Mededeling

**Emphyrio** · 01-10-14, 14:32

Hoi larsvorst en welkom op^Nucia Security Forum,

De eerste stap is het uitvoeren van deze richtlijn: !!! BELANGRIJK !!!: Lees dit eerst voor je een bericht plaatst!

Emphyrio

**larsvorst** · 01-10-14, 14:49

En daarna? Heb het doorgelezen..

**Emphyrio** · 01-10-14, 14:59

Oorspronkelijk geplaatst door larsvorst

En daarna? Heb het doorgelezen..

Beter lezen aub.
Ik verwacht dat je de gevraagde logs post .

**Emphyrio** · 02-10-14, 10:31

Bij gebrek aan feedback zet ik dit topic op opgelost.

Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
Dit is gedaan om het forum netjes en overzichtelijk te houden.

Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.

Emphyrio

**larsvorst** · 02-10-14, 12:31

ADW cleaner log:

# AdwCleaner v3.311 - Rapport aangemaakt 02/10/2014 op 13:20:32
# Laatste Update 30/09/2014 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruikersnaam : rik - RIK-PC
# Gestart vanuit : C:\Users\rik\Desktop\adwcleaner_3.311.exe
# Optie : Scannen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Bestand Gevonden : C:\Users\rik\AppData\Local\Temp\Uninstall.exe
Bestand Gevonden : C:\Windows\System32\roboot64.exe
Map Gevonden : C:\Program Files (x86)\Ask.com
Map Gevonden : C:\Program Files (x86)\AVG Secure Search
Map Gevonden : C:\Program Files (x86)\AVG Security Toolbar
Map Gevonden : C:\Program Files (x86)\BearShare Applications
Map Gevonden : C:\Program Files (x86)\Common Files\337
Map Gevonden : C:\Program Files (x86)\Common Files\AVG Secure Search
Map Gevonden : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Map Gevonden : C:\Program Files (x86)\GamesBar
Map Gevonden : C:\Program Files (x86)\NCH Software
Map Gevonden : C:\Program Files (x86)\Omiga Plus
Map Gevonden : C:\Program Files (x86)\WinZipper
Map Gevonden : C:\ProgramData\Ask
Map Gevonden : C:\ProgramData\AVG Secure Search
Map Gevonden : C:\ProgramData\GamesBar
Map Gevonden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
Map Gevonden : C:\ProgramData\NCH Software
Map Gevonden : C:\ProgramData\Partner
Map Gevonden : C:\Users\Linda\AppData\Local\AVG Secure Search
Map Gevonden : C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Map Gevonden : C:\Users\Linda\AppData\Local\Pokki
Map Gevonden : C:\Users\Linda\AppData\LocalLow\AskToolbar
Map Gevonden : C:\Users\Linda\AppData\LocalLow\AVG Secure Search
Map Gevonden : C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Map Gevonden : C:\Users\Linda\AppData\Roaming\Systweak
Map Gevonden : C:\Users\rik\AppData\Local\apn
Map Gevonden : C:\Users\rik\AppData\Local\AVG Secure Search
Map Gevonden : C:\Users\rik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Map Gevonden : C:\Users\rik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Map Gevonden : C:\Users\rik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Map Gevonden : C:\Users\rik\AppData\Local\PackageAware
Map Gevonden : C:\Users\rik\AppData\LocalLow\AskToolbar
Map Gevonden : C:\Users\rik\AppData\LocalLow\AVG Secure Search
Map Gevonden : C:\Users\rik\AppData\Roaming\337
Map Gevonden : C:\Users\rik\AppData\Roaming\337 Wallpaper
Map Gevonden : C:\Users\rik\AppData\Roaming\dvdvideosoftiehelpers
Map Gevonden : C:\Users\rik\AppData\Roaming\NCH Software
Map Gevonden : C:\Users\rik\AppData\Roaming\Omiga Plus
Map Gevonden : C:\Users\rik\AppData\Roaming\Systweak
Map Gevonden : C:\Users\rik\AppData\Roaming\WinZipper
Map Gevonden : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Taken ] *****

Taak Gevonden : Desk 365 RunAsStdUser
Taak Gevonden : Omiga Plus RunAsStdUser
Taak Gevonden : Scheduled Update for Ask Toolbar

***** [ Snelkoppelingen ] *****

Snelkoppeling Gevonden : C:\Users\rik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST1500DL003-9VT16L_5YD5CNZ7XXXX5YD5CNZ7&ts=1377965286 )
Snelkoppeling Gevonden : C:\Users\rik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST1500DL003-9VT16L_5YD5CNZ7XXXX5YD5CNZ7&ts=1377965286 )
Snelkoppeling Gevonden : C:\Users\rik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST1500DL003-9VT16L_5YD5CNZ7XXXX5YD5CNZ7&ts=1377965286 )
Snelkoppeling Gevonden : C:\Users\rik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&utm_campaign=eXQ&utm_content=sc&from=ild&uid=ST1500DL003-9VT16L_5YD5CNZ7XXXX5YD5CNZ7&ts=1377965286 )

***** [ Register ] *****

Gegevens Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
Gegevens Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll
Sleutel Gevonden : HKCU\Software\APN
Sleutel Gevonden : HKCU\Software\AppDataLow\Software\AskToolbar
Sleutel Gevonden : HKCU\Software\Ask.com
Sleutel Gevonden : HKCU\Software\AVG Secure Search
Sleutel Gevonden : HKCU\Software\AVG Security Toolbar
Sleutel Gevonden : HKCU\Software\Conduit
Sleutel Gevonden : HKCU\Software\gamesbar
Sleutel Gevonden : HKCU\Software\IGearSettings
Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1A93C934-025B-4C3A-B38E-9654A7003239}
Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A93C934-025B-4C3A-B38E-9654A7003239}
Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Gevonden : HKCU\Software\Myfree Codec
Sleutel Gevonden : HKCU\Software\Softonic
Sleutel Gevonden : [x64] HKCU\Software\APN
Sleutel Gevonden : [x64] HKCU\Software\Ask.com
Sleutel Gevonden : [x64] HKCU\Software\AVG Secure Search
Sleutel Gevonden : [x64] HKCU\Software\AVG Security Toolbar
Sleutel Gevonden : [x64] HKCU\Software\Conduit
Sleutel Gevonden : [x64] HKCU\Software\gamesbar
Sleutel Gevonden : [x64] HKCU\Software\IGearSettings
Sleutel Gevonden : [x64] HKCU\Software\Myfree Codec
Sleutel Gevonden : [x64] HKCU\Software\Softonic
Sleutel Gevonden : HKLM\SOFTWARE\APN
Sleutel Gevonden : HKLM\SOFTWARE\AskToolbar
Sleutel Gevonden : HKLM\SOFTWARE\AVG Secure Search
Sleutel Gevonden : HKLM\SOFTWARE\AVG Security Toolbar
Sleutel Gevonden : HKLM\SOFTWARE\bearsharemediabartb
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Sleutel Gevonden : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Sleutel Gevonden : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\oberontb.band
Sleutel Gevonden : HKLM\SOFTWARE\Classes\oberontb.band.1
Sleutel Gevonden : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO
Sleutel Gevonden : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO.1
Sleutel Gevonden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Sleutel Gevonden : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Sleutel Gevonden : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Sleutel Gevonden : HKLM\SOFTWARE\Classes\S
Sleutel Gevonden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Sleutel Gevonden : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Sleutel Gevonden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Sleutel Gevonden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{AD76633E-E50D-4844-9E7F-4DFBC7C18467}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Sleutel Gevonden : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Sleutel Gevonden : HKLM\SOFTWARE\Conduit
Sleutel Gevonden : HKLM\SOFTWARE\Desksvc
Sleutel Gevonden : HKLM\SOFTWARE\gamesbar
Sleutel Gevonden : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Sleutel Gevonden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Sleutel Gevonden : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Sleutel Gevonden : HKLM\SOFTWARE\hdcode
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4C3A-B38E-9654A7003239}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_htc-sync_RASAPI32
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_htc-sync_RASMANCS
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_samsung-pc-studio (1)_RASAPI32
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_samsung-pc-studio (1)_RASMANCS
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_samsung-pc-studio_RASAPI32
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_samsung-pc-studio_RASMANCS
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gamesbar
Sleutel Gevonden : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Sleutel Gevonden : HKLM\SOFTWARE\Myfree Codec
Sleutel Gevonden : HKLM\SOFTWARE\omigaplusSvc
Sleutel Gevonden : HKLM\SOFTWARE\systweak
Sleutel Gevonden : HKLM\SOFTWARE\V9
Sleutel Gevonden : HKLM\SOFTWARE\winzipersvc
Sleutel Gevonden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Sleutel Gevonden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1 C9
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Waarde Gevonden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Waarde Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchEngineProtection]
Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Waarde Gevonden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

-\\ Mozilla Firefox v

-\\ Google Chrome v37.0.2062.124

[ Bestand : C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gevonden [Search Provider] : hxxp://isearch.avg.com/search?cid={4E7CDB3B-066F-437F-BB85-808C542A0141}&mid=e8ee19e798ce47d0a3535dc0e38653d3-9aa30d733097139056411fbd0b3198591ba15564&lang=nl&ds=cv011&pr=sa&d=2012-05-25 23:51:28&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
Gevonden [Homepage] : hxxp://isearch.avg.com/?cid={4E7CDB3B-066F-437F-BB85-808C542A0141}&mid=e8ee19e798ce47d0a3535dc0e38653d3-9aa30d733097139056411fbd0b3198591ba15564&lang=nl&ds=cv011&pr=sa&d=2012-05-25 23:51:28&v=15.3.0.11&pid=avg&sg=0&sap=hp
Gevonden [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gevonden [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Gevonden [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gevonden [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gevonden [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gevonden [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gevonden [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
Gevonden [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

[ Bestand : C:\Users\rik\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gevonden [Search Provider] : hxxp://www.vd.nl/search.jsf?searchQuery={searchTerms}
Gevonden [Search Provider] : hxxp://www.saturn.nl/?searchCategory=onlineshop%3Bcat000101020200%3B&searchQuery={searchTerms}
Gevonden [Search Provider] : hxxp://nl.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [24210 octets] - [02/10/2014 13:20:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24271 octets] ##########

**larsvorst** · 02-10-14, 12:32

DDS log:

Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6-12-2011 19:09:23
System Uptime: 2-10-2014 12:49:12 (1 hours ago)
.
Motherboard: MEDIONPC | | MS-7728
Processor: Intel(R) Core(TM) i3-2130 CPU @ 3.40GHz | CPU 1 | 2788/400mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 1346 GiB total, 1192,838 GiB free.
D: is FIXED (NTFS) - 50 GiB total, 28,813 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP316: 29-9-2014 21:33:23 - Windows Update
RP317: 30-9-2014 19:24:43 - Windows Update
RP318: 30-9-2014 19:42:45 - Windows Update
RP319: 30-9-2014 20:47:09 - Windows Update
RP320: 30-9-2014 21:19:35 - Installed SpyHunter
RP321: 1-10-2014 13:33:32 - Windows Update
RP322: 1-10-2014 20:32:26 - Windows Update
RP323: 2-10-2014 3:59:49 - Windows Update
RP324: 2-10-2014 13:13:42 - Removed SpyHunter
.
==== Installed Programs ======================
.
Aangifte inkomstenbelasting 2013
Adobe AIR
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.09) - Nederlands
Adobe Shockwave Player 11.6
Ashampoo Burning Studio
Ashampoo Photo Commander
Ashampoo Photo Optimizer
Ashampoo Snap
Ask Toolbar
Asmedia ASM104x USB 3.0 Host Controller Driver
AVG Security Toolbar
BearShare
Bridge Base Online
Canon Easy-WebPrint EX
Canon IJ Scan Utility
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG3200 series MP Drivers
Canon MG3200 series On-screen Manual
Canon MP280 series MP Drivers
Canon My Image Garden
Canon My Image Garden Design Files
Canon My Printer
Canon Quick Menu
Corel Graphics - Windows Shell Extension
Corel Graphics - Windows Shell Extension 64 Bit
CorelDRAW Essentials X5
CorelDRAW Essentials X5 - Common
CorelDRAW Essentials X5 - Connect
CorelDRAW Essentials X5 - Custom Data
CorelDRAW Essentials X5 - DE
CorelDRAW Essentials X5 - Draw
CorelDRAW Essentials X5 - EN
CorelDRAW Essentials X5 - ES
CorelDRAW Essentials X5 - Extra Content
CorelDRAW Essentials X5 - Filters
CorelDRAW Essentials X5 - FR
CorelDRAW Essentials X5 - IPM
CorelDRAW Essentials X5 - IT
CorelDRAW Essentials X5 - PHOTO-PAINT
CorelDRAW Essentials X5 - Redist
CorelDRAW Essentials X5 - Setup Files
CorelDRAW Essentials X5 - WT
CyberLink LabelPrint
CyberLink Power2Go
CyberLink PowerDVD Copy
CyberLink PowerRecover
CyberLink WaveEditor
D3DX10
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Fotótár
Fotogalerie
Fotogalerija
Fotograf Galerisi
Free YouTube to MP3 Converter version 3.11.32.918
Full Tilt Poker.Eu
Galeria de Fotografias do Windows Live
Galeria fotografii
Galerie de photos
Galería de fotos
GamesBar 2.0.1.82
Gebruikersregistratie voor Canon MG3200 series
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
HTC Driver Installer
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Java 7 Update 65
Java Auto Updater
Junk Mail filter update
Kaspersky PURE 3.0
Malwarebytes Anti-Malware versie 2.0.2.1012
McAfee Security Scan Plus
Medion Home Cinema
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (Nederlands)
Microsoft .NET Framework 4.5.1 (NLD)
Microsoft Access MUI (Dutch) 2013
Microsoft Application Error Reporting
Microsoft DCF MUI (Dutch) 2013
Microsoft Excel MUI (Dutch) 2013
Microsoft Groove MUI (Dutch) 2013
Microsoft InfoPath MUI (Dutch) 2013
Microsoft Lync MUI (Dutch) 2013
Microsoft Office 32-bit Components 2013
Microsoft Office Korrekturhilfen 2013 - Deutsch
Microsoft Office OSM MUI (Dutch) 2013
Microsoft Office OSM UX MUI (Dutch) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (Dutch) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Nederlands
Microsoft Office Shared 32-bit MUI (Dutch) 2013
Microsoft Office Shared MUI (Dutch) 2013
Microsoft OneNote MUI (Dutch) 2013
Microsoft Outlook MUI (Dutch) 2013
Microsoft PowerPoint MUI (Dutch) 2013
Microsoft Publisher MUI (Dutch) 2013
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Word MUI (Dutch) 2013
MioMore Desktop 7.50
Movie Maker
Mozilla Maintenance Service
Mozilla Thunderbird 16.0.1 (x86 nl)
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
MyFreeCodec
NVIDIA-configuratiescherm 331.65
NVIDIA 3D Vision stuurprogramma 331.65
NVIDIA Grafisch stuurprogramma 331.65
NVIDIA HD Audio Driver 1.2.23.3
NVIDIA Install Application
NVIDIA Optimus 1.3.5
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.15.2
NVIDIA Update Components
Official 2012 Countdown
Origin
Outils de vérification linguistique 2013 de Microsoft Office*- Français
Photo Common
Photo Gallery
PlayReady PC Runtime amd64
Poczta uslugi Windows Live
Podstawowe programy Windows Live
PokerStars
Pošta Windows Live
Raccolta foto
Realtek High Definition Audio Driver
RecordPad Sound Recorder
RESCUE 2013
S?????? f?t???af???
Samsung Kies
Samsung Mobile phone USB driver Drive Software
Samsung New PC Studio
Samsung PC Studio 3
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition
Sid Meier's Civilization V
Spelling Dictionaries Support For Adobe Reader X
Steam
swMSM
ThreeShipsPluginSetup
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2881011) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition
WavePad Sound Editor
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
World of Tanks
World of Warplanes
Zuma Deluxe RA
.
==== End Of File ===========================

DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280 BrowserJavaVersion: 10.65.2
Run by rik at 13:21:53 on 2014-10-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4078.1607 [GMT 2:00]
.
AV: Kaspersky PURE 3.0 *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky PURE 3.0 *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\GamesBar\SearchEngineProtection.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\splwow64.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\syswow64\MsiExec.exe
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\taskhost.exe
C:\Users\rik\Desktop\adwcleaner_3.311.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.startpagina.nl
uSearch Bar = Preserve
mStart Page = www.google.com
mDefault_Page_URL = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: GamesBarBHO Class: {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: GamesBar: {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [SearchEngineProtection] C:\Program Files (x86)\Gamesbar\SearchEngineProtection.exe
uRun: [ares] "C:\ares\Ares\Ares.exe" -h
uRun: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
uRun: [GoogleChromeAutoLaunch_E821D68A81418EDB6E02DEBD153B52F6] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [NPSStartup] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {1A93C934-025B-4c3a-B38E-9654A7003239} - {6F282B65-56BF-4BD1-A8B2-A4449A05863D}
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{5B90CD70-E56C-4456-B65F-11601705E13B} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EBA514C7-7409-485B-8D39-076AFE750DB6} : DHCPNameServer = 192.168.42.129
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = www.google.com
x64-mDefault_Page_URL = www.google.com
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\System32\drivers\CSCrySec.sys [2013-10-6 84536]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-8-11 27240]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 50976]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\System32\drivers\CSVirtualDiskDrv.sys [2013-10-6 66616]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2009-9-14 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-10-18 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]
R2 AVP;Kaspersky Anti-Virus-service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -r [?]
R2 CSObjectsSrv;CryptoStorage control service;C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2012-12-21 819040]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-11 13592]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-9-30 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-9-30 860472]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-11 2656280]
R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-8-12 1820184]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-6-2 128488]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-6-2 401896]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-9-3 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-9-3 29280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-9-30 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-9-30 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-9-30 63704]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-11 533096]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2011-7-18 694888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-5-26 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-30 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-8-17 171008]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-9-30 19456]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\Windows\System32\drivers\ss_bbus.sys [2012-6-4 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\Windows\System32\drivers\ss_bmdfl.sys [2012-6-4 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\Windows\System32\drivers\ss_bmdm.sys [2012-6-4 161280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2012-5-30 16448]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-30 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-9-30 30208]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-12 1255736]
S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2010-9-23 129008]
.
=============== Created Last 30 ================
.
2014-10-02 11:21:26 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-10-02 11:20:28 -------- d-----w- C:\AdwCleaner
2014-10-01 18:32:04 6574592 ----a-w- C:\Windows\System32\mstscax.dll
2014-10-01 18:32:04 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-10-01 18:31:56 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-10-01 18:31:56 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-09-30 19:20:31 110080 ----a-r- C:\Users\rik\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconF7A21AF7.exe
2014-09-30 19:20:31 110080 ----a-r- C:\Users\rik\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\IconD7F16134.exe
2014-09-30 19:20:31 110080 ----a-r- C:\Users\rik\AppData\Roaming\Microsoft\Installer\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}\Icon1226A4C5.exe
2014-09-30 19:20:30 -------- d-----w- C:\sh4ldr
2014-09-30 19:19:09 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-30 19:19:06 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-09-30 19:13:35 -------- d-----w- C:\Program Files\trend micro
2014-09-30 19:02:19 -------- d-----w- C:\Windows\System32\drivers\en-US
2014-09-30 18:56:59 812216 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-09-30 18:56:59 810168 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-09-30 18:56:59 4232704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-09-30 18:56:59 2104832 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-09-30 18:56:59 2014208 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-09-30 18:52:28 3584 ----a-w- C:\Windows\System32\drivers\nl-NL\tsusbflt.sys.mui
2014-09-30 18:52:26 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2014-09-30 18:52:26 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2014-09-30 18:52:25 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2014-09-30 18:52:24 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2014-09-30 18:52:24 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2014-09-30 18:17:34 -------- d-----w- C:\ProgramData\22285
2014-09-30 18:01:27 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-30 18:01:13 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-09-30 18:01:13 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-09-30 18:01:13 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-30 18:01:13 -------- d-----w- C:\ProgramData\Malwarebytes
2014-09-30 18:01:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-30 17:45:38 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F8C1A743-F17F-4D69-8C7C-FD085BBBA6E1}\offreg.dll
2014-09-30 17:45:08 -------- d-----w- C:\ProgramData\Microsoft Toolkit
2014-09-30 17:25:49 11578928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F8C1A743-F17F-4D69-8C7C-FD085BBBA6E1}\mpengine.dll
2014-09-30 17:24:36 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-30 17:24:36 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-24 08:58:18 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-24 08:58:18 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-14 20:16:03 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2014-09-14 20:16:03 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-10 22:02:17 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2014-09-10 22:02:17 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2014-09-10 22:02:10 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-09-10 22:02:10 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-09-10 22:01:59 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-10 22:01:59 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-10 22:01:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-09-10 22:01:59 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-09-10 22:01:58 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-09-10 22:01:55 578048 ----a-w- C:\Windows\System32\aepdu.dll
2014-09-10 22:01:55 424448 ----a-w- C:\Windows\System32\aeinv.dll
.
==================== Find3M ====================
.
2014-09-24 09:42:27 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-24 09:42:27 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-15 07:06:02 278152 ------w- C:\Windows\System32\MpSigStub.exe
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:59:01 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-18 22:29:49 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53 5833728 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:03:47 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:16 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13 2310656 ----a-w- C:\Windows\System32\wininet.dll
2014-08-18 21:07:44 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48 1812992 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-08-12 12:30:13 50976 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2014-07-25 00:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-07-11 01:02:05 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
.
============= FINISH: 13:24:09,93 ===============

**Emphyrio** · 02-10-14, 12:43

Lees de instructies aub eens aandachtig door.

In je volgende posting hadden we graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
.

MBAM (aangepaste scan)
AdwCleaner ( de log na verwijdering)
DDS.txt (niet de attached)
Gmer (???)

**larsvorst** · 02-10-14, 12:58

Hier de Gmer log (was nog aan het scannen)

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-10-02 13:57:08
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST1500DL rev.CC4A 1397,27GB
Running: 11qmgu4s.exe; Driver: C:\Users\rik\AppData\Local\Temp\pftdrpow.sys

---- Kernel code sections - GMER 2.1 ----

INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80003805000 63 bytes [00, 00, 15, 02, 46, 4D, 72, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594 fffff80003805042 4 bytes [00, 00, 00, 00]

---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\Steam\Steam.exe[4072] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Steam\Steam.exe[4072] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\AVG Secure Search\vprot.exe[2944] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[4300] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[4428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE[4428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[2908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[1820] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe[1820] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[5140] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Common Files\Steam\SteamService.exe[5140] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5588] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5588] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5452] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5452] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[7032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[7032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[6968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[6968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
? C:\Windows\system32\mssprxy.dll [6968] entry point in ".rdata" section 0000000058de71e6
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[6660] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[6660] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6292] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075931465 2 bytes [93, 75]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6292] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759314bb 2 bytes [93, 75]
.text ... * 2

---- Kernel IAT/EAT - GMER 2.1 ----

IAT C:\Windows\System32\win32k.sys[ntoskrnl.exe!KeUserModeCallback] [fffff880046ebf00] \SystemRoot\system32\DRIVERS\klif.sys [PAGE]

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 97041
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}@LeaseObtainedTime 1412249170
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}@T1 1412292370
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}@T2 1412324770
Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{63A3E769-8B26-4CC2-8F44-87F53971FE65}@LeaseTerminatesTime 1412335570

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----

**Emphyrio** · 02-10-14, 13:06

De Gmer log is het enige correcte dat ik heb mogen ontvangen.
Nogmaals: Lees aandachtig de instructies aub en post enkel het gevraagde.
Versta je iets niet (of je begrijpt niet goed Nederlands) zeg het me dan.

Mededeling

V9 virus verwijderen

V9 virus verwijderen

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment