Mededeling

Collapse
No announcement yet.

hulp bij kaspersky

Collapse
This topic is closed.
X
X
 
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • hulp bij kaspersky

    hoi hoi
    de afgelopen tijd ben ik hier op een andere forum bezig gewwest i.v.m
    met her vast lopen van me systeem.
    dit is inmiddels verholpen tot vandaag teminste.
    ik wilde daarom vragen of er even gekeken kan worden of er soms geen virus inbij betrokken is.
    ik heb in middels de CC cleaner latne draaien, gaf geen probleem.
    de mail ware laten draaien ook geen probleem.
    echter op advies van deze site Kasperky online laten draaien en daar had ik dus 11 problemen.
    namelijk de volgende.

    bij Otheer Issues:

    1. auto run from hard drivers is allowed
    2. autorun from network drivers is enabled
    3. CD/DVD autorun is enabled
    4. Removable media auto run is Enabled
    5. Windows Explorer Show Extensions of known file types
    6. Microsoft internet Explorer Clear hystory op typed Urls
    7 . Microsoft internet Explorer Disable Caching data Received via protected channel
    8. Microsoft internet Explorer disable sending error reports
    9. Microsoft internet Explorer enable cache autoclaenup on browser closing
    10 Windows Explorer Display of known file types extension is disabled
    11 microsoft Internet Exploer start page reset/

    wat wil dit toch allemaal zeggen en kan iemand me hier met verder helpen.

  • #2
    De eerste stap is het uitvoeren van deze richtlijn:

    !!! BELANGRIJK !!!: Lees dit eerst voor je hier een bericht plaatst!

    Post de gevraagde logjes.

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      hoi Beste,
      hier onder de gevraagde logs file's
      echter wil ik er dit even bij vertellen:
      ik heb MAM meerde keren moeten uit voern omdat hte systeem telkens Froozden,
      soms na 20 minuten en soms naar 2 uur echter zag ik de voor laatste keer wel 2 melidingen in MAM namelijk het volgende:

      C: Trojan.clickbot c: program files (x86) malware bytes antiemailware /00026299.tmp
      en met het nummer /00030441.tmp
      norton reageerde hier ook op en even later en bericht norton op nieuw opstarten.
      toen eindelijk naar de 5 poging ging MAM we door en hier is dan het log bestand.

      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Scandatum: 6-4-2015
      Scantijd: 11:37:21
      Logbestand: malware log bestand.txt
      Beheerder: Ja

      Versie: 2.00.4.1028
      Malwaredatabase: v2015.04.06.03
      Rootkitdatabase: v2015.03.31.01
      Licentie: Gratis
      Malwarebescherming: Uitgeschakeld
      Kwaadaardige Website Bescherming: Uitgeschakeld
      Zelfbescherming: Uitgeschakeld

      Besturingssysteem: Windows 7 Service Pack 1
      Processor: x64
      Bestandssysteem: NTFS
      Gebruiker: Britney

      Scantype: Aangepaste Scan
      Resultaat: Voltooid
      Objecten Gescand: 608070
      Verstreken Tijd: 3 u, 6 m, 28 s

      Geheugen: Ingeschakeld
      Opstarten: Ingeschakeld
      Bestandssysteem: Ingeschakeld
      Archieven: Ingeschakeld
      Rootkits: Ingeschakeld
      Heuristiek: Ingeschakeld
      POP: Ingeschakeld
      POA: Ingeschakeld

      Processen: 0
      (Geen kwaadaardige items gedetecteerd)

      Modules: 0
      (Geen kwaadaardige items gedetecteerd)

      Registersleutels: 0
      (Geen kwaadaardige items gedetecteerd)

      Registerwaardes: 0
      (Geen kwaadaardige items gedetecteerd)

      Registerdata: 0
      (Geen kwaadaardige items gedetecteerd)

      Mappen: 0
      (Geen kwaadaardige items gedetecteerd)

      Bestanden: 0
      (Geen kwaadaardige items gedetecteerd)

      Fysieke Sectoren: 0
      (Geen kwaadaardige items gedetecteerd)


      (end)
      dan het 2e log bestand :
      Adwcleaner:
      # AdwCleaner v4.200 - Logbestand aangemaakt 06/04/2015 op 15:23:59
      # Laatste update 29/03/2015 door Xplode
      # Database : 2015-03-29.1 [Server]
      # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
      # Gebruikersnaam : Britney - BRITNEY-PC
      # Gestart vanuit : C:\Users\Britney\Desktop\adwcleaner_4.200.exe
      # Optie : Verwijderen

      ***** [ Services ] *****


      ***** [ Bestanden / Mappen ] *****

      Map Verwijderd : C:\ProgramData\Partner
      Map Verwijderd : C:\Users\Britney\AppData\LocalLow\Softonic
      Map Verwijderd : C:\Users\Britney van Uden\AppData\Local\PackageAware
      Bestand Verwijderd : C:\Windows\Reimage.ini

      ***** [ Geplande taken ] *****


      ***** [ Snelkoppelingen ] *****


      ***** [ Register ] *****

      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
      Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
      Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
      Sleutel Verwijderd : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
      Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\20F666B2D5C241E38CA6F6F0673E4782
      Sleutel Verwijderd : HKCU\Software\Reimage
      Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
      Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Reimage

      ***** [ Webbrowsers ] *****

      -\\ Internet Explorer v10.0.9200.17267


      *************************

      AdwCleaner[R0].txt - [3961 bytes] - [06/04/2015 15:00:32]
      AdwCleaner[R1].txt - [4020 bytes] - [06/04/2015 15:12:27]
      AdwCleaner[R2].txt - [4079 bytes] - [06/04/2015 15:22:54]
      AdwCleaner[S0].txt - [3600 bytes] - [06/04/2015 15:23:59]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3659 bytes] ##########
      dna suur ik nog een bericht omdat ik anders niet alles geplaats krijg in deze eerste reactie ivm met het aantal tekens.
      Last edited by deblauwe; 06-04-15, 15:41.

      Comment


      • #4
        de derde het DDs is te groot om te plaatsen,
        kan dat in een bestand gestuurd worden.
        hier alvast wel het vierde.

        Gmer
        AMER 2.1.19357 - http://www.gmer.net
        Rootkit scan 2015-04-06 16:06:21
        Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS545032B9A300 rev.PB3OC60F 298,09GB
        Running: czp6g4wl.exe; Driver: C:\Users\Britney\AppData\Local\Temp\awriyfow.sys


        ---- User code sections - GMER 2.1 ----

        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\kernel32.dll!FreeLibrary + 8 0000000076493490 7 bytes JMP 00000001007702f0
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\KERNELBASE.dll!CreateRemoteThreadEx 0000000075a03e78 5 bytes JMP 00000001007703d2
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\ole32.dll!CoCreateInstance + 62 0000000075fd9d49 7 bytes JMP 0000000100770678
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075b21401 2 bytes JMP 764bb21b C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075b21419 2 bytes JMP 764bb346 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075b21431 2 bytes JMP 76538ea9 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075b2144a 2 bytes CALL 764948ad C:\Windows\syswow64\kernel32.dll
        .text ... * 9
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075b214dd 2 bytes JMP 765387a2 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075b214f5 2 bytes JMP 76538978 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075b2150d 2 bytes JMP 76538698 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075b21525 2 bytes JMP 76538a62 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075b2153d 2 bytes JMP 764afca8 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075b21555 2 bytes JMP 764b68ef C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075b2156d 2 bytes JMP 76538f61 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075b21585 2 bytes JMP 76538ac2 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075b2159d 2 bytes JMP 7653865c C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075b215b5 2 bytes JMP 764afd41 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075b215cd 2 bytes JMP 764bb2dc C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075b216b2 2 bytes JMP 76538e24 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[3680] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075b216bd 2 bytes JMP 765385f1 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075b21401 2 bytes JMP 764bb21b C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075b21419 2 bytes JMP 764bb346 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075b21431 2 bytes JMP 76538ea9 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075b2144a 2 bytes CALL 764948ad C:\Windows\syswow64\kernel32.dll
        .text ... * 9
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075b214dd 2 bytes JMP 765387a2 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075b214f5 2 bytes JMP 76538978 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075b2150d 2 bytes JMP 76538698 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075b21525 2 bytes JMP 76538a62 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075b2153d 2 bytes JMP 764afca8 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075b21555 2 bytes JMP 764b68ef C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075b2156d 2 bytes JMP 76538f61 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075b21585 2 bytes JMP 76538ac2 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075b2159d 2 bytes JMP 7653865c C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075b215b5 2 bytes JMP 764afd41 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075b215cd 2 bytes JMP 764bb2dc C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075b216b2 2 bytes JMP 76538e24 C:\Windows\syswow64\kernel32.dll
        .text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[2032] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075b216bd 2 bytes JMP 765385f1 C:\Windows\syswow64\kernel32.dll

        ---- User IAT/EAT - GMER 2.1 ----

        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Program Files\Internet Explorer\iexplore.exe[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\advapi32.DLL[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\iertutil.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\version.DLL[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\user32.DLL[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\GDI32.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\shlwapi.DLL[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\shlwapi.DLL[USER32.dll!DialogBoxParamW] [7fef6864bfc] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\shlwapi.DLL[USER32.dll!DialogBoxParamA] [7fef688e554] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\shlwapi.DLL[USER32.dll!MessageBoxW] [7fef688e16c] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\IMM32.DLL[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\MSCTF.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\shell32.DLL[USER32.dll!MessageBoxW] [7fef688e16c] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\shell32.DLL[USER32.dll!DialogBoxParamW] [7fef6864bfc] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\shell32.DLL[USER32.dll!MessageBoxIndirectW] [7fef6864184] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\shell32.DLL[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\IEFRAME.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\IEFRAME.dll[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\IEFRAME.dll[USER32.dll!MessageBoxW] [7fef688e16c] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\IEFRAME.dll[USER32.dll!DialogBoxParamW] [7fef6864bfc] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\IEFRAME.dll[USER32.dll!MessageBoxIndirectW] [7fef6864184] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\ole32.DLL[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\ole32.DLL[USER32.dll!DialogBoxParamW] [7fef6864bfc] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\ole32.DLL[USER32.dll!MessageBoxW] [7fef688e16c] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\OLEAUT32.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\OLEAUT32.dll[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll[USER32.dll!DialogBoxIndirectParamW] [7fef688e600] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\comdlg32.dll[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\comdlg32.dll[USER32.dll!DialogBoxIndirectParamW] [7fef688e600] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\comdlg32.dll[USER32.dll!MessageBoxW] [7fef688e16c] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\comdlg32.dll[COMCTL32.dll!PropertySheetW] [7fef688e900] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\comdlg32.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\urlmon.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\urlmon.dll[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\urlmon.dll[USER32.dll!DialogBoxParamW] [7fef6864bfc] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\WININET.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\dwmapi.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\Secur32.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\CLBCatQ.DLL[USER32.dll!DialogBoxParamW] [7fef6864bfc] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\CLBCatQ.DLL[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\System32\netprofm.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\System32\nlaapi.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\rsaenh.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Program Files\internet explorer\ieproxy.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\System32\fwpuclnt.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\apphelp.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\IEUI.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\PROPSYS.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\oleacc.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\explorerframe.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\explorerframe.dll[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\DUser.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\DUI70.dll[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\DUI70.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\MLANG.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\ntmarta.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\WLDAP32.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\SETUPAPI.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\SETUPAPI.dll[USER32.dll!DialogBoxParamW] [7fef6864bfc] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\SETUPAPI.dll[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\SETUPAPI.dll[USER32.dll!MessageBoxW] [7fef688e16c] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\CFGMGR32.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\dxgi.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\WINTRUST.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\CRYPT32.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\credssp.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\schannel.DLL[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\bcrypt.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\cryptnet.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\System32\ieapfltr.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\WindowsCodecs.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Users\Britney\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Users\Britney\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll[USER32.dll!MessageBoxW] [7fef688e16c] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Users\Britney\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\MSVCR110.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\EhStorShell.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\ntshrui.dll[USER32.dll!DialogBoxParamW] [7fef6864bfc] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\ntshrui.dll[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\ntshrui.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\srvcli.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\System32\StructuredQuery.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\actxprxy.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\thumbcache.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\SHDOCVW.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\SHDOCVW.dll[USER32.dll!EnableWindow] [7fef6852e38] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\SHDOCVW.dll[USER32.dll!DialogBoxParamW] [7fef6864bfc] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\SearchFolder.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\NetworkExplorer.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\LINKINFO.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\MPR.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\System32\WINSTA.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\System32\DAVHLPR.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\wkscli.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\WINMM.dll[USER32.dll!MessageBoxW] [7fef688e16c] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\WINMM.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\PortableDeviceApi.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Windows\system32\EhStorAPI.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll
        IAT C:\Program Files\Internet Explorer\iexplore.exe[3056] @ C:\Program Files\Windows Defender\MpOav.dll[KERNEL32.dll!GetProcAddress] [7fef6851d08] C:\Program Files\Internet Explorer\IEShims.dll

        ---- Threads - GMER 2.1 ----

        Thread C:\Windows\System32\svchost.exe [988:196] 000007fef3173efc
        Thread C:\Windows\System32\svchost.exe [988:3760] 000007fef31b8a4c
        Thread C:\Windows\system32\svchost.exe [332:1156] 000007fefb418274
        Thread C:\Windows\system32\svchost.exe [332:2116] 000007fefb418274
        Thread C:\Windows\System32\spoolsv.exe [1404:2192] 000007fef79b10c8
        Thread C:\Windows\System32\spoolsv.exe [1404:2204] 000007fef7976144
        Thread C:\Windows\System32\spoolsv.exe [1404:2208] 000007fef98c5fd0
        Thread C:\Windows\System32\spoolsv.exe [1404:2212] 000007fef7953438
        Thread C:\Windows\System32\spoolsv.exe [1404:2216] 000007fef98c63ec
        Thread C:\Windows\System32\spoolsv.exe [1404:2236] 000007fefa345e5c
        Thread C:\Windows\System32\spoolsv.exe [1404:2248] 000007fef7ad5074
        Thread C:\Windows\system32\svchost.exe [1716:1044] 000007fef98c5fd0
        Thread C:\Windows\system32\svchost.exe [1716:1452] 000007fef98c63ec
        Thread C:\Windows\system32\svchost.exe [1716:2604] 000007fef6da8470
        Thread C:\Windows\system32\svchost.exe [1716:2612] 000007fef6db2418
        Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3460:3840] 000007fefc0e2bf8
        Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3460:3556] 000007fef9785124

        ---- EOF - GMER 2.1 ----

        Comment


        • #5
          Je mag de DDS log als bijlage opsturen.
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            hoi hoi .
            in de bijlage het bestand.
            dds.txt

            Comment


            • #7
              Download of Update Ccleaner

              Start CCleaner op.
              • Run Ccleaner en klik in de linkse kolom op Opties
              • Selecteer het tabblad Geavanceerd
              • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
              • Selecteer het tabblad Instellingen
              • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
              • Klik in de linkse kolom op Cleaner.
              • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
              • Klik vervolgens in de linkse kolom op Register
              • Klik op Scan naar problemen.
              • Op de vraag of je een backup wil maken van het register, klik je "Ja".
              • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

              .
              Hoe is het nu?
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                Click image for larger version

Name:	20150406_192301.jpg
Views:	1
Size:	939,9 KB
ID:	1068200
                het lijkt er op dat het beter is geworden,
                het systeem is nu uur goed bezig niet vast gelopen.
                echter krijg ik wel een melding van: Runtime error, telkens als ik de pc opstart,
                zie de foto in de bijlage met de complete tekst van de melding.

                Comment


                • #9
                  Download Combofix naar je bureaublad.
                  (Dus niet naar een download map of temp map)

                  Extra nota... Zorg ervoor dat je Security software uitgeschakeld is tijdens het gebruik van Combofix.
                  Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

                  Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

                  Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                  Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                  Als Combofix vraagt om een update, dan staat je dit toe.

                  Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                  Deze kan je vinden als C:\combofix.txt.

                  Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                  * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                  • Illegal operation attempted on a registry key that has been marked for deletion.
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    oke hier dan de combo file
                    ik had me dochter even met de pc laten spelen zodat ik hopelijk te horen kreeg dat hij niet meer vast slaat.
                    echter bij een programma van school: black box liep het mis.
                    ze was bezig met alleen black box een link naar een school programma, verder stond er niets aan.

                    de log

                    ComboFix 15-04-01.01 - Britney 06-04-2015 21:52:15.1.2 - x64
                    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1787.774 [GMT 2:00]
                    Gestart vanuit: c:\users\Britney\Desktop\ComboFix.exe
                    AV: Norton Internet Security *Disabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
                    FW: Norton Internet Security *Disabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
                    SP: Norton Internet Security *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
                    .
                    .
                    (((((((((((((((((((( Bestanden Gemaakt van 2015-03-06 to 2015-04-06 ))))))))))))))))))))))))))))))
                    .
                    .
                    2015-04-06 20:00 . 2015-04-06 20:00 -------- d-----w- c:\users\Gast.Britney-PC\AppData\Local\temp
                    2015-04-06 20:00 . 2015-04-06 20:00 -------- d-----w- c:\users\Default\AppData\Local\temp
                    2015-04-06 19:22 . 2015-04-06 19:22 -------- d-----w- c:\program files (x86)\Geeks3D
                    2015-03-26 08:51 . 2015-03-26 08:51 0 ----a-w- c:\windows\ativpsrm.bin
                    2015-03-26 08:49 . 2015-03-26 08:49 -------- d-----w- c:\program files (x86)\AMD AVT
                    2015-03-26 08:48 . 2015-03-26 08:48 -------- d-----w- c:\program files (x86)\AMD APP
                    2015-03-26 08:48 . 2015-03-26 08:48 -------- d-----w- c:\program files\Common Files\ATI Technologies
                    2015-03-26 08:48 . 2015-03-26 08:48 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
                    2015-03-26 08:45 . 2015-03-26 08:45 -------- d-----w- c:\program files (x86)\ATI Technologies
                    2015-03-26 08:44 . 2015-03-26 08:48 -------- d-----w- c:\program files\ATI Technologies
                    2015-03-26 08:44 . 2015-03-26 08:44 -------- d-----w- c:\program files\ATI
                    2015-03-23 17:42 . 2015-03-23 17:42 -------- d-----w- c:\users\Britney\AppData\Local\Diagnostics
                    2015-03-18 17:07 . 2015-04-05 12:36 -------- d-----w- c:\windows\system32\drivers\NISx64\1507000.00B
                    2015-03-10 18:50 . 2015-02-03 03:31 215552 ----a-w- c:\windows\system32\ubpm.dll
                    2015-03-10 18:49 . 2015-02-03 03:31 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
                    2015-03-10 18:43 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
                    2015-03-10 18:43 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
                    2015-03-10 09:17 . 2015-03-10 09:24 -------- d-----w- c:\program files (x86)\ATITool
                    2015-03-09 18:08 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
                    .
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    2015-04-06 09:37 . 2014-07-27 13:43 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                    2015-03-09 19:26 . 2013-03-06 23:52 122905848 ----a-w- c:\windows\system32\MRT.exe
                    2015-02-22 20:01 . 2013-03-08 21:58 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                    2015-02-22 20:01 . 2013-03-08 21:58 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                    2015-02-20 18:47 . 2014-07-27 13:21 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                    2015-02-17 15:04 . 2015-02-17 15:04 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
                    2015-02-04 03:16 . 2015-02-22 09:29 609280 ----a-w- c:\windows\system32\generaltel.dll
                    2015-02-04 03:16 . 2015-02-22 09:29 762368 ----a-w- c:\windows\system32\invagent.dll
                    2015-02-04 03:16 . 2015-02-22 09:29 414720 ----a-w- c:\windows\system32\devinv.dll
                    2015-02-04 03:16 . 2015-02-22 09:29 894976 ----a-w- c:\windows\system32\appraiser.dll
                    2015-02-04 03:16 . 2015-02-22 09:29 192000 ----a-w- c:\windows\system32\aepic.dll
                    2015-02-04 03:16 . 2015-02-22 09:29 227328 ----a-w- c:\windows\system32\aepdu.dll
                    2015-02-04 03:13 . 2015-02-22 09:29 1098752 ----a-w- c:\windows\system32\aeinv.dll
                    2015-01-27 23:36 . 2015-02-22 09:29 1239720 ----a-w- c:\windows\system32\aitstatic.exe
                    2015-01-09 03:14 . 2015-02-22 09:29 91136 ----a-w- c:\windows\system32\wdi.dll
                    2015-01-09 03:14 . 2015-02-22 09:29 950272 ----a-w- c:\windows\system32\perftrack.dll
                    2015-01-09 03:14 . 2015-02-22 09:29 29696 ----a-w- c:\windows\system32\powertracker.dll
                    2015-01-09 02:48 . 2015-02-22 09:29 76800 ----a-w- c:\windows\SysWow64\wdi.dll
                    2014-11-22 10:03 . 2014-11-22 10:03 6000640 ----a-w- c:\program files (x86)\GUT49BD.tmp
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                    REGEDIT4
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive1]
                    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
                    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
                    2013-05-23 19:28 222808 ----a-w- c:\users\Britney\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive2]
                    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
                    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
                    2013-05-23 19:28 222808 ----a-w- c:\users\Britney\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive3]
                    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
                    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
                    2013-05-23 19:28 222808 ----a-w- c:\users\Britney\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                    "ConsentPromptBehaviorAdmin"= 5 (0x5)
                    "ConsentPromptBehaviorUser"= 3 (0x3)
                    "EnableUIADesktopToggle"= 0 (0x0)
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE]
                    @="Service"
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS]
                    @="Service"
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc]
                    @="Service"
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver]
                    @="Service"
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess]
                    @="Service"
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss]
                    @="Service"
                    .
                    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                    R3 cpuz134;cpuz134;c:\users\Britney\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Britney\AppData \Local\Temp\cpuz134\cpuz134_x64.sys [x]
                    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drive rs\MBAMSwissArmy.sys [x]
                    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
                    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
                    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                    R4 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
                    R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
                    R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
                    R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
                    R4 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
                    R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
                    R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                    R4 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
                    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
                    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1507000.00B\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64 \1507000.00B\SYMDS64.SYS [x]
                    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1507000.00B\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\ NISx64\1507000.00B\SYMEFA64.SYS [x]
                    S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\BASHDefs\20150321.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [x]
                    S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NIS x64\1507000.00B\ccSetx64.sys [x]
                    S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\IPSDefs\20150403.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\IPSDefs\20150403.001\IDSvia64.sys [x]
                    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx6 4\1507000.00B\Ironx64.SYS [x]
                    S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx6 4\1507000.00B\SYMNETS.SYS [x]
                    S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
                    S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [x]
                    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
                    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
                    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
                    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
                    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
                    .
                    .
                    Inhoud van de 'Gedeelde Taken' map
                    .
                    2015-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
                    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-08 20:01]
                    .
                    .
                    --------- X64 Entries -----------
                    .
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
                    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
                    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
                    2013-05-23 19:28 261704 ----a-w- c:\users\Britney\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
                    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
                    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
                    2013-05-23 19:28 261704 ----a-w- c:\users\Britney\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
                    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
                    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
                    2013-05-23 19:28 261704 ----a-w- c:\users\Britney\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
                    .
                    ------- Bijkomende Scan -------
                    .
                    uStart Page = hxxp://www.google.nl/
                    uLocal Page = c:\windows\system32\blank.htm
                    mLocal Page = c:\windows\SysWOW64\blank.htm
                    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
                    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
                    TCP: DhcpNameServer = 192.168.0.1
                    .
                    - - - - ORPHANS VERWIJDERD - - - -
                    .
                    Toolbar-Locked - (no file)
                    Toolbar-Locked - (no file)
                    .
                    .
                    .
                    [HKEY_LOCAL_MACHINE\system\ControlSet002\services\NIS]
                    "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.7.0.11\diMaster.dll\" /prefetch:1"
                    "ImagePath"="\SystemRoot\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS"
                    "TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.7.0.11;c:\program files (x86)\Norton Internet Security\Engine64\21.7.0.11"
                    .
                    Voltooingstijd: 2015-04-06 22:05:12
                    ComboFix-quarantined-files.txt 2015-04-06 20:05
                    .
                    Pre-Run: 216.967.733.248 bytes beschikbaar
                    Post-Run: 216.298.958.848 bytes beschikbaar
                    .
                    - - End Of File - - 5667D1D68A52C77AAF254055011D1285
                    A36C5E4F47E84449FF07ED3517B43A31

                    Comment


                    • #11
                      en hier de nieuwe DDs

                      DDS (Ver_2012-11-20.01) - NTFS_AMD64
                      Internet Explorer: 10.0.9200.17267 BrowserJavaVersion: 11.31.2
                      Run by Britney at 22:10:18 on 2015-04-06
                      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.1787.612 [GMT 2:00]
                      .
                      AV: Norton Internet Security *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
                      SP: Norton Internet Security *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
                      FW: Norton Internet Security *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
                      .
                      ============== Running Processes ===============
                      .
                      C:\Windows\system32\lsm.exe
                      C:\Windows\system32\svchost.exe -k DcomLaunch
                      C:\Windows\system32\svchost.exe -k RPCSS
                      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                      C:\Windows\system32\svchost.exe -k LocalService
                      C:\Windows\system32\svchost.exe -k netsvcs
                      C:\Windows\system32\svchost.exe -k GPSvcGroup
                      C:\Windows\system32\svchost.exe -k NetworkService
                      C:\Windows\System32\spoolsv.exe
                      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                      C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe
                      C:\Windows\system32\svchost.exe -k imgsvc
                      C:\Windows\system32\SearchIndexer.exe
                      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                      C:\Windows\system32\taskhost.exe
                      C:\Windows\system32\Dwm.exe
                      C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe
                      C:\Program Files\Windows Media Player\wmpnetwk.exe
                      C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                      C:\Windows\system32\svchost.exe -k SDRSVC
                      C:\Windows\explorer.exe
                      C:\Program Files\Internet Explorer\iexplore.exe
                      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                      C:\Windows\system32\SearchProtocolHost.exe
                      C:\Windows\system32\SearchFilterHost.exe
                      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                      C:\Windows\system32\SearchProtocolHost.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Windows\System32\wbem\WmiPrvSE.exe
                      C:\Windows\System32\cscript.exe
                      .
                      ============== Pseudo HJT Report ===============
                      .
                      uStart Page = hxxp://www.google.nl/
                      BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
                      BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coieplg.dll
                      BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\ips\ipsbho.dll
                      BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
                      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
                      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
                      TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coieplg.dll
                      uPolicies-Explorer: NoDriveTypeAutoRun = dword:149
                      uPolicies-Explorer: NoDrives = dword:0
                      mPolicies-Explorer: NoDrives = dword:0
                      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                      mPolicies-System: ConsentPromptBehaviorUser = dword:3
                      mPolicies-System: EnableUIADesktopToggle = dword:0
                      mPolicies-Explorer: NoDriveTypeAutoRun = dword:149
                      IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
                      IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
                      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
                      IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
                      TCP: NameServer = 192.168.0.1
                      TCP: Interfaces\{BC0B0743-4936-4D14-829A-51AB56B29EFF} : DHCPNameServer = 192.168.0.1
                      TCP: Interfaces\{BC0B0743-4936-4D14-829A-51AB56B29EFF}\14256573531393143353437333 : DHCPNameServer = 192.168.2.254
                      TCP: Interfaces\{BC0B0743-4936-4D14-829A-51AB56B29EFF}\4556C65623E2A424 : DHCPNameServer = 192.168.1.1
                      Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
                      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
                      SSODL: WebCheck - <orphaned>
                      SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
                      x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coieplg.dll
                      x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coieplg.dll
                      x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
                      x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
                      x64-SSODL: WebCheck - <orphaned>
                      .
                      ============= SERVICES / DRIVERS ===============
                      .
                      R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-2-15 55024]
                      R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1507000.00B\symds64.sys [2015-3-18 493656]
                      R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1507000.00B\symefa64.sys [2015-3-18 1148120]
                      R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\BASHDefs\20150321.001\BHDrvx64.sys [2015-4-5 1622744]
                      R1 ccSet_NIS;NIS Settings Manager;C:\Windows\System32\drivers\NISx64\1507000.00B\ccsetx64.sys [2015-3-18 162392]
                      R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\IPSDefs\20150403.001\IDSviA64.sys [2015-4-5 671448]
                      R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1507000.00B\ironx64.sys [2015-3-18 266968]
                      R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1507000.00B\symnets.sys [2015-3-18 593112]
                      R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
                      R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe [2015-3-18 276336]
                      R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2015-2-26 46136]
                      R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]
                      R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-3-10 142640]
                      R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-4-30 321064]
                      R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-2-15 38456]
                      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-12 103608]
                      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
                      S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-27 129752]
                      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-8 19456]
                      S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-4-30 239136]
                      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-7-29 56832]
                      S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-7 1255736]
                      S4 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
                      S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-30 238080]
                      S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-4-30 361984]
                      S4 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-4-30 325200]
                      S4 ePowerSvc;Acer ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2013-2-15 866336]
                      S4 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-3-9 250368]
                      S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
                      S4 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-4-30 243232]
                      .
                      =============== Created Last 30 ================
                      .
                      2015-04-06 20:05:23 -------- d-sh--w- C:\$RECYCLE.BIN
                      2015-04-06 19:49:53 98816 ----a-w- C:\Windows\sed.exe
                      2015-04-06 19:49:53 256000 ----a-w- C:\Windows\PEV.exe
                      2015-04-06 19:49:53 208896 ----a-w- C:\Windows\MBR.exe
                      2015-04-06 19:49:45 -------- d-----w- C:\ComboFix
                      2015-04-06 19:22:09 -------- d-----w- C:\Program Files (x86)\Geeks3D
                      2015-03-26 08:51:58 0 ----a-w- C:\Windows\ativpsrm.bin
                      2015-03-26 08:49:00 -------- d-----w- C:\Program Files (x86)\AMD AVT
                      2015-03-26 08:48:50 -------- d-----w- C:\Program Files (x86)\AMD APP
                      2015-03-26 08:48:38 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
                      2015-03-26 08:48:38 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
                      2015-03-26 08:45:12 -------- d-----w- C:\Program Files (x86)\ATI Technologies
                      2015-03-26 08:44:42 -------- d-----w- C:\Program Files\ATI Technologies
                      2015-03-26 08:44:39 -------- d-----w- C:\Program Files\ATI
                      2015-03-23 17:42:52 -------- d-----w- C:\Users\Britney\AppData\Local\Diagnostics
                      2015-03-18 17:07:43 876248 ----a-w- C:\Windows\System32\drivers\NISx64\1507000.00B\srtsp64.sys
                      2015-03-18 17:07:43 593112 ----a-r- C:\Windows\System32\drivers\NISx64\1507000.00B\symnets.sys
                      2015-03-18 17:07:43 493656 ----a-r- C:\Windows\System32\drivers\NISx64\1507000.00B\symds64.sys
                      2015-03-18 17:07:43 37592 ----a-w- C:\Windows\System32\drivers\NISx64\1507000.00B\srtspx64.sys
                      2015-03-18 17:07:43 266968 ----a-w- C:\Windows\System32\drivers\NISx64\1507000.00B\ironx64.sys
                      2015-03-18 17:07:43 23568 ----a-r- C:\Windows\System32\drivers\NISx64\1507000.00B\symelam.sys
                      2015-03-18 17:07:43 162392 ----a-r- C:\Windows\System32\drivers\NISx64\1507000.00B\ccsetx64.sys
                      2015-03-18 17:07:43 1148120 ----a-r- C:\Windows\System32\drivers\NISx64\1507000.00B\symefa64.sys
                      2015-03-18 17:07:19 -------- d-----w- C:\Windows\System32\drivers\NISx64\1507000.00B
                      2015-03-10 18:50:58 215552 ----a-w- C:\Windows\System32\ubpm.dll
                      2015-03-10 18:49:59 782848 ----a-w- C:\Windows\System32\wmdrmsdk.dll
                      2015-03-10 18:43:48 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
                      2015-03-10 18:43:48 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
                      2015-03-10 09:17:35 -------- d-----w- C:\Program Files (x86)\ATITool
                      2015-03-09 18:08:53 683520 ----a-w- C:\Windows\System32\termsrv.dll
                      .
                      ==================== Find3M ====================
                      .
                      2015-04-06 09:37:21 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
                      2015-03-06 05:56:10 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
                      2015-03-06 05:56:10 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
                      2015-03-06 05:42:39 210944 ----a-w- C:\Windows\System32\wdigest.dll
                      2015-03-06 05:42:36 86528 ----a-w- C:\Windows\System32\TSpkg.dll
                      2015-03-06 05:42:35 29184 ----a-w- C:\Windows\System32\sspisrv.dll
                      2015-03-06 05:42:35 136192 ----a-w- C:\Windows\System32\sspicli.dll
                      2015-03-06 05:42:33 341504 ----a-w- C:\Windows\System32\schannel.dll
                      2015-03-06 05:42:33 28160 ----a-w- C:\Windows\System32\secur32.dll
                      2015-03-06 05:42:29 314880 ----a-w- C:\Windows\System32\msv1_0.dll
                      2015-03-06 05:42:29 309760 ----a-w- C:\Windows\System32\ncrypt.dll
                      2015-03-06 05:42:27 728064 ----a-w- C:\Windows\System32\kerberos.dll
                      2015-03-06 05:42:27 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
                      2015-03-06 05:42:20 22016 ----a-w- C:\Windows\System32\credssp.dll
                      2015-03-06 05:41:46 31232 ----a-w- C:\Windows\System32\lsass.exe
                      2015-03-06 05:41:31 64000 ----a-w- C:\Windows\System32\auditpol.exe
                      2015-03-06 05:39:16 60416 ----a-w- C:\Windows\System32\msobjs.dll
                      2015-03-06 05:38:57 146432 ----a-w- C:\Windows\System32\msaudite.dll
                      2015-03-06 05:36:56 686080 ----a-w- C:\Windows\System32\adtschema.dll
                      2015-03-06 05:10:34 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
                      2015-03-06 05:10:30 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
                      2015-03-06 05:10:26 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
                      2015-03-06 05:10:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
                      2015-03-06 05:10:22 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
                      2015-03-06 05:10:22 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
                      2015-03-06 05:10:18 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
                      2015-03-06 05:10:11 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
                      2015-03-06 05:09:31 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
                      2015-03-06 05:09:19 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
                      2015-03-06 05:07:50 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
                      2015-03-06 05:07:43 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
                      2015-03-06 05:06:20 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
                      2015-02-26 03:25:44 3204096 ----a-w- C:\Windows\System32\win32k.sys
                      2015-02-23 10:52:04 2237952 ----a-w- C:\Windows\System32\wininet.dll
                      2015-02-23 10:51:56 600576 ----a-w- C:\Windows\System32\vbscript.dll
                      2015-02-23 10:50:40 3959296 ----a-w- C:\Windows\System32\jscript9.dll
                      2015-02-23 10:50:34 67072 ----a-w- C:\Windows\System32\iesetup.dll
                      2015-02-23 10:50:34 136704 ----a-w- C:\Windows\System32\iesysprep.dll
                      2015-02-23 10:49:36 1509376 ----a-w- C:\Windows\System32\inetcpl.cpl
                      2015-02-23 09:17:52 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
                      2015-02-23 08:51:29 441856 ----a-w- C:\Windows\System32\html.iec
                      2015-02-23 08:25:10 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
                      2015-02-22 20:01:31 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                      2015-02-22 20:01:31 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                      2015-02-21 05:31:25 1763328 ----a-w- C:\Windows\SysWow64\wininet.dll
                      2015-02-21 05:31:19 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
                      2015-02-21 05:30:16 2864640 ----a-w- C:\Windows\SysWow64\jscript9.dll
                      2015-02-21 05:30:11 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
                      2015-02-21 05:30:11 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
                      2015-02-21 05:29:25 1441280 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                      2015-02-21 05:09:51 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                      2015-02-21 04:42:37 361984 ----a-w- C:\Windows\SysWow64\html.iec
                      2015-02-21 04:19:22 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
                      2015-02-20 18:47:07 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                      2015-02-20 04:41:01 41984 ----a-w- C:\Windows\System32\lpk.dll
                      2015-02-20 04:40:59 100864 ----a-w- C:\Windows\System32\fontsub.dll
                      2015-02-20 04:40:56 14336 ----a-w- C:\Windows\System32\dciman32.dll
                      2015-02-20 04:40:55 46080 ----a-w- C:\Windows\System32\atmlib.dll
                      2015-02-20 04:13:49 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
                      2015-02-20 04:13:46 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
                      2015-02-20 04:13:43 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
                      2015-02-20 04:12:51 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
                      2015-02-20 03:29:16 372224 ----a-w- C:\Windows\System32\atmfd.dll
                      2015-02-20 03:09:16 299008 ----a-w- C:\Windows\SysWow64\atmfd.dll
                      2015-02-17 15:04:46 1202848 ----a-w- C:\Windows\SysWow64\FM20.DLL
                      2015-02-04 03:16:29 609280 ----a-w- C:\Windows\System32\generaltel.dll
                      2015-02-04 03:16:20 762368 ----a-w- C:\Windows\System32\invagent.dll
                      2015-02-04 03:16:16 414720 ----a-w- C:\Windows\System32\devinv.dll
                      2015-02-04 03:16:14 894976 ----a-w- C:\Windows\System32\appraiser.dll
                      2015-02-04 03:16:13 227328 ----a-w- C:\Windows\System32\aepdu.dll
                      2015-02-04 03:16:13 192000 ----a-w- C:\Windows\System32\aepic.dll
                      2015-02-04 03:13:28 1098752 ----a-w- C:\Windows\System32\aeinv.dll
                      2015-02-03 03:34:39 693176 ----a-w- C:\Windows\System32\winload.efi
                      2015-02-03 03:34:38 5554104 ----a-w- C:\Windows\System32\ntoskrnl.exe
                      2015-02-03 03:34:36 94656 ----a-w- C:\Windows\System32\drivers\mountmgr.sys
                      2015-02-03 03:33:29 616360 ----a-w- C:\Windows\System32\winresume.efi
                      2015-02-03 03:30:58 631808 ----a-w- C:\Windows\System32\evr.dll
                      2015-02-03 03:29:19 8704 ----a-w- C:\Windows\System32\pcaevts.dll
                      2015-02-03 03:28:49 2048 ----a-w- C:\Windows\System32\mferror.dll
                      2015-02-03 03:28:14 6656 ----a-w- C:\Windows\System32\apisetschema.dll
                      2015-02-03 03:19:12 663552 ----a-w- C:\Windows\System32\drivers\PEAuth.sys
                      2015-02-03 03:16:31 3973048 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
                      2015-02-03 03:16:31 3917760 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
                      2015-02-03 03:11:55 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
                      2015-02-03 03:11:48 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
                      2015-02-03 03:11:18 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
                      2015-02-03 03:09:03 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
                      2015-02-03 03:08:07 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
                      2015-02-03 02:32:25 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
                      2015-01-31 03:48:54 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
                      2015-01-31 03:48:54 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
                      2015-01-30 23:56:52 243200 ----a-w- C:\Windows\System32\rdpudd.dll
                      2015-01-30 23:56:51 459336 ----a-w- C:\Windows\System32\drivers\cng.sys
                      2015-01-27 23:36:21 1239720 ----a-w- C:\Windows\System32\aitstatic.exe
                      2015-01-17 02:48:38 1067520 ----a-w- C:\Windows\System32\msctf.dll
                      2015-01-17 02:30:42 828928 ----a-w- C:\Windows\SysWow64\msctf.dll
                      2015-01-09 03:14:27 91136 ----a-w- C:\Windows\System32\wdi.dll
                      2015-01-09 03:14:19 950272 ----a-w- C:\Windows\System32\perftrack.dll
                      2015-01-09 03:14:19 29696 ----a-w- C:\Windows\System32\powertracker.dll
                      2015-01-09 02:48:18 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
                      .
                      ============= FINISH: 22:10:46,60 ===============

                      Comment


                      • #12
                        en de ander log file van DDS
                        ik wist niet welke je wilde hebben.


                        .
                        UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
                        IF REQUESTED, ZIP IT UP & ATTACH IT
                        .
                        DDS (Ver_2012-11-20.01)
                        .
                        Microsoft Windows 7 Home Premium
                        Boot Device: \Device\HarddiskVolume2
                        Install Date: 15-2-2013 0:05:07
                        System Uptime: 6-4-2015 21:14:53 (1 hours ago)
                        .
                        Motherboard: Packard Bell | | EasyNote TM82
                        Processor: AMD Athlon(tm) II P320 Dual-Core Processor | Socket S1G4 | 798/200mhz
                        .
                        ==== Disk Partitions =========================
                        .
                        C: is FIXED (NTFS) - 284 GiB total, 201,561 GiB free.
                        D: is CDROM ()
                        .
                        ==== Disabled Device Manager Items =============
                        .
                        Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
                        Description: Samengesteld USB-apparaat
                        Device ID: USB\VID_064E&PID_A219\HF1315-S32B-OV01-VA-R02.01.05
                        Manufacturer: (Standaard USB Host Controller)
                        Name: Samengesteld USB-apparaat
                        PNP Device ID: USB\VID_064E&PID_A219\HF1315-S32B-OV01-VA-R02.01.05
                        Service: usbccgp
                        .
                        Class GUID:
                        Description:
                        Device ID: ROOT\*ATITOOLDEVICE\0000
                        Manufacturer:
                        Name:
                        PNP Device ID: ROOT\*ATITOOLDEVICE\0000
                        Service:
                        .
                        ==== System Restore Points ===================
                        .
                        RP209: 5-3-2015 23:54:53 - Windows Update
                        RP210: 6-3-2015 16:42:58 - Windows Update
                        RP211: 6-3-2015 16:52:23 - Windows Update
                        RP212: 9-3-2015 19:14:25 - Windows Update
                        RP213: 9-3-2015 19:30:33 - Windows Update
                        RP214: 9-3-2015 19:38:10 - Windows Update
                        RP215: 9-3-2015 19:51:09 - Windows Update
                        RP216: 9-3-2015 20:26:00 - Windows Update
                        RP217: 9-3-2015 20:40:10 - Windows Update
                        RP218: 10-3-2015 7:50:00 - Installatieprogramma voor Windows-modules
                        RP219: 10-3-2015 7:50:50 - Installatieprogramma voor Windows-modules
                        RP220: 10-3-2015 8:26:27 - Windows Update
                        RP221: 10-3-2015 8:53:55 - Windows Update
                        RP222: 10-3-2015 10:17:49 - Installatie van apparaatstuurprogramma: W1zzard
                        RP223: 10-3-2015 19:52:27 - Windows Update
                        RP224: 26-3-2015 9:16:40 - DDU System Restored Point
                        RP225: 5-4-2015 14:07:53 - Installed Microsoft Fix it 50471
                        .
                        ==== Installed Programs ======================
                        .
                        Acrobat.com
                        Adobe AIR
                        Adobe Flash Player 16 ActiveX
                        Adobe Photoshop Elements 8.0
                        Adobe Reader 9.1 MUI
                        Advertising Center
                        AMD Accelerated Video Transcoding
                        AMD APP SDK Runtime
                        AMD Catalyst Install Manager
                        AMD Drag and Drop Transcoding
                        AMD Fuel
                        AMD Media Foundation Decoders
                        AMD USB Filter Driver
                        AMD VISION Engine Control Center
                        Backup Manager Basic
                        Catalyst Control Center - Branding
                        Catalyst Control Center Graphics Previews Common
                        Catalyst Control Center InstallProxy
                        Catalyst Control Center Localization All
                        ccc-utility64
                        CCC Help Chinese Standard
                        CCC Help Chinese Traditional
                        CCC Help Czech
                        CCC Help Danish
                        CCC Help Dutch
                        CCC Help English
                        CCC Help Finnish
                        CCC Help French
                        CCC Help German
                        CCC Help Greek
                        CCC Help Hungarian
                        CCC Help Italian
                        CCC Help Japanese
                        CCC Help Korean
                        CCC Help Norwegian
                        CCC Help Polish
                        CCC Help Portuguese
                        CCC Help Russian
                        CCC Help Spanish
                        CCC Help Swedish
                        CCC Help Thai
                        CCC Help Turkish
                        CCleaner
                        Google Toolbar for Internet Explorer
                        Google Update Helper
                        Identity Card
                        ImagXpress
                        Java 8 Update 31
                        Java Auto Updater
                        Launch Manager
                        Malwarebytes Anti-Malware versie 2.0.4.1028
                        Microsoft .NET Framework 4.5.2
                        Microsoft .NET Framework 4.5.2 (Nederlands)
                        Microsoft .NET Framework 4.5.2 (NLD)
                        Microsoft Office 2007 Service Pack 3 (SP3)
                        Microsoft Office Access MUI (Dutch) 2007
                        Microsoft Office Enterprise 2007
                        Microsoft Office Excel MUI (Dutch) 2007
                        Microsoft Office File Validation Add-In
                        Microsoft Office Groove MUI (Dutch) 2007
                        Microsoft Office InfoPath MUI (Dutch) 2007
                        Microsoft Office Office 64-bit Components 2007
                        Microsoft Office OneNote MUI (Dutch) 2007
                        Microsoft Office Outlook Connector
                        Microsoft Office Outlook MUI (Dutch) 2007
                        Microsoft Office PowerPoint MUI (Dutch) 2007
                        Microsoft Office Proof (Dutch) 2007
                        Microsoft Office Proof (English) 2007
                        Microsoft Office Proof (French) 2007
                        Microsoft Office Proof (German) 2007
                        Microsoft Office Proofing (Dutch) 2007
                        Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
                        Microsoft Office Publisher MUI (Dutch) 2007
                        Microsoft Office Shared 64-bit MUI (Dutch) 2007
                        Microsoft Office Shared MUI (Dutch) 2007
                        Microsoft Office Word MUI (Dutch) 2007
                        Microsoft Silverlight
                        Microsoft SkyDrive
                        Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
                        Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
                        Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
                        Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
                        Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
                        Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
                        Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
                        Microsoft Works
                        MSXML 4.0 SP2 (KB954430)
                        MSXML 4.0 SP2 (KB973688)
                        Nero 9 Essentials
                        Nero ControlCenter
                        Nero DiscSpeed
                        Nero DiscSpeed Help
                        Nero DriveSpeed
                        Nero DriveSpeed Help
                        Nero Express Help
                        Nero InfoTool
                        Nero InfoTool Help
                        Nero Installer
                        Nero Online Upgrade
                        Nero StartSmart
                        Nero StartSmart Help
                        Nero StartSmart OEM
                        NeroExpress
                        neroxml
                        Norton Internet Security
                        Packard Bell MyBackup
                        Packard Bell Power Management
                        Packard Bell Recovery Management
                        Realtek HDMI Audio Driver for ATI
                        Realtek High Definition Audio Driver
                        Realtek USB 2.0 Card Reader
                        Secure Download Manager
                        Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition
                        Security Update for Microsoft Office 2007 suites (KB2984939) 32-Bit Edition
                        Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition
                        Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956107) 32-Bit Edition
                        Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition
                        Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
                        Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
                        Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
                        Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition
                        Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
                        Security Update for Microsoft Office Word 2007 (KB2956109) 32-Bit Edition
                        Synaptics Pointing Device Driver
                        Update for 2007 Microsoft Office System (KB967642)
                        Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
                        Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
                        Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
                        Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
                        Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition
                        Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
                        Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
                        Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2956104) 32-Bit Edition
                        Update voor Microsoft Office Excel 2007 Help (KB963678)
                        Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
                        Update voor Microsoft Office Word 2007 Help (KB963665)
                        Video Web Camera
                        Windows Live Sync
                        .
                        ==== End Of File ===========================

                        Comment


                        • #13
                          Ik kan geen malware ontdekken in je logs.

                          Ga naar start > uitvoeren en kopieer en plak volgende command in het veld:

                          ComboFix /Uninstall

                          Zorg ervoor dat er dus een spatie is tussen Combofix en /
                          Daarna klik je op Enter.


                          Klik op de afbeelding om te vergroten....


                          Dit zal Combofix verwijderen+gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw,
                          verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen
                          en reset je Systeemherstel opnieuw.




                          Download of Update Ccleaner

                          Start CCleaner op.
                          • Run Ccleaner en klik in de linkse kolom op Opties
                          • Selecteer het tabblad Geavanceerd
                          • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                          • Selecteer het tabblad Instellingen
                          • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                          • Klik in de linkse kolom op Cleaner.
                          • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                          • Klik vervolgens in de linkse kolom op Register
                          • Klik op Scan naar problemen.
                          • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                          • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                          .



                          Vertel nu eens even of er nog problemen zijn?

                          Emphyrio
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            beste
                            ja er zijn nog problemen het stomme er van is zo kan hij 2 3 4 uur draaien en zo gaat hij al na 5 minuten weer uit
                            je kan dan nog wel het scherm bekijken , maar alles staat stil.
                            de enig optie is dan de harde reset en dus de power knop lang in te houden.
                            om dan op te starten met de optie Windows normaal opstarten.

                            Comment


                            • #15
                              Ik vermoed dat dit een Windows probleem is.
                              Malware is het in ieder geval niet.

                              Maak een nieuw topic aan in de Windows sectie.

                              1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                              2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                              Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                              3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                              4) Allerlei tips en hints kan je hier raadplegen.


                              Ik zet het topic op opgelost.

                              Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                              naar de sectie "Afgesloten topics virusinfecties en is een reactie niet meer mogelijk
                              Dit is gedaan om het forum netjes en overzichtelijk te houden.

                              Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                              Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                              Emphyrio
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Working...
                              X