Mededeling

Collapse
No announcement yet.

Doorverwijzing naar ongewenste websites

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Doorverwijzing naar ongewenste websites

    Hallo,

    Voor mijn studie ben ik een aantal maanden in Italië. Sinds mijn aankomst hier zit ik met een probleem.
    Wanneer ik bepaalde websites bezoek (tweakers.net bijvoorbeeld), word ik automatisch doorverwezen naar een nieuwe website.
    Ten eerste komt er een ip adres (94.249.192.104/chk.html) in de adresbalk en vervolgens wordt ik doorgestuurd naar een dating site, polizia melding met betaal mogelijkheid (zie bijlage) of andere random ads.

    Probleem komt voor op meerdere laptops en mobiele telefoons.
    Mijn vraag aan jullie: Is dit een bekend probleem en kan ik hier wat aan doen?

    Groet,

    Jeroen

    Bijlage:
    Click image for larger version

Name:	website.jpg
Views:	1
Size:	379,3 KB
ID:	1074002

    PS. Ik krijg de tool "GMER" niet draaiende. Wordt automatisch afgesloten.

    -----------------------------------------------------------------------------------------------------------------------

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 15-10-2014
    Scan Time: 15:36:54
    Logfile: MB scanlog.txt
    Administrator: Yes

    Version: 2.00.3.1025
    Malware Database: v2014.10.15.03
    Rootkit Database: v2014.10.15.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Jeroen

    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 568065
    Time Elapsed: 56 min, 39 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    -----------------------------------------------------------------------------------------------------------------------

    # AdwCleaner v4.000 - Rapport aangemaakt 15/10/2014 op 16:37:22
    # DB v2014-10-15.7
    # Laatste Update 12/10/2014 door Xplode
    # Besturingssysteem : Windows 8.1 Pro (64 bits)
    # Gebruikersnaam : Jeroen - JEROEN-LAPTOP
    # Gestart vanuit : C:\Users\Jeroen\Desktop\adwcleaner_4.000.exe
    # Optie : Verwijderen

    ***** [ Services ] *****


    ***** [ Bestanden / Mappen ] *****

    Map Verwijderd : C:\Users\Jeroen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio

    ***** [ Taken ] *****


    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17278


    -\\ Mozilla Firefox v


    -\\ Google Chrome v38.0.2125.104

    Verwijderd [Search Provider] : hxxp://nl.softonic.com/s/{searchTerms}

    *************************

    AdwCleaner[R0].txt - [2487 octets] - [12/10/2014 17:18:56]
    AdwCleaner[R1].txt - [1022 octets] - [15/10/2014 16:36:13]
    AdwCleaner[S0].txt - [2352 octets] - [12/10/2014 17:20:00]
    AdwCleaner[S1].txt - [1014 octets] - [15/10/2014 16:37:22]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1074 octets] ##########



    -----------------------------------------------------------------------------------------------------------------------




    E-Peek v 1.0.5.4 © Emphyrio/Onsia Patrick 2013-2014
    E Dev
    Run at wo 15 okt 2014 16:42
    .
    Windows 8.1 Professional (64 bits)
    C:\WINDOWS [NTFS - Fixed]
    Default Browser: Google Chrome
    Boot mode: Normal boot
    User logged in: Jeroen
    .
    Java x86: 1.7.0_67
    Java x64: n/a
    .
    AV : AVG AntiVirus Free Edition 2015 [Updated - Not Running]
    AV : Windows Defender [Updated - Not Running]
    AS : Windows Defender [Updated - Not Running]
    AS : AVG AntiVirus Free Edition 2015 [Updated - Not Running]
    FW : Windows firewall
    .
    ==================== Files and Folders history =================================

    Folders Created Last 7 days :

    15-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev
    12-10-2014 ##### r-h-s-d+a- C:\Users\Jeroen\AppData\Roaming\AVG2015
    12-10-2014 ##### r-h-s-d+a- C:\Users\Jeroen\AppData\Local\Avg2015
    12-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG2015
    12-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\AVG
    12-10-2014 ##### r-h-s-d+a- C:\AdwCleaner
    12-10-2014 ##### r-h+s-d+a- C:\$AVG
    10-10-2014 ##### r-h-s-d+a- C:\Users\Jeroen\AppData\Roaming\Skype
    10-10-2014 ##### r-h-s-d+a- C:\Users\Jeroen\AppData\Roaming\Oracle
    10-10-2014 ##### r-h-s-d+a- C:\Users\Jeroen\AppData\Local\Skype
    10-10-2014 ##### r-h-s-d+a- C:\ProgramData\Sun
    10-10-2014 ##### r-h-s-d+a- C:\ProgramData\Skype
    10-10-2014 ##### r-h-s-d+a- C:\ProgramData\Oracle
    10-10-2014 ##### r-h-s-d+a- C:\ProgramData\Malwarebytes
    10-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\SystemRequirementsLab
    10-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware
    10-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Java

    Files Modified Last 7 days :

    15-10-2014 00477144 r-h-s-d-a+ C:\WINDOWS\system32\FNTCACHE.DAT
    15-10-2014 00000018 r-h-s-d-a+ C:\WINDOWS\SysWOW64\log.txt
    12-10-2014 01823174 r-h-s-d-a+ C:\WINDOWS\system32\PerfStringBackup.INI
    12-10-2014 00812762 r-h-s-d-a+ C:\WINDOWS\system32\perfh013.dat
    12-10-2014 00728534 r-h-s-d-a+ C:\WINDOWS\system32\perfh009.dat
    12-10-2014 00164720 r-h-s-d-a+ C:\WINDOWS\system32\perfc013.dat
    12-10-2014 00138142 r-h-s-d-a+ C:\WINDOWS\system32\perfc009.dat
    10-10-2014 00272808 r-h-s-d-a+ C:\WINDOWS\SysWOW64\javaws.exe
    10-10-2014 00175528 r-h-s-d-a+ C:\WINDOWS\SysWOW64\javaw.exe
    10-10-2014 00175528 r-h-s-d-a+ C:\WINDOWS\SysWOW64\java.exe
    10-10-2014 00098216 r-h-s-d-a+ C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

    Files Created Last 7 days :

    15-10-2014 23631360 r-h-s-d-a+ C:\WINDOWS\system32\mshtml.dll
    15-10-2014 17484800 r-h-s-d-a+ C:\WINDOWS\SysWOW64\mshtml.dll
    15-10-2014 13619200 r-h-s-d-a+ C:\WINDOWS\system32\ieframe.dll
    15-10-2014 11807232 r-h-s-d-a+ C:\WINDOWS\SysWOW64\ieframe.dll
    15-10-2014 05829632 r-h-s-d-a+ C:\WINDOWS\system32\jscript9.dll
    15-10-2014 04201472 r-h-s-d-a+ C:\WINDOWS\SysWOW64\jscript9.dll
    15-10-2014 04183040 r-h-s-d-a+ C:\WINDOWS\system32\win32k.sys
    15-10-2014 02796032 r-h-s-d-a+ C:\WINDOWS\system32\iertutil.dll
    15-10-2014 02309632 r-h-s-d-a+ C:\WINDOWS\system32\wininet.dll
    15-10-2014 02187264 r-h-s-d-a+ C:\WINDOWS\SysWOW64\iertutil.dll
    15-10-2014 02108416 r-h-s-d-a+ C:\WINDOWS\system32\inetcpl.cpl
    15-10-2014 02017280 r-h-s-d-a+ C:\WINDOWS\SysWOW64\inetcpl.cpl
    15-10-2014 01810944 r-h-s-d-a+ C:\WINDOWS\SysWOW64\wininet.dll
    15-10-2014 01447936 r-h-s-d-a+ C:\WINDOWS\system32\urlmon.dll
    15-10-2014 01190400 r-h-s-d-a+ C:\WINDOWS\SysWOW64\urlmon.dll
    15-10-2014 00775168 r-h-s-d-a+ C:\WINDOWS\system32\ieapfltr.dll
    15-10-2014 00758272 r-h-s-d-a+ C:\WINDOWS\system32\jscript9diag.dll
    15-10-2014 00731136 r-h-s-d-a+ C:\WINDOWS\system32\msfeeds.dll
    15-10-2014 00710656 r-h-s-d-a+ C:\WINDOWS\system32\ie4uinit.exe
    15-10-2014 00678400 r-h-s-d-a+ C:\WINDOWS\SysWOW64\ieapfltr.dll
    15-10-2014 00607744 r-h-s-d-a+ C:\WINDOWS\SysWOW64\msfeeds.dll
    15-10-2014 00590336 r-h-s-d-a+ C:\WINDOWS\system32\rastls.dll
    15-10-2014 00547328 r-h-s-d-a+ C:\WINDOWS\system32\vbscript.dll
    15-10-2014 00514048 r-h-s-d-a+ C:\WINDOWS\SysWOW64\rastls.dll
    15-10-2014 00454656 r-h-s-d-a+ C:\WINDOWS\SysWOW64\vbscript.dll
    15-10-2014 00363008 r-h-s-d-a+ C:\WINDOWS\system32\iedkcs32.dll
    15-10-2014 00315904 r-h-s-d-a+ C:\WINDOWS\SysWOW64\iedkcs32.dll
    15-10-2014 00289280 r-h-s-d-a+ C:\WINDOWS\system32\dxtrans.dll
    15-10-2014 00243200 r-h-s-d-a+ C:\WINDOWS\SysWOW64\dxtrans.dll
    15-10-2014 00085504 r-h-s-d-a+ C:\WINDOWS\system32\mshtmled.dll
    15-10-2014 00083968 r-h-s-d-a+ C:\WINDOWS\system32\MshtmlDac.dll
    15-10-2014 00076288 r-h-s-d-a+ C:\WINDOWS\system32\packager.dll
    15-10-2014 00069632 r-h-s-d-a+ C:\WINDOWS\SysWOW64\mshtmled.dll
    15-10-2014 00068608 r-h-s-d-a+ C:\WINDOWS\SysWOW64\packager.dll
    15-10-2014 00061952 r-h-s-d-a+ C:\WINDOWS\SysWOW64\MshtmlDac.dll
    15-10-2014 00000000 r-h-s-d-a+ C:\Users\Jeroen\defogger_reenable
    12-10-2014 00536576 r-h-s-d-a+ C:\WINDOWS\SysWOW64\sqlite3.dll
    10-10-2014 00272808 r-h-s-d-a+ C:\WINDOWS\SysWOW64\javaws.exe
    10-10-2014 00175528 r-h-s-d-a+ C:\WINDOWS\SysWOW64\javaw.exe
    10-10-2014 00175528 r-h-s-d-a+ C:\WINDOWS\SysWOW64\java.exe
    10-10-2014 00098216 r-h-s-d-a+ C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

    ==================== RUNNING PROCESSES =========================================

    [DptfPolicyConfigTDPService] -SYSTEM- C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe - (Intel Corporation)

    ==================== IE PAGES ==================================================

    IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxps://mysearch.avg.com?cid={84584CC2-26EE-4973-A6BE-FF38B3BCAF0B}&mid=c8dcfa2abe4e47d29dd115cc4ed50d2d-7b6186092650a09c991179414d9335ed141706ac&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-08 17:21:24&v=18.1.9.799&pid=safeguard&sg=&sap=hp
    IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\WINDOWS\system32\blank.htm
    IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll
    IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm
    IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxps://mysearch.avg.com?cid={84584CC2-26EE-4973-A6BE-FF38B3BCAF0B}&mid=c8dcfa2abe4e47d29dd115cc4ed50d2d-7b6186092650a09c991179414d9335ed141706ac&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-08 17:21:24&v=18.1.9.799&pid=safeguard&sg=&sap=hp
    IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\WINDOWS\system32\blank.htm
    IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll
    IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm
    IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE10 x64 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    ==================== Auto Load =================================================

    AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = userinit.exe,
    AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe
    AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe,
    AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe

    ==================== Google Chrome =============================================

    GC - Prefpath: C:\Users\Jeroen\AppData\Local\Google\Chrome\User Data\Default\Preferences

    GC - Profile Name: Eerste gebruiker
    GC - Homepage:
    GC - Default Search Provider:

    = Known Disabled Extensions =



    ==================== Windows Host File =========================================


    ==================== BHO =======================================================

    BHO - [Lync Browser Helper] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} @ Default = C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    BHO - [Java(tm) Plug-In SSV Helper] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} @ Default = C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO - [Logitech SetPoint] - {AF949550-9094-4807-95EC-D1C317803333} @ Default = C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
    BHO - [Microsoft SkyDrive Pro Browser Helper] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} @ Default = C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
    BHO - [Java(tm) Plug-In 2 SSV Helper] - {DBC80044-A445-435b-BC74-9C25C1C588A9} @ Default = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO x64 - [Lync Browser Helper] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} @ Default = C:\Program Files\Microsoft Office\Office15\OCHelper.dll
    BHO x64 - [Logitech SetPoint] - {AF949550-9094-4807-95EC-D1C317803333} @ Default = C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
    BHO x64 - [Microsoft SkyDrive Pro Browser Helper] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} @ Default = C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL

    ==================== Auto Start Programs =======================================

    ASP01 - HKLM\..\Run @ Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    ASP01 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
    ASP01 - HKLM\..\Run @ PWRISOVM.EXE = C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
    ASP01 - HKLM\..\Run @ SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    ASP04 - HKCU\..\Run @ AVG-Secure-Search-Update_0414c = "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe" /PROMPT /CMPID=0414c
    ASP04 - HKCU\..\Run @ AVG-Secure-Search-Update_1213b = C:\Users\Jeroen\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=c8dcfa2abe4e47d29dd115cc4ed50d2d-7b6186092650a09c991179414d9335ed141706ac /CMPID=1213b
    ASP04 - HKCU\..\Run @ GoogleChromeAutoLaunch_C8CAFD4922E1095A36F6B79A121CC7AA = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    ASP04 - HKCU\..\Run @ GoogleDriveSync = "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    ASP04 - HKCU\..\Run @ Spotify Web Helper = "C:\Users\Jeroen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    ASP04 - HKCU\..\Run @ uTorrent = "C:\Users\Jeroen\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    ASP01 x64 - HKLM\..\Run @ Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    ASP01 x64 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
    ASP01 x64 - HKLM\..\Run @ PWRISOVM.EXE = C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
    ASP01 x64 - HKLM\..\Run @ SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    ASP04 x64 - HKCU\..\Run @ AVG-Secure-Search-Update_0414c = "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe" /PROMPT /CMPID=0414c
    ASP04 x64 - HKCU\..\Run @ AVG-Secure-Search-Update_1213b = C:\Users\Jeroen\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=c8dcfa2abe4e47d29dd115cc4ed50d2d-7b6186092650a09c991179414d9335ed141706ac /CMPID=1213b
    ASP04 x64 - HKCU\..\Run @ GoogleChromeAutoLaunch_C8CAFD4922E1095A36F6B79A121CC7AA = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    ASP04 x64 - HKCU\..\Run @ GoogleDriveSync = "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    ASP04 x64 - HKCU\..\Run @ Spotify Web Helper = "C:\Users\Jeroen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    ASP04 x64 - HKCU\..\Run @ uTorrent = "C:\Users\Jeroen\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    ASP - Startup - C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
    ASP - Startup - C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ASP - Startup - C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SoundSwitch.appref-ms
    ASP - Startup - C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk
    ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini



    ==================== Extra Items IE ============================================

    EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
    EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
    EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing
    EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security
    EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings
    EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International
    EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
    EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
    EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
    EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing
    EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security
    EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings
    EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International
    EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

    ==================== Internet Default Prefix ===================================

    IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://
    IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://
    IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://
    IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://

    ==================== Default Settings IE - DSIE ================================

    DSIE - ieuinit.inf: START_PAGE= "http://go.microsoft.com/fwlink/p/?LinkId
    DSIE - ieuinit.inf: SEARCH_PAGE_URL= "http://go.microsoft.com/fwlink/?LinkId

    ==================== Protocol Hijackers - PH ===================================

    PH00 - Handlersf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} @ = Unknown # C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL # MD5 [cb7e6052455d585dead6f637d8d0a3c9]
    PH01 - Filter:text/xml - {807583E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL <= Unknown
    PH00 x64 - Handlersf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} @ = Unknown # C:\Program Files\Microsoft Office\Office15\MSOSB.DLL # MD5 [59ac63d95071da4b8f1f5a9277b7f4fe]
    PH01 x64 - Filter:text/xml - {807583E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL <= Unknown

    ==================== ShellServiceObjectDelayLoad - SSODL =======================

    SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =
    SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =

    ==================== Extra items - EXT (Torpig/ConduitSearch) ==================

    EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
    EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft
    EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\WINDOWS\system32\shell32.dll
    EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\WINDOWS\system32\ntshrui.dll
    EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
    EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft
    EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\WINDOWS\system32\shell32.dll
    EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\WINDOWS\system32\ntshrui.dll

    ==================== DRIVERS and SERVICES ======================================

    *** Win32OwnProcess ***

    SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
    SERV - R2 - [ASLDRService] - ASLDR Service - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe
    SERV - R2 - [ATKGFNEXSrv] - ATKGFNEX Service - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe
    SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe
    SERV - R2 - [Bluetooth Device Monitor] - Bluetooth Device Monitor - c:\program files (x86)\intel\bluetooth\devmonsrv.exe
    SERV - R2 - [Bluetooth OBEX Service] - Bluetooth OBEX Service - c:\program files (x86)\intel\bluetooth\obexsrv.exe
    SERV - R2 - [DptfParticipantProcessorService] - Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application - c:\windows\system32\dptfparticipantprocessorservice.exe
    SERV - R2 - [DptfPolicyConfigTDPService] - Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application - c:\windows\system32\dptfpolicyconfigtdpservice.exe
    SERV - R2 - [ETDService] - Elan Service - c:\program files\elantech\etdservice.exe
    SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
    SERV - R2 - [Intel(R) ME Service] - Intel(R) ME Service - c:\program files (x86)\intel\intel(r) management engine components\fwservice\intelmefwservice.exe
    SERV - R2 - [Intel(R) Wireless Bluetooth(R) 4.0 Radio Management] - Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - c:\program files (x86)\intel\bluetooth\ibtrksrv.exe
    SERV - R2 - [irstrtsv] - Intel(R) Rapid Start Technology Service - c:\windows\syswow64\irstrtsv.exe
    SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
    SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
    SERV - R2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe
    SERV - R2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
    SERV - R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
    SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
    SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
    SERV - R3 - [ICCS] - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - c:\program files (x86)\intel\intel(r) integrated clock controller service\iccproxy.exe
    SERV - R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
    SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe
    SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
    SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
    SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
    SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
    SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
    SERV - S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
    SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
    SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
    SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
    SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
    SERV - S3 - [iumsvc] - Intel(R) Update Manager - c:\program files (x86)\intel\intel(r) update manager\bin\iumsvc.exe
    SERV - S3 - [LBTServ] - Logitech Bluetooth Service - c:\program files\common files\logishrd\bluetooth\lbtserv.exe
    SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
    SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
    SERV - S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
    SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
    SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
    SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
    SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
    SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
    SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
    SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
    SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
    SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe

    *** Win32ShareProcess ***

    SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
    SERV - R3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
    SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
    SERV - S3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
    SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
    SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

    *** Others ***

    SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
    SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

    *** File System Driver ***

    DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\WINDOWS\system32\Drivers\AVGIDSHA.sys
    DRV - R0 - [Avgloga] - AVG Logging Driver - C:\WINDOWS\system32\Drivers\Avgloga.sys
    DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\WINDOWS\system32\Drivers\Avgmfx64.sys
    DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\WINDOWS\system32\Drivers\Avgrkx64.sys
    DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys
    DRV - R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys
    DRV - R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys
    DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys
    DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys
    DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\WINDOWS\system32\Drivers\srv.sys
    DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\WINDOWS\system32\Drivers\srv2.sys

    *** Kernel Driver ***

    DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\WINDOWS\system32\Drivers\ACPI.sys
    DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys
    DRV - R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys
    DRV - R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys
    DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\WINDOWS\system32\Drivers\disk.sys
    DRV - R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys
    DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\WINDOWS\system32\Drivers\fvevol.sys
    DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\WINDOWS\system32\Drivers\intelpep.sys
    DRV - R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys
    DRV - R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys
    DRV - R0 - [mountmgr] - Mount Point Manager - C:\WINDOWS\system32\Drivers\mountmgr.sys
    DRV - R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys
    DRV - R0 - [NDIS] - NDIS System Driver - C:\WINDOWS\system32\Drivers\NDIS.sys
    DRV - R0 - [partmgr] - Partition Manager - C:\WINDOWS\system32\Drivers\partmgr.sys
    DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\WINDOWS\system32\Drivers\pci.sys
    DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys
    DRV - R0 - [pdc] - pdc - C:\WINDOWS\system32\Drivers\pdc.sys
    DRV - R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys
    DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\WINDOWS\system32\Drivers\spaceport.sys
    DRV - R0 - [storahci] - Microsoft Standaard SATA AHCI-stuurprogramma - C:\WINDOWS\system32\Drivers\storahci.sys
    DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\WINDOWS\system32\Drivers\Tcpip.sys
    DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\WINDOWS\system32\Drivers\vdrvroot.sys
    DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\WINDOWS\system32\Drivers\volmgr.sys
    DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\WINDOWS\system32\Drivers\volmgrx.sys
    DRV - R0 - [volsnap] - Opslagvolumes - C:\WINDOWS\system32\Drivers\volsnap.sys
    DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\WINDOWS\system32\Drivers\Wdf01000.sys
    DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\WINDOWS\system32\Drivers\WFPLWFS.sys
    DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\WINDOWS\system32\Drivers\AFD.sys
    DRV - R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys
    DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\WINDOWS\system32\Drivers\tdx.sys
    DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys
    DRV - S0 - [Avgboota] - AVG Early Launch Anti-Malware Driver - C:\WINDOWS\system32\Drivers\Avgboota.sys
    DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys
    DRV - S3 - [atapi] - IDE-kanaal - C:\WINDOWS\system32\Drivers\atapi.sys

    ==================== SvcHost - White Listed ====================================

    All Ok

    WOW - All Ok

    ==================== SigCheck x86 Fast =========================================

    Fast Scan All ok

    ==================== SigCheck x64 Fast =========================================

    Fast Scan All ok

    ==================== Job tasks =================================================

    There are no .job files found.

    ==================== End scanning at wo 15 okt 2014 16:42 (0 Min 13 Sec ) ======


    -------------------------------------------------------------------------------------------------------------------------




    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 16:58:36, on 15-10-2014
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.9600.17344)


    Boot mode: Normal

    Running processes:
    C:\Users\Jeroen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Jeroen\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    C:\WINDOWS\SysWOW64\ctfmon.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Jeroen\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com?cid={84584CC2-26EE-4973-A6BE-FF38B3BCAF0B}&mid=c8dcfa2abe4e47d29dd115cc4ed50d2d-7b6186092650a09c991179414d9335ed141706ac&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=pr&d=2014-02-08 17:21:24&v=18.1.9.799&pid=safeguard&sg=&sap=hp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
    O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
    O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\Jeroen\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=c8dcfa2abe4e47d29dd115cc4ed50d2d-7b6186092650a09c991179414d9335ed141706ac /CMPID=1213b
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Jeroen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0414c] "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe" /PROMPT /CMPID=0414c
    O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    O4 - HKCU\..\Run: [uTorrent] "C:\Users\Jeroen\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C8CAFD4922E1095A36F6B79A121CC7AA] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    O4 - Startup: Dropbox.lnk = Jeroen\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Startup: SoundSwitch.appref-ms
    O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
    O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @oem15.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
    O23 - Service: @oem15.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
    O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\WINDOWS\SysWOW64\irstrtsv.exe
    O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 13273 bytes

  • #2
    Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
    (hier en hier) kan je lezen hoe je dat doet.

    Download Zoek.exe naar het bureaublad (klik hier voor meer informatie over hoe zoek.exe te gebruiken)
    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkwaardig probleem.
      Code:
      emptyclsid;
      emptyfolderscheck;
      firefoxlook; 
      Chromelook; 
      CHRdefaults;
      autoclean; 
      iedefaults; 
      filesrcm;  
      startupall;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Hierbij het Zoek logje
      Bijgevoegde Bestanden

      Comment


      • #4
        Enige verbetering merkbaar ?

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Op mijn werk geeft hij de meldingen niet meer! Ik zal het vanavond thuis proberen.
          Wel wordt de melding nog steeds weergegeven op mijn mobiel. Is hier ook een oplossing voor?

          Alvast bedankt,
          Jeroen

          Comment


          • #6
            Nee dat zou ik niet weten.

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Ook thuis geen problemen meer, bedankt voor de oplossing!
              Zie je ook waar het probleem vandaan kwam? Ben wel benieuwd waar het probleem nou zat.

              Comment


              • #8
                Kijk maar in de uitslag van zoek.exe alles wat is deleted

                Windows 10 opstarten in Veilige Modus

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X