Mededeling

Collapse
No announcement yet.

Windows Update doet het niet meer

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Windows Update doet het niet meer

    Sinds enige tijd krijg ik van diverse programma,s (waaronder windows update) geen updates meer.

    hieronder mijn log bestanden

    MBAM

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 27-11-2014
    Scan Time: 13:59:10
    Logfile: mbamlog.txt
    Administrator: Yes

    Version: 2.00.3.1025
    Malware Database: v2014.11.27.05
    Rootkit Database: v2014.11.22.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Gebruiker

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 317235
    Time Elapsed: 16 min, 37 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 2
    PUP.Optional.ReMarkable.A, C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Quarantined, [5071fc4458241d193094caee37cdb749],
    PUP.Optional.ReMarkable.A, C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, Quarantined, [f0d1e957413b4ee87e46fabed0344eb2],

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    ADAWARE

    # AdwCleaner v4.102 - Rapport aangemaakt 27/11/2014 op 08:14:41
    # Laatste Update 23/11/2014 door Xplode
    # Database : 2014-11-26.1 [Live]
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruikersnaam : Gebruiker - GEBRUIKER-PC
    # Gestart vanuit : C:\Users\Gebruiker\Desktop\adwcleaner_4.102.exe\adwcleaner_4.102.exe
    # Optie : Verwijderen

    ***** [ Services ] *****


    ***** [ Bestanden / Mappen ] *****

    Map Verwijderd : C:\ProgramData\Partner
    Map Verwijderd : C:\ProgramData\lowpricesapp
    Map Verwijderd : C:\ProgramData\MailUpdate
    Map Verwijderd : C:\ProgramData\DeaLsFFinderPro
    Map Verwijderd : C:\ProgramData\FlexibleShopper
    Map Verwijderd : C:\ProgramData\less2pay
    Map Verwijderd : C:\Program Files (x86)\DeaLsFFinderPro
    Map Verwijderd : C:\Program Files (x86)\FlexibleShopper
    Map Verwijderd : C:\Program Files (x86)\less2pay
    Map Verwijderd : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
    Map Verwijderd : C:\Users\Gebruiker\AppData\Local\Mobogenie
    Map Verwijderd : C:\Users\GEBRUI~1\AppData\Local\Temp\ConstaSurf
    Map Verwijderd : C:\Users\GEBRUI~1\AppData\Local\Temp\AdvanceElite
    Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\dvdvideosoftiehelpers
    Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\Systweak
    Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\MailUpdate
    Map Verwijderd : C:\Users\Gebruiker\Documents\Mobogenie
    Map Verwijderd : C:\Users\Gebruiker\Documents\Optimizer Pro
    Bestand Verwijderd : C:\Windows\System32\roboot64.exe
    Bestand Verwijderd : C:\Users\Gebruiker\daemonprocess.txt
    Bestand Verwijderd : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
    Bestand Verwijderd : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
    Bestand Verwijderd : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
    Bestand Verwijderd : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

    ***** [ Taken ] *****


    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****

    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
    Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\.
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\..9
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DealsFinderPro.DealsFinderPro
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DealsFinderPro.DealsFinderPro.9
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FlexibleShopper.FlexibleShopper
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FlexibleShopper.FlexibleShopper.9
    Sleutel Verwijderd : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3aac675d-3f50-4de2-a2e5-4331d68424eb}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8097b01e-f491-4945-8dad-ed7ae79f3408}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{edecb445-dc0a-4d23-b627-607f56d6c2cb}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8097b01e-f491-4945-8dad-ed7ae79f3408}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{edecb445-dc0a-4d23-b627-607f56d6c2cb}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8097b01e-f491-4945-8dad-ed7ae79f3408}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{edecb445-dc0a-4d23-b627-607f56d6c2cb}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3aac675d-3f50-4de2-a2e5-4331d68424eb}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8097b01e-f491-4945-8dad-ed7ae79f3408}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{edecb445-dc0a-4d23-b627-607f56d6c2cb}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{3aac675d-3f50-4de2-a2e5-4331d68424eb}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{8097b01e-f491-4945-8dad-ed7ae79f3408}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{edecb445-dc0a-4d23-b627-607f56d6c2cb}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
    Sleutel Verwijderd : HKCU\Software\Optimizer Pro
    Sleutel Verwijderd : HKCU\Software\systweak
    Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar
    Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Sleutel Verwijderd : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Sleutel Verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Sleutel Verwijderd : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Sleutel Verwijderd : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Sleutel Verwijderd : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
    Sleutel Verwijderd : HKLM\SOFTWARE\systweak
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{779D1843-0043-65D2-D781-8614F17B6222}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17239


    -\\ Google Chrome v

    [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1412446034&from=cor&uid=WDCXWD5000BEVT-22A0RT0_WD-WX51A80E3112E3112&q={searchTerms}
    [C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [Search Provider] : hxxp://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_adk31_14_38&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0D0AtB0FtB0FtDtAyEtBt BtN0D0Tzu0StCtDtAtDtN1L2XzutAtFyDtFtCtFtCtN1L1Czu1N1C2X1V1T1Q1JtAtC1VtCyE1VtAzztN1L1G1B1V1N2Y1L1Qzu2 StByE0A0AtDzztByCtG0BtCyBtAtGzzyCtB0AtGyDtCzztAtGtDtD0DtC0D0AyE0CtAtByBtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0 B0EtDtCzz0AtBtDtG0B0F0CzztGyEyEyDtBtGzy0C0C0BtGtCzz0Czy0F0C0B0EtAtByBtC2Q&cr=1157896865&ir=

    *************************

    AdwCleaner[R0].txt - [7983 octets] - [27/11/2014 08:11:53]
    AdwCleaner[S0].txt - [7634 octets] - [27/11/2014 08:14:41]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7694 octets] ##########


    GMER

    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-11-27 13:55:38
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
    Running: 7dtb68qj.exe; Driver: C:\Users\GEBRUI~1\AppData\Local\Temp\pxlyyuog.sys


    ---- Kernel code sections - GMER 2.1 ----

    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800033a5000 45 bytes [01, 00, 00, 00, 00, 00, 00, ...]
    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff800033a502f 16 bytes [00, 01, 00, 00, 00, 00, 00, ...]

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe[2460] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 00000000743211a8 2 bytes [32, 74]
    .text C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe[2460] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 00000000743213a8 2 bytes [32, 74]
    .text C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe[2460] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 0000000074321422 2 bytes [32, 74]
    .text C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe[2460] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 0000000074321498 2 bytes [32, 74]
    .text C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe[2460] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 195 00000000742c1b41 2 bytes [2C, 74]
    .text C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe[2460] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 362 00000000742c1be8 2 bytes [2C, 74]
    .text C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe[2460] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 418 00000000742c1c20 2 bytes [2C, 74]
    .text C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe[2460] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 596 00000000742c1cd2 2 bytes [2C, 74]
    .text C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe[2460] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 628 00000000742c1cf2 2 bytes [2C, 74]
    .text C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe[2420] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075421465 2 bytes [42, 75]
    .text C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe[2420] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754214bb 2 bytes [42, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075421465 2 bytes [42, 75]
    .text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754214bb 2 bytes [42, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075421465 2 bytes [42, 75]
    .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5036] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754214bb 2 bytes [42, 75]
    .text ... * 2
    .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075421465 2 bytes [42, 75]
    .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000754214bb 2 bytes [42, 75]
    .text ... * 2
    ---- Processes - GMER 2.1 ----

    Process C:\Users\Gebruiker\AppData\Roaming\T-Mobile Internet Manager\ouc.exe (*** suspicious ***) @ C:\Users\Gebruiker\AppData\Roaming\T-Mobile Internet Manager\ouc.exe [2144] (Online Update Clinet/Huawei Technologies Co., Ltd.)(2011-06-18 22:07:49) 0000000000400000

    ---- EOF - GMER 2.1 ----


    DDS

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17239 BrowserJavaVersion: 10.71.2
    Run by Gebruiker at 13:25:18 on 2014-11-27
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3959.1753 [GMT 1:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
    SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Users\Gebruiker\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
    C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
    C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
    C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
    C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
    C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
    C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
    C:\Program Files (x86)\Launch Manager\LMworker.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_239_ActiveX.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.wielerland.nl/
    uDefault_Page_URL = about:blank
    mStart Page = www.google.com
    mSearch Page = www.google.com
    mDefault_Page_URL = about:blank
    mDefault_Search_URL = www.google.com
    uProxyOverride = <-loopback>
    mWinlogon: Userinit = userinit.exe,
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [HW_OPENEYE_OUC_T-Mobile Internet Manager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe"
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Google Update] "C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\VIDEOW~1.LNK - C:\Program Files (x86)\Video Web Camera\VideoWebCamera.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
    IE: Free YouTube to MP3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    TCP: NameServer = 192.168.0.10
    TCP: Interfaces\{2B76A413-01DA-4ADD-AB49-BD3D90FD1058} : DHCPNameServer = 212.54.40.25 212.54.44.54
    TCP: Interfaces\{2B76A413-01DA-4ADD-AB49-BD3D90FD1058}\030303440324035324544363 : DHCPNameServer = 192.168.11.1
    TCP: Interfaces\{44879544-6244-4EF2-B53E-FD4FA72E203D} : NameServer = 84.241.226.9 84.241.226.140
    TCP: Interfaces\{607EA30D-07AD-4503-9480-31099B7E3EB6} : DHCPNameServer = 192.168.0.10
    TCP: Interfaces\{6C21CAA2-F1F8-49CA-816A-4F99C768AD48} : NameServer = 84.241.226.9 84.241.226.140
    TCP: Interfaces\{F7620339-FFB4-40F0-B766-E794D568D6F9} : NameServer = 84.241.226.140 84.241.226.9
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
    SSODL: WebCheck - <orphaned>
    x64-mStart Page = www.google.com
    x64-mSearch Page = www.google.com
    x64-mDefault_Page_URL = about:blank
    x64-mDefault_Search_URL = www.google.com
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
    x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-6-16 55024]
    R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-26 202752]
    R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-4-26 312400]
    R2 ePowerSvc;Acer ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-9-22 866336]
    R2 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-1-8 23584]
    R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2012-7-16 87368]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-26 13336]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 125584]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-3-9 250368]
    R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-7 167424]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-4-26 2320920]
    R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-4-26 243232]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-4-26 56344]
    R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-4-26 158720]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-3-21 321064]
    R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
    S2 0c632643;Interenet Optimizer;C:\Windows\System32\rundll32.exe [2009-7-14 45568]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2011-6-18 243200]
    S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2013-3-10 33736]
    S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928]
    S3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\System32\drivers\ewusbdev.sys [2011-6-18 114304]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-13 111616]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-11-26 19456]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-4-26 245280]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-11-26 56832]
    S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-20 1255736]
    .
    =============== Created Last 30 ================
    .
    2014-11-27 12:03:52 -------- d-----w- C:\Program Files\Reimage
    2014-11-27 07:46:41 -------- d-----w- C:\Windows\CheckSur
    2014-11-27 07:11:49 -------- d-----w- C:\AdwCleaner
    2014-11-27 06:55:08 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1F1D876D-DAA4-4121-A7F9-1DF12A12AA08}\mpengine.dll
    2014-11-26 10:35:37 -------- d-----w- C:\Windows\System32\drivers\en-US
    2014-11-26 10:31:59 -------- d-----w- C:\Windows\System32\MRT
    2014-11-26 10:31:24 3584 ----a-w- C:\Windows\System32\drivers\nl-NL\tsusbflt.sys.mui
    2014-11-26 10:31:23 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
    2014-11-26 10:31:22 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
    2014-11-26 10:31:20 243200 ----a-w- C:\Windows\System32\rdpudd.dll
    2014-11-26 10:31:20 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
    2014-11-26 10:31:20 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
    2014-11-26 10:31:19 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll
    2014-11-26 10:29:16 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
    2014-11-26 10:29:16 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
    2014-11-26 10:29:14 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2014-11-26 10:29:13 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2014-11-26 10:17:17 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-11-25 21:26:07 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{6698C12F-3581-435E-916C-2929283E8D33}
    2014-11-25 17:45:26 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{22780F14-F30A-4E39-B554-904A4912E42C}\gapaengine.dll
    2014-11-25 17:45:06 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2014-11-16 14:29:29 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-11-16 14:29:29 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-11-15 14:26:35 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{11C31A9D-D746-4B23-ABE3-C67C81B533E2}
    2014-11-10 18:27:17 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{6B65324C-9253-4C6F-BBB6-94D83A4C77F6}
    2014-11-05 16:28:12 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{C3C7C5C0-E562-450B-B2E5-A94CEED89812}
    2014-11-03 16:29:30 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{9117E7F6-74DF-44F9-963D-A33A455375DD}
    2014-11-02 19:43:14 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{E579E7E4-B2AD-4AFE-9B80-AEE54F1AE638}
    2014-10-29 15:57:22 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{6A905254-4FF5-452B-96F4-C31029962EFE}
    .
    ==================== Find3M ====================
    .
    2014-10-30 02:50:16 275080 ------w- C:\Windows\System32\MpSigStub.exe
    2014-10-26 15:11:07 2071 ----a-w- C:\Windows\patsearch.bin
    .
    ============= FINISH: 13:27:46,14 ===============

  • #2
    Spreken we hier over dezelfde pc : http://www.nucia.eu/forum/threads/72...976#post702976 ?
    (ik dacht het niet)
    Last edited by Emphyrio; 27-11-14, 13:38.
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      nee dit is een andere pc

      Comment


      • #4
        En ben jij de eigenaar van deze pc?
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          jazeker

          Comment


          • #6
            Download of Update Ccleaner

            Start CCleaner op.
            • Run Ccleaner en klik in de linkse kolom op Opties
            • Selecteer het tabblad Geavanceerd
            • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
            • Selecteer het tabblad Instellingen
            • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
            • Klik in de linkse kolom op Cleaner.
            • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
            • Klik vervolgens in de linkse kolom op Register
            • Klik op Scan naar problemen.
            • Op de vraag of je een backup wil maken van het register, klik je "Ja".
            • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK



            Download Combofix naar je bureaublad.
            (Dus niet naar een download map of temp map)

            Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
            Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

            Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

            Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
            Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

            Als Combofix vraagt om een update, dan staat je dit toe.

            Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
            Deze kan je vinden als C:\combofix.txt.

            Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

            * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
            • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
            • Illegal operation attempted on a registry key that has been marked for deletion.
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              uitgevoerd en volgende bestanden

              Combofix

              ComboFix 14-11-25.01 - Gebruiker 28-11-2014 13:27:48.1.4 - x64
              Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3959.2495 [GMT 1:00]
              Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe
              AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
              SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
              SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
              .
              .
              (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
              .
              .
              c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\VideoWebCamera.exe.lnk
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpiiealdamggihlgjgnmkgdfbpmbmdde
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpiiealdamggihlgjgnmkgdfbpmbmdde\4.61\background.html
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpiiealdamggihlgjgnmkgdfbpmbmdde\4.61\content.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpiiealdamggihlgjgnmkgdfbpmbmdde\4.61\inpL6.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpiiealdamggihlgjgnmkgdfbpmbmdde\4.61\lsdb.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpiiealdamggihlgjgnmkgdfbpmbmdde\4.61\manifest.json
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjefpkmlibebgbbgidmhpmjhcdffhfm
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjefpkmlibebgbbgidmhpmjhcdffhfm\147\background.html
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjefpkmlibebgbbgidmhpmjhcdffhfm\147\content.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjefpkmlibebgbbgidmhpmjhcdffhfm\147\g8GLDDHTx0.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjefpkmlibebgbbgidmhpmjhcdffhfm\147\lsdb.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjefpkmlibebgbbgidmhpmjhcdffhfm\147\manifest.json
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\188\background.html
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\188\content.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\188\h3jw2mOMzO.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\188\lsdb.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\188\manifest.json
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgjjlnidkopfimlhcfcjhakhifbnmof
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgjjlnidkopfimlhcfcjhakhifbnmof\216\background.html
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgjjlnidkopfimlhcfcjhakhifbnmof\216\content.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgjjlnidkopfimlhcfcjhakhifbnmof\216\fst.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgjjlnidkopfimlhcfcjhakhifbnmof\216\lsdb.js
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgjjlnidkopfimlhcfcjhakhifbnmof\216\manifest.json
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_enjefpkmlibebgbbgidmhpmjhcdffhfm_0.localstorage
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fabjlaokbhaoehejcoblhahcekmogbom_0.localstorage
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_impaepofmnammebeenafgmllpnjaiime_0.localstorage
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pfgjjlnidkopfimlhcfcjhakhifbnmof_0.localstorage
              c:\users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences
              c:\windows\SysWow64\SPCC1011.ocx
              c:\windows\wininit.ini
              .
              .
              (((((((((((((((((((( Bestanden Gemaakt van 2014-10-28 to 2014-11-28 ))))))))))))))))))))))))))))))
              .
              .
              2014-11-28 12:34 . 2014-11-28 12:34 -------- d-----w- c:\users\Default\AppData\Local\temp
              2014-11-28 09:04 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A5EFFA45-7AB8-4439-A6D2-04469943A7CD}\mpengine.dll
              2014-11-27 14:53 . 2014-11-27 14:54 -------- d-----w- C:\2f99d73639e49e1c008e0ca1cd91e7de
              2014-11-27 14:44 . 2014-11-27 14:44 -------- d-----w- C:\e00ef0d40b56213206
              2014-11-27 14:43 . 2014-11-27 14:43 -------- d-sh--w- c:\users\Gebruiker\AppData\Local\EmieBrowserModeList
              2014-11-27 14:18 . 2014-11-27 14:18 -------- d-----w- C:\ec2d11956cee53a3802630951b
              2014-11-27 13:37 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
              2014-11-27 13:37 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
              2014-11-27 12:58 . 2014-11-27 12:59 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
              2014-11-27 12:58 . 2014-11-27 12:58 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
              2014-11-27 12:58 . 2014-10-01 10:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
              2014-11-27 12:58 . 2014-10-01 10:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
              2014-11-27 12:58 . 2014-10-01 10:11 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
              2014-11-27 12:44 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll
              2014-11-27 12:44 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll
              2014-11-27 12:44 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll
              2014-11-27 12:42 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
              2014-11-27 12:41 . 2014-11-06 03:31 633856 ----a-w- c:\windows\system32\ieui.dll
              2014-11-27 12:40 . 2014-10-03 02:12 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
              2014-11-27 12:40 . 2014-10-03 02:11 284672 ----a-w- c:\windows\system32\EncDump.dll
              2014-11-27 12:40 . 2014-10-03 02:11 680960 ----a-w- c:\windows\system32\audiosrv.dll
              2014-11-27 12:40 . 2014-10-03 02:11 440832 ----a-w- c:\windows\system32\AudioEng.dll
              2014-11-27 12:40 . 2014-10-03 02:11 296448 ----a-w- c:\windows\system32\AudioSes.dll
              2014-11-27 12:40 . 2014-10-03 01:44 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
              2014-11-27 12:40 . 2014-10-03 01:44 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
              2014-11-27 12:40 . 2014-10-03 01:44 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
              2014-11-27 12:40 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
              2014-11-27 12:40 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
              2014-11-27 12:40 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
              2014-11-27 12:40 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
              2014-11-27 12:39 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
              2014-11-27 12:39 . 2014-09-04 05:04 372736 ----a-w- c:\windows\SysWow64\rastls.dll
              2014-11-27 12:37 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
              2014-11-27 12:37 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
              2014-11-27 12:37 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
              2014-11-27 12:36 . 2014-09-05 02:11 6584320 ----a-w- c:\windows\system32\mstscax.dll
              2014-11-27 12:36 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
              2014-11-27 12:36 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
              2014-11-27 12:36 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
              2014-11-27 12:36 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
              2014-11-27 12:36 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
              2014-11-27 07:46 . 2014-11-27 07:46 -------- d-----w- c:\windows\CheckSur
              2014-11-27 07:11 . 2014-11-27 07:14 -------- d-----w- C:\AdwCleaner
              2014-11-27 06:55 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
              2014-11-26 10:35 . 2014-11-26 10:35 -------- d-----w- c:\windows\system32\drivers\en-US
              2014-11-26 10:31 . 2014-11-27 13:42 -------- d-----w- c:\windows\system32\MRT
              2014-11-26 10:31 . 2012-08-23 15:28 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui
              2014-11-26 10:31 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
              2014-11-26 10:31 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
              2014-11-26 10:31 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
              2014-11-26 10:31 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
              2014-11-26 10:17 . 2014-11-26 10:17 -------- d-----w- c:\program files (x86)\Common Files\Java
              2014-11-26 10:17 . 2014-09-26 17:42 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
              2014-11-25 17:45 . 2014-09-18 18:56 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{22780F14-F30A-4E39-B554-904A4912E42C}\gapaengine.dll
              2014-11-16 14:29 . 2014-11-27 06:47 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
              2014-11-16 14:29 . 2014-11-27 06:47 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
              .
              .
              .
              ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              2014-10-30 02:50 . 2013-06-19 21:41 275080 ------w- c:\windows\system32\MpSigStub.exe
              2014-09-18 18:56 . 2014-04-19 16:49 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
              2014-08-30 14:36 . 2012-06-19 20:01 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
              .
              .
              ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
              .
              .
              *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
              REGEDIT4
              .
              [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "HW_OPENEYE_OUC_T-Mobile Internet Manager"="c:\program files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe" [2009-12-31 110592]
              "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
              "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
              "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2010-03-08 258560]
              "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
              "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
              "DataCardMonitor"="c:\program files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe" [2011-06-18 253952]
              "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
              .
              c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
              Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
              .
              [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
              "ConsentPromptBehaviorAdmin"= 5 (0x5)
              "ConsentPromptBehaviorUser"= 3 (0x3)
              "EnableUIADesktopToggle"= 0 (0x0)
              .
              [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
              "LoadAppInit_DLLs"=1 (0x1)
              .
              [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
              @="Service"
              .
              R2 0c632643;Interenet Optimizer;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
              R3 cpuz134;cpuz134;c:\users\GEBRUI~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\GEBRUI~1\AppDa ta\Local\Temp\cpuz134\cpuz134_x64.sys [x]
              R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
              R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
              R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
              R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
              R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
              R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
              R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
              R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
              R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
              R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
              R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
              R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
              S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
              S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
              S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
              S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
              S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
              S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
              S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
              S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
              S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
              S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
              S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
              S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
              S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
              S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
              S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
              S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
              S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
              .
              .
              Inhoud van de 'Gedeelde Taken' map
              .
              2014-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job
              - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-16 06:47]
              .
              2014-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
              - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-18 17:33]
              .
              2014-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
              - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-18 17:33]
              .
              2014-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3693146958-3590856597-969205683-1000Core.job
              - c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15 15:38]
              .
              2014-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3693146958-3590856597-969205683-1000UA.job
              - c:\users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15 15:38]
              .
              .
              --------- X64 Entries -----------
              .
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
              "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-29 9913376]
              "Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-03-17 860704]
              "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
              .
              ------- Bijkomende Scan -------
              .
              uStart Page = hxxp://www.wielerland.nl/
              uLocal Page = c:\windows\system32\blank.htm
              mDefault_Search_URL = www.google.com
              mDefault_Page_URL = about:blank
              mStart Page = www.google.com
              mSearch Page = www.google.com
              uInternet Settings,ProxyOverride = <-loopback>
              IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
              IE: Free YouTube to MP3 Converter - c:\users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
              TCP: DhcpNameServer = 192.168.0.10
              TCP: Interfaces\{44879544-6244-4EF2-B53E-FD4FA72E203D}: NameServer = 84.241.226.9 84.241.226.140
              TCP: Interfaces\{6C21CAA2-F1F8-49CA-816A-4F99C768AD48}: NameServer = 84.241.226.9 84.241.226.140
              TCP: Interfaces\{F7620339-FFB4-40F0-B766-E794D568D6F9}: NameServer = 84.241.226.140 84.241.226.9
              .
              - - - - ORPHANS VERWIJDERD - - - -
              .
              Toolbar-Locked - (no file)
              Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
              HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
              Toolbar-Locked - (no file)
              HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
              AddRemove-AlgebraKIT-Engine - c:\windows\system32\javaws.exe
              .
              .
              .
              --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
              @Denied: (A 2) (Everyone)
              @="FlashBroker"
              "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
              "Enabled"=dword:00000001
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
              @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
              @Denied: (A 2) (Everyone)
              @="IFlashBroker6"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
              @="{00020424-0000-0000-C000-000000000046}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
              "Version"="1.0"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
              @Denied: (A 2) (Everyone)
              @="FlashBroker"
              "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe,-101"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
              "Enabled"=dword:00000001
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
              @Denied: (A 2) (Everyone)
              @="Shockwave Flash Object"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
              "ThreadingModel"="Apartment"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
              @="0"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
              @="ShockwaveFlash.ShockwaveFlash.15"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
              @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
              @="1.0"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
              @="ShockwaveFlash.ShockwaveFlash"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
              @Denied: (A 2) (Everyone)
              @="Macromedia Flash Factory Object"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
              "ThreadingModel"="Apartment"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
              @="FlashFactory.FlashFactory.1"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
              @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
              @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
              @="1.0"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
              @="FlashFactory.FlashFactory"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
              @Denied: (A 2) (Everyone)
              @="IFlashBroker6"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
              @="{00020424-0000-0000-C000-000000000046}"
              .
              [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
              @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
              "Version"="1.0"
              .
              [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
              @Denied: (A) (Users)
              @Denied: (A) (Everyone)
              @Allowed: (B 1 2 3 4 5) (S-1-5-20)
              "BlindDial"=dword:00000000
              .
              [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
              @Denied: (A) (Users)
              @Denied: (A) (Everyone)
              @Allowed: (B 1 2 3 4 5) (S-1-5-20)
              "BlindDial"=dword:00000000
              .
              [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
              @Denied: (A) (Users)
              @Denied: (A) (Everyone)
              @Allowed: (B 1 2 3 4 5) (S-1-5-20)
              "BlindDial"=dword:00000000
              .
              [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
              @Denied: (Full) (Everyone)
              .
              Voltooingstijd: 2014-11-28 13:36:43
              ComboFix-quarantined-files.txt 2014-11-28 12:36
              .
              Pre-Run: 404.531.826.688 bytes beschikbaar
              Post-Run: 403.751.583.744 bytes beschikbaar
              .
              - - End Of File - - 1648D37D4BDBE5972F99CED4E2822021


              DDS

              DDS (Ver_2012-11-20.01) - NTFS_AMD64
              Internet Explorer: 11.0.9600.17420 BrowserJavaVersion: 10.71.2
              Run by Gebruiker at 13:39:53 on 2014-11-28
              Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3959.2247 [GMT 1:00]
              .
              AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
              SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
              SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
              .
              ============== Running Processes ===============
              .
              C:\Windows\system32\lsm.exe
              C:\Windows\system32\svchost.exe -k DcomLaunch
              C:\Windows\system32\svchost.exe -k RPCSS
              c:\Program Files\Microsoft Security Client\MsMpEng.exe
              C:\Windows\system32\atiesrxx.exe
              C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
              C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
              C:\Windows\system32\svchost.exe -k LocalService
              C:\Windows\system32\svchost.exe -k netsvcs
              C:\Windows\system32\svchost.exe -k GPSvcGroup
              C:\Windows\system32\svchost.exe -k NetworkService
              C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
              C:\Windows\system32\atieclxx.exe
              C:\Windows\System32\spoolsv.exe
              C:\Windows\system32\taskeng.exe
              C:\Windows\system32\taskhost.exe
              C:\Windows\system32\Dwm.exe
              C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
              C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
              C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
              C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
              C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
              C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
              C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
              C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
              C:\Program Files (x86)\Launch Manager\LManager.exe
              C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
              C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
              c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
              C:\Program Files (x86)\Launch Manager\dsiwmis.exe
              C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
              C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
              C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
              C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
              C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
              C:\Windows\system32\svchost.exe -k imgsvc
              C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
              C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
              C:\Windows\system32\SearchIndexer.exe
              C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
              C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
              C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
              C:\Windows\system32\wbem\unsecapp.exe
              C:\Windows\system32\wbem\wmiprvse.exe
              C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
              C:\Program Files (x86)\Launch Manager\LMworker.exe
              C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
              C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
              C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
              C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
              C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
              C:\Windows\system32\taskeng.exe
              C:\Windows\system32\notepad.exe
              C:\Windows\explorer.exe
              C:\Program Files\Internet Explorer\iexplore.exe
              C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
              C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
              C:\Windows\system32\wbem\wmiprvse.exe
              C:\Windows\System32\cscript.exe
              .
              ============== Pseudo HJT Report ===============
              .
              uStart Page = hxxp://www.wielerland.nl/
              mStart Page = www.google.com
              mSearch Page = www.google.com
              mDefault_Page_URL = about:blank
              mDefault_Search_URL = www.google.com
              uProxyOverride = <-loopback>
              BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
              BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
              BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
              BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
              TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
              TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
              uRun: [HW_OPENEYE_OUC_T-Mobile Internet Manager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe"
              uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
              mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
              mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
              mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
              mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
              mRun: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
              mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
              StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
              uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
              uPolicies-Explorer: NoDrives = dword:0
              mPolicies-Explorer: NoDrives = dword:0
              mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
              mPolicies-System: ConsentPromptBehaviorUser = dword:3
              mPolicies-System: EnableUIADesktopToggle = dword:0
              IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
              IE: Free YouTube to MP3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
              DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
              DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
              DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
              TCP: NameServer = 192.168.0.10
              TCP: Interfaces\{2B76A413-01DA-4ADD-AB49-BD3D90FD1058} : DHCPNameServer = 212.54.40.25 212.54.44.54
              TCP: Interfaces\{2B76A413-01DA-4ADD-AB49-BD3D90FD1058}\030303440324035324544363 : DHCPNameServer = 192.168.11.1
              TCP: Interfaces\{44879544-6244-4EF2-B53E-FD4FA72E203D} : NameServer = 84.241.226.9 84.241.226.140
              TCP: Interfaces\{607EA30D-07AD-4503-9480-31099B7E3EB6} : DHCPNameServer = 192.168.0.10
              TCP: Interfaces\{6C21CAA2-F1F8-49CA-816A-4F99C768AD48} : NameServer = 84.241.226.9 84.241.226.140
              TCP: Interfaces\{F7620339-FFB4-40F0-B766-E794D568D6F9} : NameServer = 84.241.226.140 84.241.226.9
              SSODL: WebCheck - <orphaned>
              x64-mStart Page = www.google.com
              x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
              x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
              x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
              x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
              x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
              x64-Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
              x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
              x64-SSODL: WebCheck - <orphaned>
              .
              ============= SERVICES / DRIVERS ===============
              .
              R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
              R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-6-16 55024]
              R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
              R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-26 202752]
              R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
              R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-4-26 312400]
              R2 ePowerSvc;Acer ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-9-22 866336]
              R2 GREGService;GREGService;C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-1-8 23584]
              R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2012-7-16 87368]
              R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-26 13336]
              R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-3-9 250368]
              R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-7 167424]
              R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
              R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-4-26 2320920]
              R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-4-26 243232]
              R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-4-26 56344]
              R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-4-26 158720]
              R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-3-21 321064]
              S2 0c632643;Interenet Optimizer;C:\Windows\System32\rundll32.exe [2009-7-14 45568]
              S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
              S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2011-6-18 243200]
              S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2013-3-10 33736]
              S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928]
              S3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\System32\drivers\ewusbdev.sys [2011-6-18 114304]
              S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-27 114688]
              S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 125584]
              S3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
              S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-11-26 19456]
              S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-4-26 245280]
              S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-11-26 56832]
              S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
              S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-20 1255736]
              .
              =============== Created Last 30 ================
              .
              2014-11-28 12:36:48 -------- d-sh--w- C:\$RECYCLE.BIN
              2014-11-28 12:26:30 98816 ----a-w- C:\Windows\sed.exe
              2014-11-28 12:26:30 256000 ----a-w- C:\Windows\PEV.exe
              2014-11-28 12:26:30 208896 ----a-w- C:\Windows\MBR.exe
              2014-11-28 09:04:10 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A5EFFA45-7AB8-4439-A6D2-04469943A7CD}\mpengine.dll
              2014-11-27 14:53:09 -------- d-----w- C:\2f99d73639e49e1c008e0ca1cd91e7de
              2014-11-27 14:44:34 -------- d-----w- C:\e00ef0d40b56213206
              2014-11-27 14:43:14 -------- d-sh--w- C:\Users\Gebruiker\AppData\Local\EmieBrowserModeList
              2014-11-27 14:18:33 -------- d-----w- C:\ec2d11956cee53a3802630951b
              2014-11-27 13:37:27 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
              2014-11-27 13:37:27 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
              2014-11-27 12:58:59 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
              2014-11-27 12:58:39 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
              2014-11-27 12:58:39 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
              2014-11-27 12:58:39 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
              2014-11-27 12:58:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
              2014-11-27 12:44:12 424448 ----a-w- C:\Windows\System32\aeinv.dll
              2014-11-27 12:44:12 304640 ----a-w- C:\Windows\System32\generaltel.dll
              2014-11-27 12:44:12 228864 ----a-w- C:\Windows\System32\aepdu.dll
              2014-11-27 12:42:28 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
              2014-11-27 12:40:36 680960 ----a-w- C:\Windows\System32\audiosrv.dll
              2014-11-27 12:40:36 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
              2014-11-27 12:40:36 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
              2014-11-27 12:40:36 440832 ----a-w- C:\Windows\System32\AudioEng.dll
              2014-11-27 12:40:36 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
              2014-11-27 12:40:36 296448 ----a-w- C:\Windows\System32\AudioSes.dll
              2014-11-27 12:40:36 284672 ----a-w- C:\Windows\System32\EncDump.dll
              2014-11-27 12:40:36 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
              2014-11-27 12:40:32 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
              2014-11-27 12:40:32 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
              2014-11-27 12:40:06 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
              2014-11-27 12:40:06 2048 ----a-w- C:\Windows\System32\tzres.dll
              2014-11-27 12:39:36 424448 ----a-w- C:\Windows\System32\rastls.dll
              2014-11-27 12:39:36 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
              2014-11-27 12:37:14 3198976 ----a-w- C:\Windows\System32\win32k.sys
              2014-11-27 12:37:09 3241984 ----a-w- C:\Windows\System32\msi.dll
              2014-11-27 12:37:08 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
              2014-11-27 12:36:41 6584320 ----a-w- C:\Windows\System32\mstscax.dll
              2014-11-27 12:36:41 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll
              2014-11-27 12:36:39 404480 ----a-w- C:\Windows\System32\gdi32.dll
              2014-11-27 12:36:38 861696 ----a-w- C:\Windows\System32\oleaut32.dll
              2014-11-27 12:36:38 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
              2014-11-27 12:36:38 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
              2014-11-27 07:46:41 -------- d-----w- C:\Windows\CheckSur
              2014-11-27 07:11:49 -------- d-----w- C:\AdwCleaner
              2014-11-27 06:55:08 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
              2014-11-26 10:35:37 -------- d-----w- C:\Windows\System32\drivers\en-US
              2014-11-26 10:31:59 -------- d-----w- C:\Windows\System32\MRT
              2014-11-26 10:31:24 3584 ----a-w- C:\Windows\System32\drivers\nl-NL\tsusbflt.sys.mui
              2014-11-26 10:31:22 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
              2014-11-26 10:31:20 243200 ----a-w- C:\Windows\System32\rdpudd.dll
              2014-11-26 10:31:20 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
              2014-11-26 10:31:20 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
              2014-11-26 10:17:17 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
              2014-11-25 21:26:07 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{6698C12F-3581-435E-916C-2929283E8D33}
              2014-11-25 17:45:26 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{22780F14-F30A-4E39-B554-904A4912E42C}\gapaengine.dll
              2014-11-16 14:29:29 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
              2014-11-16 14:29:29 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
              2014-11-15 14:26:35 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{11C31A9D-D746-4B23-ABE3-C67C81B533E2}
              2014-11-10 18:27:17 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{6B65324C-9253-4C6F-BBB6-94D83A4C77F6}
              2014-11-05 16:28:12 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{C3C7C5C0-E562-450B-B2E5-A94CEED89812}
              2014-11-03 16:29:30 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{9117E7F6-74DF-44F9-963D-A33A455375DD}
              2014-11-02 19:43:14 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{E579E7E4-B2AD-4AFE-9B80-AEE54F1AE638}
              2014-10-29 15:57:22 -------- d-----w- C:\Users\Gebruiker\AppData\Local\{6A905254-4FF5-452B-96F4-C31029962EFE}
              .
              ==================== Find3M ====================
              .
              2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
              2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
              2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
              2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
              2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
              2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
              2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
              2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
              2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
              2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
              2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
              2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
              2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
              2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
              2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
              2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
              2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
              2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
              2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
              2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
              2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
              2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
              2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
              2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
              2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
              2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
              2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
              2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
              2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
              2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
              2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
              2014-10-30 02:50:16 275080 ------w- C:\Windows\System32\MpSigStub.exe
              2014-10-26 15:11:07 2071 ----a-w- C:\Windows\patsearch.bin
              2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
              2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
              2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
              2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
              2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
              2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
              2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
              2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
              2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
              2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
              2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
              2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
              2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
              2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
              2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
              2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
              2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
              2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
              2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
              2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
              2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
              2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
              2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
              2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
              2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
              .
              ============= FINISH: 13:40:01,67 ===============

              Comment


              • #8
                Download ProxyFix naar het bureaublad.
                • Dubbelklik op "ProxyFix.exe" om de tool te starten.
                • Geef ik het keuzescherm de letter "B" op en druk op enter.
                • Plaats het logje wat nu opent in het volgende bericht.



                Herstart je pc.


                Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.
                • Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
                • Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"

                • Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
                • Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
                • Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
                • Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.


                • Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"

                • Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
                • Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
                • Herstart nu de computer.
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Wil het lukken?
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    Bij gebrek aan feedback zet ik dit topic op opgelost.

                    Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                    Dit is gedaan om het forum netjes en overzichtelijk te houden.

                    Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.


                    Emphyrio
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      ik had even weinig tijd

                      hierbij gevraagde logbestanden

                      ProxyFix v 2.1 © by Maxstar
                      vr 28-11-2014 - 15:12:40,55
                      Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1


                      ----------Internet Explorer----------
                      "ProxyEnable"=dword:00000000
                      "ProxyServer"="0"

                      ----------Firefox----------

                      ----------E.O.F----------




                      Emsisoft Emergency Kit - Versie 9.0
                      Laatste Update: 11/28/2014 3:37:26 PM
                      Gebruikersaccount: Gebruiker-PC\Gebruiker

                      Scaninstellingen:

                      Scanmodus: Slimme scan
                      Objecten: Rootkits, Geheugen, Sporen, C:\Windows\, C:\Program Files\, C:\Program Files (x86)\

                      Detecteer PUPs: Uit
                      Scan archieven: Uit
                      ADS Scan: Aan
                      Bestandsextensiefilter: Uit
                      Geavanceerde cache: Aan
                      Directe schijftoegang: Uit

                      Scan gestart: 12/1/2014 8:24:15 AM
                      Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Ontdekt: Application.AdGenie (A)
                      Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Ontdekt: Application.AdGenie (A)
                      Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Ontdekt: Application.AdGenie (A)
                      Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Ontdekt: Application.AdGenie (A)
                      Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Ontdekt: Application.AdGenie (A)
                      Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Ontdekt: Application.AdGenie (A)
                      Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Ontdekt: Application.AdGenie (A)
                      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free registry cleaner Ontdekt: Application.AdStart (A)
                      C:\Program Files (x86)\eusing free registry cleaner Ontdekt: Application.AppInstall (A)
                      C:\Windows\Reimage.ini Ontdekt: Application.AdImage (A)
                      Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\APPID\REI_AXCONTROL.DLL Ontdekt: Application.AdImage (A)
                      Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Ontdekt: Application.AdImage (A)
                      Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546} Ontdekt: Application.AdImage (A)
                      Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Ontdekt: Application.AdImage (A)
                      Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\REI_AXCONTROL.REIENGINE Ontdekt: Application.AdImage (A)
                      Key: HKEY_USERS\S-1-5-21-3693146958-3590856597-969205683-1000\SOFTWARE\REIMAGE Ontdekt: Application.AdImage (A)
                      Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Ontdekt: Setting.DisableRegistryTools (A)
                      Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A)
                      Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F} Ontdekt: Application.Win32.InstallAd (A)

                      Gescand: 249634
                      Gevonden: 19

                      Scan geëindigd: 12/1/2014 9:29:46 AM
                      Scantijd: 1:05:31

                      Comment


                      • #12
                        Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

                        ComboFix /Uninstall

                        Zorg ervoor dat er dus een spatie is tussen Combofix en /
                        Daarna klik je op Enter.


                        Klik op de afbeelding om te vergroten....


                        Dit zal Combofix verwijderen+gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw,
                        verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen
                        en reset je Systeemherstel opnieuw.




                        Download of Update Ccleaner

                        Start CCleaner op.
                        • Run Ccleaner en klik in de linkse kolom op Opties
                        • Selecteer het tabblad Geavanceerd
                        • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                        • Selecteer het tabblad Instellingen
                        • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                        • Klik in de linkse kolom op Cleaner.
                        • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                        • Klik vervolgens in de linkse kolom op Register
                        • Klik op Scan naar problemen.
                        • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                        • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                        .



                        Vertel nu eens even of er nog problemen zijn?

                        Emphyrio
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          Emphyrio,

                          Helaas, nog steeds Code 800F081F

                          Comment


                          • #14
                            Download Windows Repair (All in One) en installeer het.

                            http://www.majorgeeks.com/files/deta...ws_repair.html

                            Start het op en gan naar het tabblad "Start Repairs"
                            Klik vervolgens achtereen op "Start" en "Nee"
                            Je gaat nu een venster zien met nummers(1-32)
                            Klik op "Unselect All"

                            Nu selecteer je de volgende nummers: 05 - 06 - 07 - 09 - 10 - 14 - 15 - 17 - 26

                            Vink (rechtsonder) "restart/shutdown system when finnished" aan.
                            Selecteer: "Restart System"
                            Klik op "Start".
                            (Sluit wel alle nog openstaande vensters, inclusief je browser, behalve Windows Repair uiteraard)

                            Laat het tool zijn werk doen.
                            Na een herstart kan/zal er een log verschijnen, die mag je posten.
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment


                            • #15
                              Hierbij de windows_repair_log

                              Tweaking.com - Windows Repair v2.10.2
                              --------------------------------------------------------------------------------

                              System Variables
                              --------------------------------------------------------------------------------
                              OS: Windows 7 Home Premium
                              OS Architecture: 64-bit
                              OS Version: 6.1.7601
                              OS Service Pack: Service Pack 1
                              Computer Name: GEBRUIKER-PC
                              Windows Drive: C:\
                              Windows Path: C:\Windows
                              Program Files: C:\Program Files
                              Program Files (x86): C:\Program Files (x86)
                              Current Profile: C:\Users\Gebruiker
                              Current Profile SID: S-1-5-21-3693146958-3590856597-969205683-1000
                              Current Profile Classes: S-1-5-21-3693146958-3590856597-969205683-1000_Classes
                              Profiles Location: C:\Users
                              Profiles Location 2: C:\Windows\ServiceProfiles
                              Local Settings AppData: C:\Users\Gebruiker\AppData\Local
                              --------------------------------------------------------------------------------

                              System Information
                              --------------------------------------------------------------------------------
                              System Up Time: 0 Days 00:08:13

                              Process Count: 75
                              Commit Total: 1,39 GB
                              Commit Limit: 7,73 GB
                              Commit Peak: 1,59 GB
                              Handle Count: 16840
                              Kernel Total: 301,44 MB
                              Kernel Paged: 233,80 MB
                              Kernel Non Paged: 67,64 MB
                              System Cache: 1,23 GB
                              Thread Count: 733
                              --------------------------------------------------------------------------------

                              Memory Before Cleaning with CleanMem
                              --------------------------------------------------------------------------------
                              Memory Total: 3,87 GB
                              Memory Used: 1,21 GB(31,3683%)
                              Memory Avail.: 2,65 GB
                              --------------------------------------------------------------------------------

                              Cleaning Memory Before Starting Repairs...

                              Memory After Cleaning with CleanMem
                              --------------------------------------------------------------------------------
                              Memory Total: 3,87 GB
                              Memory Used: 1,04 GB(26,8291%)
                              Memory Avail.: 2,83 GB
                              --------------------------------------------------------------------------------

                              Starting Repairs...
                              Started at (4-12-2014 12:22:35)

                              05 - Repair WMI
                              Start (4-12-2014 12:22:42)

                              Starting Security Center So We Can Export The Security Info.

                              Exporting Antivirus Info...
                              Microsoft Security Essentials Exported.

                              Exporting AntiSpyware Info...
                              Microsoft Security Essentials Exported.
                              Windows Defender Exported.

                              Exporting 3rd Party Firewall Info...
                              No Firewall Products Reported.

                              Running Repair Under Current User Account
                              Done (4-12-2014 12:32:55)

                              06 - Repair Windows Firewall
                              Start (4-12-2014 12:32:55)
                              Running Repair Under Current User Account
                              Running Repair Under System Account
                              Done (4-12-2014 12:33:29)

                              07 - Repair Internet Explorer
                              Start (4-12-2014 12:33:29)
                              Running Repair Under Current User Account
                              Running Repair Under System Account
                              Done (4-12-2014 12:33:53)

                              09 - Repair Hosts File
                              Start (4-12-2014 12:33:53)
                              Running Repair Under System Account
                              Done (4-12-2014 12:33:54)

                              10 - Remove Policies Set By Infections
                              Start (4-12-2014 12:33:54)
                              Running Repair Under Current User Account
                              Running Repair Under System Account
                              Done (4-12-2014 12:33:59)

                              14 - Remove Temp Files
                              Start (4-12-2014 12:33:59)
                              Running Repair Under System Account
                              Done (4-12-2014 12:34:00)

                              15 - Repair Proxy Settings
                              Start (4-12-2014 12:34:00)
                              Running Repair Under Current User Account
                              Running Repair Under System Account
                              Done (4-12-2014 12:34:02)

                              17 - Repair Windows Updates
                              Start (4-12-2014 12:34:02)
                              Running Repair Under Current User Account
                              Running Repair Under System Account
                              Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
                              Done (4-12-2014 12:34:37)

                              26 - Restore Important Windows Services
                              Start (4-12-2014 12:34:37)
                              Running Repair Under Current User Account
                              Running Repair Under System Account
                              Done (4-12-2014 12:34:45)

                              Cleaning up empty logs...

                              All Selected Repairs Done.
                              Done at (4-12-2014 12:34:45)
                              Total Repair Time: 00:12:12


                              ...YOU MUST RESTART YOUR SYSTEM...

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X