verwijderen

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • V9 virus verwijderen

    Ik probeer het V9 virus te verwijderen maar lijkt niet weg te willen.
    Heb al gescand met Malware bytes en alles verwijderd. Maar tot nu toe geen resultaat.

    Heb even een logje gemaakt met HijackThis.


    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 21:58:56, on 30-9-2014
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.17280)


    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe
    C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
    C:\Program Files (x86)\Samsung\Kies\Kies.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
    C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
    C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
    C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Users\rik\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
    O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
    O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
    O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
    O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
    O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [SearchEngineProtection] C:\Program Files (x86)\Gamesbar\SearchEngineProtection.exe
    O4 - HKCU\..\Run: [ares] "C:\ares\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
    O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E821D68A81418EDB6E02DEBD153B52F6] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
    O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-115757029-2755714942-4284026013-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
    O4 - HKUS\S-1-5-21-115757029-2755714942-4284026013-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing)
    O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing)
    O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
    O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
    O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
    O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 17273 bytes
    hijackthis.txt


    Wat hulp zou perfect zijn!

    Mvg Lars

  • #2
    Hoi larsvorst en welkom op^Nucia Security Forum,

    De eerste stap is het uitvoeren van deze richtlijn: !!! BELANGRIJK !!!: Lees dit eerst voor je een bericht plaatst!

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      En daarna? Heb het doorgelezen..

      Comment


      • #4
        Oorspronkelijk geplaatst door larsvorst Bekijk Berichten
        En daarna? Heb het doorgelezen..
        Beter lezen aub.
        Ik verwacht dat je de gevraagde logs post .
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Bij gebrek aan feedback zet ik dit topic op opgelost.

          Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
          Dit is gedaan om het forum netjes en overzichtelijk te houden.

          Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.


          Emphyrio
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            ADW cleaner log:

            # AdwCleaner v3.311 - Rapport aangemaakt 02/10/2014 op 13:20:32
            # Laatste Update 30/09/2014 door Xplode
            # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
            # Gebruikersnaam : rik - RIK-PC
            # Gestart vanuit : C:\Users\rik\Desktop\adwcleaner_3.311.exe
            # Optie : Scannen

            ***** [ Services ] *****


            ***** [ Bestanden / Mappen ] *****

            Bestand Gevonden : C:\Users\rik\AppData\Local\Temp\Uninstall.exe
            Bestand Gevonden : C:\Windows\System32\roboot64.exe
            Map Gevonden : C:\Program Files (x86)\Ask.com
            Map Gevonden : C:\Program Files (x86)\AVG Secure Search
            Map Gevonden : C:\Program Files (x86)\AVG Security Toolbar
            Map Gevonden : C:\Program Files (x86)\BearShare Applications
            Map Gevonden : C:\Program Files (x86)\Common Files\337
            Map Gevonden : C:\Program Files (x86)\Common Files\AVG Secure Search
            Map Gevonden : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
            Map Gevonden : C:\Program Files (x86)\GamesBar
            Map Gevonden : C:\Program Files (x86)\NCH Software
            Map Gevonden : C:\Program Files (x86)\Omiga Plus
            Map Gevonden : C:\Program Files (x86)\WinZipper
            Map Gevonden : C:\ProgramData\Ask
            Map Gevonden : C:\ProgramData\AVG Secure Search
            Map Gevonden : C:\ProgramData\GamesBar
            Map Gevonden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
            Map Gevonden : C:\ProgramData\NCH Software
            Map Gevonden : C:\ProgramData\Partner
            Map Gevonden : C:\Users\Linda\AppData\Local\AVG Secure Search
            Map Gevonden : C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
            Map Gevonden : C:\Users\Linda\AppData\Local\Pokki
            Map Gevonden : C:\Users\Linda\AppData\LocalLow\AskToolbar
            Map Gevonden : C:\Users\Linda\AppData\LocalLow\AVG Secure Search
            Map Gevonden : C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
            Map Gevonden : C:\Users\Linda\AppData\Roaming\Systweak
            Map Gevonden : C:\Users\rik\AppData\Local\apn
            Map Gevonden : C:\Users\rik\AppData\Local\AVG Secure Search
            Map Gevonden : C:\Users\rik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
            Map Gevonden : C:\Users\rik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
            Map Gevonden : C:\Users\rik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
            Map Gevonden : C:\Users\rik\AppData\Local\PackageAware
            Map Gevonden : C:\Users\rik\AppData\LocalLow\AskToolbar
            Map Gevonden : C:\Users\rik\AppData\LocalLow\AVG Secure Search
            Map Gevonden : C:\Users\rik\AppData\Roaming\337
            Map Gevonden : C:\Users\rik\AppData\Roaming\337 Wallpaper
            Map Gevonden : C:\Users\rik\AppData\Roaming\dvdvideosoftiehelpers
            Map Gevonden : C:\Users\rik\AppData\Roaming\NCH Software
            Map Gevonden : C:\Users\rik\AppData\Roaming\Omiga Plus
            Map Gevonden : C:\Users\rik\AppData\Roaming\Systweak
            Map Gevonden : C:\Users\rik\AppData\Roaming\WinZipper
            Map Gevonden : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

            ***** [ Taken ] *****

            Taak Gevonden : Desk 365 RunAsStdUser
            Taak Gevonden : Omiga Plus RunAsStdUser
            Taak Gevonden : Scheduled Update for Ask Toolbar

            ***** [ Snelkoppelingen ] *****

            Snelkoppeling Gevonden : C:\Users\rik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST1500DL003-9VT16L_5YD5CNZ7XXXX5YD5CNZ7&ts=1377965286 )
            Snelkoppeling Gevonden : C:\Users\rik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST1500DL003-9VT16L_5YD5CNZ7XXXX5YD5CNZ7&ts=1377965286 )
            Snelkoppeling Gevonden : C:\Users\rik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST1500DL003-9VT16L_5YD5CNZ7XXXX5YD5CNZ7&ts=1377965286 )
            Snelkoppeling Gevonden : C:\Users\rik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST1500DL003-9VT16L_5YD5CNZ7XXXX5YD5CNZ7&ts=1377965286 )

            ***** [ Register ] *****

            Gegevens Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
            Gegevens Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
            Sleutel Gevonden : HKCU\Software\APN
            Sleutel Gevonden : HKCU\Software\AppDataLow\Software\AskToolbar
            Sleutel Gevonden : HKCU\Software\Ask.com
            Sleutel Gevonden : HKCU\Software\AVG Secure Search
            Sleutel Gevonden : HKCU\Software\AVG Security Toolbar
            Sleutel Gevonden : HKCU\Software\Conduit
            Sleutel Gevonden : HKCU\Software\gamesbar
            Sleutel Gevonden : HKCU\Software\IGearSettings
            Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1A93C934-025B-4C3A-B38E-9654A7003239}
            Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
            Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
            Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A93C934-025B-4C3A-B38E-9654A7003239}
            Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
            Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
            Sleutel Gevonden : HKCU\Software\Myfree Codec
            Sleutel Gevonden : HKCU\Software\Softonic
            Sleutel Gevonden : [x64] HKCU\Software\APN
            Sleutel Gevonden : [x64] HKCU\Software\Ask.com
            Sleutel Gevonden : [x64] HKCU\Software\AVG Secure Search
            Sleutel Gevonden : [x64] HKCU\Software\AVG Security Toolbar
            Sleutel Gevonden : [x64] HKCU\Software\Conduit
            Sleutel Gevonden : [x64] HKCU\Software\gamesbar
            Sleutel Gevonden : [x64] HKCU\Software\IGearSettings
            Sleutel Gevonden : [x64] HKCU\Software\Myfree Codec
            Sleutel Gevonden : [x64] HKCU\Software\Softonic
            Sleutel Gevonden : HKLM\SOFTWARE\APN
            Sleutel Gevonden : HKLM\SOFTWARE\AskToolbar
            Sleutel Gevonden : HKLM\SOFTWARE\AVG Secure Search
            Sleutel Gevonden : HKLM\SOFTWARE\AVG Security Toolbar
            Sleutel Gevonden : HKLM\SOFTWARE\bearsharemediabartb
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\oberontb.band
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\oberontb.band.1
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO.1
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\S
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{AD76633E-E50D-4844-9E7F-4DFBC7C18467}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
            Sleutel Gevonden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
            Sleutel Gevonden : HKLM\SOFTWARE\Conduit
            Sleutel Gevonden : HKLM\SOFTWARE\Desksvc
            Sleutel Gevonden : HKLM\SOFTWARE\gamesbar
            Sleutel Gevonden : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
            Sleutel Gevonden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
            Sleutel Gevonden : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
            Sleutel Gevonden : HKLM\SOFTWARE\hdcode
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4C3A-B38E-9654A7003239}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_htc-sync_RASAPI32
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_htc-sync_RASMANCS
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_samsung-pc-studio (1)_RASAPI32
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_samsung-pc-studio (1)_RASMANCS
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_samsung-pc-studio_RASAPI32
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_samsung-pc-studio_RASMANCS
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
            Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gamesbar
            Sleutel Gevonden : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
            Sleutel Gevonden : HKLM\SOFTWARE\Myfree Codec
            Sleutel Gevonden : HKLM\SOFTWARE\omigaplusSvc
            Sleutel Gevonden : HKLM\SOFTWARE\systweak
            Sleutel Gevonden : HKLM\SOFTWARE\V9
            Sleutel Gevonden : HKLM\SOFTWARE\winzipersvc
            Sleutel Gevonden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
            Sleutel Gevonden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1 C9
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
            Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
            Waarde Gevonden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
            Waarde Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchEngineProtection]
            Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
            Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
            Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
            Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
            Waarde Gevonden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]

            ***** [ Browsers ] *****

            -\\ Internet Explorer v11.0.9600.17280


            -\\ Mozilla Firefox v

            -\\ Google Chrome v37.0.2062.124

            [ Bestand : C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

            Gevonden [Search Provider] : hxxp://isearch.avg.com/search?cid={4E7CDB3B-066F-437F-BB85-808C542A0141}&mid=e8ee19e798ce47d0a3535dc0e38653d3-9aa30d733097139056411fbd0b3198591ba15564&lang=nl&ds=cv011&pr=sa&d=2012-05-25 23:51:28&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
            Gevonden [Homepage] : hxxp://isearch.avg.com/?cid={4E7CDB3B-066F-437F-BB85-808C542A0141}&mid=e8ee19e798ce47d0a3535dc0e38653d3-9aa30d733097139056411fbd0b3198591ba15564&lang=nl&ds=cv011&pr=sa&d=2012-05-25 23:51:28&v=15.3.0.11&pid=avg&sg=0&sap=hp
            Gevonden [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
            Gevonden [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
            Gevonden [Extension] : hphibigbodkkohoglgfkddblldpfohjl
            Gevonden [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
            Gevonden [Extension] : kincjchfokkeneeofpeefomkikfkiedl
            Gevonden [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
            Gevonden [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
            Gevonden [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

            [ Bestand : C:\Users\rik\AppData\Local\Google\Chrome\User Data\Default\preferences ]

            Gevonden [Search Provider] : hxxp://www.vd.nl/search.jsf?searchQuery={searchTerms}
            Gevonden [Search Provider] : hxxp://www.saturn.nl/?searchCategory=onlineshop%3Bcat000101020200%3B&searchQuery={searchTerms}
            Gevonden [Search Provider] : hxxp://nl.softonic.com/s/{searchTerms}

            *************************

            AdwCleaner[R0].txt - [24210 octets] - [02/10/2014 13:20:32]

            ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24271 octets] ##########

            Comment


            • #7
              DDS log:

              Attach:

              .
              UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
              IF REQUESTED, ZIP IT UP & ATTACH IT
              .
              DDS (Ver_2012-11-20.01)
              .
              Microsoft Windows 7 Home Premium
              Boot Device: \Device\HarddiskVolume1
              Install Date: 6-12-2011 19:09:23
              System Uptime: 2-10-2014 12:49:12 (1 hours ago)
              .
              Motherboard: MEDIONPC | | MS-7728
              Processor: Intel(R) Core(TM) i3-2130 CPU @ 3.40GHz | CPU 1 | 2788/400mhz
              .
              ==== Disk Partitions =========================
              .
              C: is FIXED (NTFS) - 1346 GiB total, 1192,838 GiB free.
              D: is FIXED (NTFS) - 50 GiB total, 28,813 GiB free.
              E: is CDROM ()
              G: is Removable
              H: is Removable
              I: is Removable
              .
              ==== Disabled Device Manager Items =============
              .
              ==== System Restore Points ===================
              .
              RP316: 29-9-2014 21:33:23 - Windows Update
              RP317: 30-9-2014 19:24:43 - Windows Update
              RP318: 30-9-2014 19:42:45 - Windows Update
              RP319: 30-9-2014 20:47:09 - Windows Update
              RP320: 30-9-2014 21:19:35 - Installed SpyHunter
              RP321: 1-10-2014 13:33:32 - Windows Update
              RP322: 1-10-2014 20:32:26 - Windows Update
              RP323: 2-10-2014 3:59:49 - Windows Update
              RP324: 2-10-2014 13:13:42 - Removed SpyHunter
              .
              ==== Installed Programs ======================
              .
              Aangifte inkomstenbelasting 2013
              Adobe AIR
              Adobe Flash Player 15 ActiveX
              Adobe Flash Player 15 Plugin
              Adobe Reader XI (11.0.09) - Nederlands
              Adobe Shockwave Player 11.6
              Ashampoo Burning Studio
              Ashampoo Photo Commander
              Ashampoo Photo Optimizer
              Ashampoo Snap
              Ask Toolbar
              Asmedia ASM104x USB 3.0 Host Controller Driver
              AVG Security Toolbar
              BearShare
              Bridge Base Online
              Canon Easy-WebPrint EX
              Canon IJ Scan Utility
              Canon Inkjet Printer/Scanner/Fax Extended Survey Program
              Canon MG3200 series MP Drivers
              Canon MG3200 series On-screen Manual
              Canon MP280 series MP Drivers
              Canon My Image Garden
              Canon My Image Garden Design Files
              Canon My Printer
              Canon Quick Menu
              Corel Graphics - Windows Shell Extension
              Corel Graphics - Windows Shell Extension 64 Bit
              CorelDRAW Essentials X5
              CorelDRAW Essentials X5 - Common
              CorelDRAW Essentials X5 - Connect
              CorelDRAW Essentials X5 - Custom Data
              CorelDRAW Essentials X5 - DE
              CorelDRAW Essentials X5 - Draw
              CorelDRAW Essentials X5 - EN
              CorelDRAW Essentials X5 - ES
              CorelDRAW Essentials X5 - Extra Content
              CorelDRAW Essentials X5 - Filters
              CorelDRAW Essentials X5 - FR
              CorelDRAW Essentials X5 - IPM
              CorelDRAW Essentials X5 - IT
              CorelDRAW Essentials X5 - PHOTO-PAINT
              CorelDRAW Essentials X5 - Redist
              CorelDRAW Essentials X5 - Setup Files
              CorelDRAW Essentials X5 - WT
              CyberLink LabelPrint
              CyberLink Power2Go
              CyberLink PowerDVD Copy
              CyberLink PowerRecover
              CyberLink WaveEditor
              D3DX10
              Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
              Fotótár
              Fotogalerie
              Fotogalerija
              Fotograf Galerisi
              Free YouTube to MP3 Converter version 3.11.32.918
              Full Tilt Poker.Eu
              Galeria de Fotografias do Windows Live
              Galeria fotografii
              Galerie de photos
              Galería de fotos
              GamesBar 2.0.1.82
              Gebruikersregistratie voor Canon MG3200 series
              Google Chrome
              Google Earth
              Google Toolbar for Internet Explorer
              Google Update Helper
              HTC Driver Installer
              Intel(R) Management Engine Components
              Intel(R) Rapid Storage Technology
              Java 7 Update 65
              Java Auto Updater
              Junk Mail filter update
              Kaspersky PURE 3.0
              Malwarebytes Anti-Malware versie 2.0.2.1012
              McAfee Security Scan Plus
              Medion Home Cinema
              Microsoft .NET Framework 4.5.1
              Microsoft .NET Framework 4.5.1 (Nederlands)
              Microsoft .NET Framework 4.5.1 (NLD)
              Microsoft Access MUI (Dutch) 2013
              Microsoft Application Error Reporting
              Microsoft DCF MUI (Dutch) 2013
              Microsoft Excel MUI (Dutch) 2013
              Microsoft Groove MUI (Dutch) 2013
              Microsoft InfoPath MUI (Dutch) 2013
              Microsoft Lync MUI (Dutch) 2013
              Microsoft Office 32-bit Components 2013
              Microsoft Office Korrekturhilfen 2013 - Deutsch
              Microsoft Office OSM MUI (Dutch) 2013
              Microsoft Office OSM UX MUI (Dutch) 2013
              Microsoft Office Professional Plus 2013
              Microsoft Office Proofing (Dutch) 2013
              Microsoft Office Proofing Tools 2013 - English
              Microsoft Office Proofing Tools 2013 - Nederlands
              Microsoft Office Shared 32-bit MUI (Dutch) 2013
              Microsoft Office Shared MUI (Dutch) 2013
              Microsoft OneNote MUI (Dutch) 2013
              Microsoft Outlook MUI (Dutch) 2013
              Microsoft PowerPoint MUI (Dutch) 2013
              Microsoft Publisher MUI (Dutch) 2013
              Microsoft Silverlight
              Microsoft SkyDrive
              Microsoft SQL Server 2005 Compact Edition [ENU]
              Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
              Microsoft Visual C++ 2005 Redistributable
              Microsoft Visual C++ 2005 Redistributable (x64)
              Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
              Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
              Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
              Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
              Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
              Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
              Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
              Microsoft Word MUI (Dutch) 2013
              MioMore Desktop 7.50
              Movie Maker
              Mozilla Maintenance Service
              Mozilla Thunderbird 16.0.1 (x86 nl)
              MSVCRT
              MSVCRT_amd64
              MSVCRT110
              MSVCRT110_amd64
              MSXML 4.0 SP2 (KB954430)
              MSXML 4.0 SP2 (KB973688)
              MSXML 4.0 SP3 Parser
              MSXML 4.0 SP3 Parser (KB2721691)
              MSXML 4.0 SP3 Parser (KB2758694)
              MSXML 4.0 SP3 Parser (KB973685)
              MyFreeCodec
              NVIDIA-configuratiescherm 331.65
              NVIDIA 3D Vision stuurprogramma 331.65
              NVIDIA Grafisch stuurprogramma 331.65
              NVIDIA HD Audio Driver 1.2.23.3
              NVIDIA Install Application
              NVIDIA Optimus 1.3.5
              NVIDIA PhysX
              NVIDIA PhysX System Software 9.10.0514
              NVIDIA Stereoscopic 3D Driver
              NVIDIA Update 1.15.2
              NVIDIA Update Components
              Official 2012 Countdown
              Origin
              Outils de vérification linguistique 2013 de Microsoft Office*- Français
              Photo Common
              Photo Gallery
              PlayReady PC Runtime amd64
              Poczta uslugi Windows Live
              Podstawowe programy Windows Live
              PokerStars
              Pošta Windows Live
              Raccolta foto
              Realtek High Definition Audio Driver
              RecordPad Sound Recorder
              RESCUE 2013
              S?????? f?t???af???
              Samsung Kies
              Samsung Mobile phone USB driver Drive Software
              Samsung New PC Studio
              Samsung PC Studio 3
              SAMSUNG USB Driver for Mobile Phones
              Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
              Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
              Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
              Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
              Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
              Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition
              Sid Meier's Civilization V
              Spelling Dictionaries Support For Adobe Reader X
              Steam
              swMSM
              ThreeShipsPluginSetup
              Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition
              Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition
              Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition
              Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition
              Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition
              Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition
              Update for Microsoft Outlook 2013 (KB2881011) 64-Bit Edition
              Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition
              Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition
              Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition
              Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition
              Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition
              Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition
              Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition
              WavePad Sound Editor
              Windows Live
              Windows Live Communications Platform
              Windows Live Essentials
              Windows Live Family Safety
              Windows Live ID Sign-in Assistant
              Windows Live Installer
              Windows Live Mail
              Windows Live Messenger
              Windows Live MIME IFilter
              Windows Live Movie Maker
              Windows Live Photo Common
              Windows Live PIMT Platform
              Windows Live SOXE
              Windows Live SOXE Definitions
              Windows Live Temel Parçalar
              Windows Live UX Platform
              Windows Live UX Platform Language Pack
              Windows Live Writer
              Windows Live Writer Resources
              World of Tanks
              World of Warplanes
              Zuma Deluxe RA
              .
              ==== End Of File ===========================


              DDS

              DDS (Ver_2012-11-20.01) - NTFS_AMD64
              Internet Explorer: 11.0.9600.17280 BrowserJavaVersion: 10.65.2
              Run by rik at 13:21:53 on 2014-10-02
              Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4078.1607 [GMT 2:00]
              .
              AV: Kaspersky PURE 3.0 *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
              SP: Kaspersky PURE 3.0 *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
              SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
              FW: Kaspersky PURE 3.0 *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
              .
              ============== Running Processes ===============
              .
              C:\Windows\system32\lsm.exe
              C:\Windows\system32\svchost.exe -k DcomLaunch
              C:\Windows\system32\nvvsvc.exe
              C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
              C:\Windows\system32\svchost.exe -k RPCSS
              C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
              C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
              C:\Windows\system32\svchost.exe -k LocalService
              C:\Windows\system32\svchost.exe -k netsvcs
              C:\Windows\system32\svchost.exe -k GPSvcGroup
              C:\Windows\system32\svchost.exe -k NetworkService
              C:\Windows\System32\spoolsv.exe
              C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
              C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
              C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
              C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
              C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
              C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
              C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
              c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
              C:\Windows\system32\svchost.exe -k imgsvc
              C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
              C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
              C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
              C:\Windows\System32\WUDFHost.exe
              C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
              C:\Windows\system32\nvvsvc.exe
              C:\Windows\system32\taskhost.exe
              C:\Windows\system32\taskeng.exe
              C:\Windows\system32\Dwm.exe
              C:\Windows\Explorer.EXE
              C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
              C:\Program Files (x86)\Steam\Steam.exe
              C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe
              C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
              C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
              C:\Windows\system32\SearchIndexer.exe
              C:\Program Files\Windows Sidebar\sidebar.exe
              C:\Program Files (x86)\Samsung\Kies\Kies.exe
              C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
              C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
              C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
              C:\Program Files (x86)\AVG Secure Search\vprot.exe
              C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
              C:\Program Files\Windows Media Player\wmpnetwk.exe
              C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
              C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
              C:\Windows\System32\svchost.exe -k LocalServicePeerNet
              C:\Windows\splwow64.exe
              C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
              C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
              C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
              C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
              C:\Program Files (x86)\Common Files\Steam\SteamService.exe
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
              C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
              C:\Windows\System32\svchost.exe -k secsvcs
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
              C:\Windows\system32\msiexec.exe
              C:\Program Files\Internet Explorer\iexplore.exe
              C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
              C:\Windows\servicing\TrustedInstaller.exe
              C:\Windows\syswow64\MsiExec.exe
              C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe
              C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
              C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
              C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
              C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
              C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
              C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
              C:\Windows\system32\taskhost.exe
              C:\Users\rik\Desktop\adwcleaner_3.311.exe
              C:\Windows\system32\taskeng.exe
              C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
              C:\Windows\system32\wbem\wmiprvse.exe
              C:\Windows\System32\cscript.exe
              .
              ============== Pseudo HJT Report ===============
              .
              uStart Page = hxxp://www.startpagina.nl
              uSearch Bar = Preserve
              mStart Page = www.google.com
              mDefault_Page_URL = www.google.com
              mWinlogon: Userinit = userinit.exe,
              BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
              BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
              BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
              BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
              BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
              BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
              BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
              BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
              BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
              BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
              BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
              BHO: GamesBarBHO Class: {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
              BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
              BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
              BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
              TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
              TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
              TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
              TB: GamesBar: {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
              TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
              TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
              TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
              EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
              uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
              uRun: [SearchEngineProtection] C:\Program Files (x86)\Gamesbar\SearchEngineProtection.exe
              uRun: [ares] "C:\ares\Ares\Ares.exe" -h
              uRun: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
              uRun: [GoogleChromeAutoLaunch_E821D68A81418EDB6E02DEBD153B52F6] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
              uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
              uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
              uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
              mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
              mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
              mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
              mRun: [NPSStartup] <no file>
              StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
              mPolicies-Explorer: NoActiveDesktop = dword:1
              mPolicies-Explorer: NoActiveDesktopChanges = dword:1
              mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
              mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
              mPolicies-System: ConsentPromptBehaviorUser = dword:3
              mPolicies-System: EnableUIADesktopToggle = dword:0
              IE: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
              IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
              IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
              IE: {1A93C934-025B-4c3a-B38E-9654A7003239} - {6F282B65-56BF-4BD1-A8B2-A4449A05863D}
              IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
              IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
              IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
              IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
              IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
              IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
              TCP: NameServer = 192.168.1.1
              TCP: Interfaces\{5B90CD70-E56C-4456-B65F-11601705E13B} : DHCPNameServer = 192.168.1.1
              TCP: Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65} : DHCPNameServer = 192.168.1.1
              TCP: Interfaces\{EBA514C7-7409-485B-8D39-076AFE750DB6} : DHCPNameServer = 192.168.42.129
              Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
              Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
              Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
              Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
              AppInit_DLLs= C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
              SSODL: WebCheck - <orphaned>
              mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
              x64-mStart Page = www.google.com
              x64-mDefault_Page_URL = www.google.com
              x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
              x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
              x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
              x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
              x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
              x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
              x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
              x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
              x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
              x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
              x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
              x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
              x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
              x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
              x64-IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
              x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
              x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
              x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
              x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
              x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
              x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
              x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
              x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
              x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
              x64-SSODL: WebCheck - <orphaned>
              .
              ============= SERVICES / DRIVERS ===============
              .
              R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2013-10-6 84536]
              R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-8-11 27240]
              R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 50976]
              R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2013-10-6 66616]
              R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2009-9-14 29792]
              R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-10-18 54368]
              R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
              R2 AVP;Kaspersky Anti-Virus-service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -r [?]
              R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]
              R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-11 13592]
              R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-9-30 1809720]
              R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-9-30 860472]
              R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040]
              R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
              R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-11 2656280]
              R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-8-12 1820184]
              R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-6-2 128488]
              R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-6-2 401896]
              R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-9-3 29280]
              R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-9-3 29280]
              R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-9-30 25816]
              R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-9-30 122584]
              R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-9-30 63704]
              R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-11 533096]
              R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2011-7-18 694888]
              S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
              S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
              S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]
              S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-5-26 57840]
              S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
              S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
              S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]
              S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-30 111616]
              S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
              S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-8-17 171008]
              S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
              S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-9-30 19456]
              S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\Windows\System32\drivers\ss_bbus.sys [2012-6-4 127488]
              S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\Windows\System32\drivers\ss_bmdfl.sys [2012-6-4 18944]
              S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\Windows\System32\drivers\ss_bmdm.sys [2012-6-4 161280]
              S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]
              S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2012-5-30 16448]
              S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-30 56832]
              S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-9-30 30208]
              S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-12 1255736]
              S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2010-9-23 129008]
              .
              =============== Created Last 30 ================
              .
              2014-10-02 11:21:26 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
              2014-10-02 11:20:28 -------- d-----w- C:\AdwCleaner
              2014-10-01 18:32:04 6574592 ----a-w- C:\Windows\System32\mstscax.dll
              2014-10-01 18:32:04 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
              2014-10-01 18:31:56 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
              2014-10-01 18:31:56 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
              2014-09-30 19:20:31 110080 ----a-r- C:\Users\rik\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconF7A21AF7.exe
              2014-09-30 19:20:31 110080 ----a-r- C:\Users\rik\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconD7F16134.exe
              2014-09-30 19:20:31 110080 ----a-r- C:\Users\rik\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\Icon1226A4C5.exe
              2014-09-30 19:20:30 -------- d-----w- C:\sh4ldr
              2014-09-30 19:19:09 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
              2014-09-30 19:19:06 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
              2014-09-30 19:13:35 -------- d-----w- C:\Program Files\trend micro
              2014-09-30 19:02:19 -------- d-----w- C:\Windows\System32\drivers\en-US
              2014-09-30 18:56:59 812216 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
              2014-09-30 18:56:59 810168 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
              2014-09-30 18:56:59 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
              2014-09-30 18:56:59 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
              2014-09-30 18:56:59 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
              2014-09-30 18:52:28 3584 ----a-w- C:\Windows\System32\drivers\nl-NL\tsusbflt.sys.mui
              2014-09-30 18:52:26 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
              2014-09-30 18:52:26 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
              2014-09-30 18:52:25 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
              2014-09-30 18:52:24 243200 ----a-w- C:\Windows\System32\rdpudd.dll
              2014-09-30 18:52:24 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
              2014-09-30 18:17:34 -------- d-----w- C:\ProgramData\22285
              2014-09-30 18:01:27 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
              2014-09-30 18:01:13 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
              2014-09-30 18:01:13 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
              2014-09-30 18:01:13 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
              2014-09-30 18:01:13 -------- d-----w- C:\ProgramData\Malwarebytes
              2014-09-30 18:01:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
              2014-09-30 17:45:38 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F8C1A743-F17F-4D69-8C7C-FD085BBBA6E1}\offreg.dll
              2014-09-30 17:45:08 -------- d-----w- C:\ProgramData\Microsoft Toolkit
              2014-09-30 17:25:49 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F8C1A743-F17F-4D69-8C7C-FD085BBBA6E1}\mpengine.dll
              2014-09-30 17:24:36 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
              2014-09-30 17:24:36 371712 ----a-w- C:\Windows\System32\qdvd.dll
              2014-09-24 08:58:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
              2014-09-24 08:58:18 2048 ----a-w- C:\Windows\System32\tzres.dll
              2014-09-14 20:16:03 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
              2014-09-14 20:16:03 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
              2014-09-10 22:02:17 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
              2014-09-10 22:02:17 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
              2014-09-10 22:02:10 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
              2014-09-10 22:02:10 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
              2014-09-10 22:01:59 728064 ----a-w- C:\Windows\System32\kerberos.dll
              2014-09-10 22:01:59 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
              2014-09-10 22:01:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
              2014-09-10 22:01:59 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
              2014-09-10 22:01:58 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
              2014-09-10 22:01:55 578048 ----a-w- C:\Windows\System32\aepdu.dll
              2014-09-10 22:01:55 424448 ----a-w- C:\Windows\System32\aeinv.dll
              .
              ==================== Find3M ====================
              .
              2014-09-24 09:42:27 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
              2014-09-24 09:42:27 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
              2014-09-15 07:06:02 278152 ------w- C:\Windows\System32\MpSigStub.exe
              2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
              2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
              2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
              2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
              2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
              2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
              2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
              2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
              2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
              2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
              2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
              2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
              2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
              2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
              2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
              2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
              2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
              2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
              2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
              2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
              2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
              2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
              2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
              2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
              2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
              2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
              2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
              2014-08-12 12:30:13 50976 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
              2014-07-25 00:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
              2014-07-24 21:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
              2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
              2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
              2014-07-11 01:02:05 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
              2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
              2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
              2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
              2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
              .
              ============= FINISH: 13:24:09,93 ===============

              Comment


              • #8
                Lees de instructies aub eens aandachtig door.

                In je volgende posting hadden we graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
                .

                MBAM (aangepaste scan)
                AdwCleaner ( de log na verwijdering)
                DDS.txt (niet de attached)
                Gmer (???)
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Hier de Gmer log (was nog aan het scannen)

                  GMER 2.1.19357 - http://www.gmer.net
                  Rootkit scan 2014-10-02 13:57:08
                  Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST1500DL rev.CC4A 1397,27GB
                  Running: 11qmgu4s.exe; Driver: C:\Users\rik\AppData\Local\Temp\pftdrpow.sys


                  ---- Kernel code sections - GMER 2.1 ----

                  INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80003805000 63 bytes [00, 00, 15, 02, 46, 4D, 72, ...]
                  INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594 fffff80003805042 4 bytes [00, 00, 00, 00]

                  ---- User code sections - GMER 2.1 ----

                  .text C:\Program Files (x86)\Steam\Steam.exe[4072] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Steam\Steam.exe[4072] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[4428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[4428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[1820] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[1820] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[5140] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[5140] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5588] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5588] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5452] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5452] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[7032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[7032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[6968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[6968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  ? C:\Windows\system32\mssprxy.dll [6968] entry point in ".rdata" section 0000000058de71e6
                  .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[6660] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[6660] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2
                  .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6292] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
                  .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6292] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
                  .text ... * 2

                  ---- Kernel IAT/EAT - GMER 2.1 ----

                  IAT C:\Windows\System32\win32k.sys[ntoskrnl.exe!KeUserModeCallback] [fffff880046ebf00] \SystemRoot\system32\DRIVERS\klif.sys [PAGE]

                  ---- Registry - GMER 2.1 ----

                  Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\[email protected] 97041
                  Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}@LeaseObtainedTime 1412249170
                  Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}@T1 1412292370
                  Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}@T2 1412324770
                  Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}@LeaseTerminatesTime 1412335570

                  ---- Disk sectors - GMER 2.1 ----

                  Disk \Device\Harddisk0\DR0 unknown MBR code

                  ---- EOF - GMER 2.1 ----

                  Comment


                  • #10
                    De Gmer log is het enige correcte dat ik heb mogen ontvangen.
                    Nogmaals: Lees aandachtig de instructies aub en post enkel het gevraagde.
                    Versta je iets niet (of je begrijpt niet goed Nederlands) zeg het me dan.
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment

                    Sorry, you are not authorized to view this page
                    Working...
                    X