Mededeling

Collapse
No announcement yet.

Sales Plus virus

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Sales Plus virus

    Beste medewerker,

    Ik had een Sales Plus virus op m'n pc staan en blijk na wat scans nog aardig wat malware op mijn pc te hebben.

    Bij deze de logfiles.

    Alvast bedankt voor de hulp.


    Malwarebytes Anti-Malware
    www.malwarebytes.org


    Update, 25-4-2015 13:26:45, SYSTEM, EIGENAAR-PC, Manual, Rootkit Database, 2014.11.18.1, 2015.4.21.1,
    Update, 25-4-2015 13:26:45, SYSTEM, EIGENAAR-PC, Manual, Remediation Database, 2013.10.16.1, 2015.4.22.1,
    Update, 25-4-2015 13:26:47, SYSTEM, EIGENAAR-PC, Manual, Malware Database, 2014.11.20.6, 2015.4.25.1,
    Update, 25-4-2015 13:28:20, SYSTEM, EIGENAAR-PC, Manual, Remediation Database, 2015.3.9.1, 2015.4.22.1,
    Update, 25-4-2015 13:28:20, SYSTEM, EIGENAAR-PC, Manual, Rootkit Database, 2015.2.25.1, 2015.4.21.1,
    Update, 25-4-2015 13:28:22, SYSTEM, EIGENAAR-PC, Manual, Malware Database, 2015.3.9.5, 2015.4.25.1,
    Scan, 25-4-2015 15:16:00, SYSTEM, EIGENAAR-PC, Manual, Start: 25-4-2015 13:30:34, Duur: 1 u 43 m 19 s, Aangepaste Scan, Voltooid, 0 Malware Detecties, 97 niet-Malware Detecties,
    Error, 25-4-2015 15:17:36, SYSTEM, EIGENAAR-PC, Protection, IsLicensed, 13,
    Protection, 25-4-2015 15:17:36, SYSTEM, EIGENAAR-PC, Protection, Malware Protection, Stopping,
    Protection, 25-4-2015 15:17:36, SYSTEM, EIGENAAR-PC, Protection, Malware Protection, Stopped,

    (end)


    # AdwCleaner v3.000 - Report created 21/08/2013 at 17:46:36
    # Updated 20/08/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : eigenaar - EIGENAAR-PC
    # Running from : C:\Users\eigenaar\Downloads\adwcleaner (1).exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Users\Roel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16660


    -\\ Mozilla Firefox v

    -\\ Google Chrome v28.0.1500.95

    [ File : C:\Users\eigenaar\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted : icon_url
    Deleted : search_url
    Deleted : keyword

    *************************

    AdwCleaner[R0].txt - [11297 octets] - [21/08/2013 17:29:11]
    AdwCleaner[R1].txt - [1101 octets] - [21/08/2013 17:45:35]
    AdwCleaner[S0].txt - [10717 octets] - [21/08/2013 17:33:06]
    AdwCleaner[S1].txt - [1031 octets] - [21/08/2013 17:46:36]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1091 octets] ##########
    # AdwCleaner v4.202 - Logbestand aangemaakt 25/04/2015 op 17:24:24
    # Laatste update 23/04/2015 door Xplode
    # Database : 2015-04-23.2 [Server]
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
    # Gebruikersnaam : eigenaar - EIGENAAR-PC
    # Gestart vanuit : C:\Users\Roel\Downloads\adwcleaner_4.202 (1).exe
    # Optie : Verwijderen

    ***** [ Services ] *****


    ***** [ Bestanden / Mappen ] *****

    Bestand Verwijderd : C:\Users\eigenaar\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ndgonipadfipmlmdfofnjnhhlgojnjdn_0

    ***** [ Geplande taken ] *****


    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****


    ***** [ Webbrowsers ] *****

    -\\ Internet Explorer v11.0.9600.17728


    -\\ Mozilla Firefox v37.0.1 (x86 nl)


    -\\ Google Chrome v42.0.2311.90


    -\\ Comodo Dragon v


    -\\ Chrome Canary v


    *************************

    AdwCleaner[R0].txt - [27663 bytes] - [21/08/2013 17:29:11]
    AdwCleaner[R1].txt - [2315 bytes] - [21/08/2013 17:45:35]
    AdwCleaner[S0].txt - [17085 bytes] - [21/08/2013 17:33:06]
    AdwCleaner[S1].txt - [2253 bytes] - [21/08/2013 17:46:36]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2312 bytes] ##########


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 11-6-2012 20:09:45
    System Uptime: 25-4-2015 17:24:57 (0 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | M5A78L-M/USB3
    Processor: AMD Athlon(tm) II X2 250 Processor | AM3R2 | 3000/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 244 GiB total, 133,688 GiB free.
    D: is FIXED (NTFS) - 1619 GiB total, 1577,81 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: AVG AVI Loader Driver
    Device ID: ROOT\LEGACY_AVGLDX64\0000
    Manufacturer:
    Name: AVG AVI Loader Driver
    PNP Device ID: ROOT\LEGACY_AVGLDX64\0000
    Service: Avgldx64
    .
    ==== System Restore Points ===================
    .
    RP224: 3-4-2015 18:36:45 - Gepland controlepunt
    RP225: 4-4-2015 15:51:10 - Windows Update
    RP226: 13-4-2015 18:19:38 - Gepland controlepunt
    RP227: 15-4-2015 23:54:56 - Windows Update
    RP228: 18-4-2015 21:10:08 - Removed Microsoft Silverlight
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 17 ActiveX
    Adobe Reader XI (11.0.10) - Nederlands
    Adobe Refresh Manager
    Apple Application Support (32-bit)
    Apple Application Support (64-bit)
    Apple Mobile Device Support
    Apple Software Update
    Asmedia ASM104x USB 3.0 Host Controller Driver
    ATI Catalyst Install Manager
    Audacity 2.0.4
    AVG 2013
    BitTorrent
    Bonjour
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    ccc-utility64
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CCleaner
    D3DX10
    Free WAV to MP3 Converter
    Free WMA to MP3 Converter 1.16
    Google Chrome
    Google Chrome Extension Updater 1.12.02
    Google Toolbar for Internet Explorer
    Google Update Helper
    iCloud
    iTunes
    Junk Mail filter update
    Malwarebytes Anti-Malware versie 2.1.6.1022
    Microsoft .NET Framework 4.5.1
    Microsoft .NET Framework 4.5.1 (Nederlands)
    Microsoft .NET Framework 4.5.1 (NLD)
    Microsoft Application Error Reporting
    Microsoft Office 2000 Premium
    Microsoft Silverlight
    Microsoft SkyDrive
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Movie Maker
    Mozilla Firefox 37.0.1 (x86 nl)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSVCRT110
    MSVCRT110_amd64
    OpenMG Limited Patch 3.0.01-01-12-17-01
    Photo Common
    Photo Gallery
    Platform
    QuickTime 7
    Realtek Ethernet Controller Driver
    Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
    Security Update for Microsoft .NET Framework 4.5.1 (KB3037581)
    Sony Net MD Help
    SopCast 3.5.0
    Spotify
    VIA Platform apparaatbeheer
    Visual Studio 2008 x64 Redistributables
    Visual Studio 2010 x64 Redistributables
    VLC media player
    VobSub v2.23 (Remove Only)
    Winamp
    Winamp Applicatie Detect
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR 4.20 (32-bit)
    WinRAR 4.20 (64-bit)
    WinZip 16.5
    .
    ==== End Of File ===========================


    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17728
    Run by eigenaar at 17:28:16 on 2015-04-25
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3838.2564 [GMT 2:00]
    .
    AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.nl/
    BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [Spotify Web Helper] "C:\Users\eigenaar\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
    uRun: [Spotify] "C:\Users\eigenaar\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
    uRunOnce: [Report] C:\AdwCleaner\AdwCleaner[S1].txt
    mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    StartupFolder: C:\Users\eigenaar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DOWNLO~2.LNK - C:\ProgramData\{a8157d0a-2298-01a6-a815-57d0a229f428}\Download The Shamen - 1990 - En-Tact Torrent - KickassTorrents.exe
    StartupFolder: C:\Users\eigenaar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DOWNLO~1.LNK - C:\ProgramData\{6a9ae066-6ce1-81ab-6a9a-ae0666ce8199}\Download The Shamen En Tact (1990) @flac Torrent - KickassTorrents (1).exe
    StartupFolder: C:\Users\eigenaar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\THEBLA~1.LNK - C:\ProgramData\{778c7049-611f-4590-778c-c7049611c125}\The Black Dog Warp - 1995 - Spanners mp3 [email protected] by idaten.exe
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: EnableSecureUIAPath = dword:1
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    TCP: NameServer = 213.46.228.196 62.179.104.196
    TCP: Interfaces\{4846F724-B214-466F-ABC9-0916F4710250} : DHCPNameServer = 213.46.228.196 62.179.104.196
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\23s2rroq.default\
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]
    R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
    R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-11-16 111968]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
    R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-11-6 45856]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-5-20 202752]
    R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-1-20 77128]
    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-2-24 126952]
    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-2-24 389608]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-4-25 25816]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-11 452200]
    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-6-11 1349232]
    S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
    S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]
    S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-4-25 1080120]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-8-13 57840]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-4-15 114688]
    S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-4-25 63704]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-5 1255736]
    .
    =============== Created Last 30 ================
    .
    2015-04-25 11:28:07 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2015-04-25 11:27:51 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2015-04-25 11:27:51 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2015-04-25 11:27:51 107736 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2015-04-25 11:27:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-04-25 11:14:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2015-04-23 11:20:42 -------- d-----w- C:\ProgramData\14606596235212674330
    2015-04-15 11:12:59 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2015-04-04 14:44:25 -------- d-----w- C:\Program Files (x86)\Free WAV to MP3 Converter
    2015-04-04 13:51:29 -------- d-s---w- C:\Windows\SysWow64\GWX
    2015-04-04 13:51:28 -------- d-s---w- C:\Windows\System32\GWX
    2015-04-03 17:26:21 -------- dc----w- C:\Users\eigenaar\AppData\Local\MigWiz
    .
    ==================== Find3M ====================
    .
    2015-04-15 16:24:50 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2015-04-15 16:24:50 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2015-03-25 03:24:41 98304 ----a-w- C:\Windows\System32\wudriver.dll
    2015-03-25 03:24:41 3298816 ----a-w- C:\Windows\System32\wucltux.dll
    2015-03-25 03:24:41 191488 ----a-w- C:\Windows\System32\wuwebv.dll
    2015-03-25 03:24:08 60416 ----a-w- C:\Windows\System32\WinSetupUI.dll
    2015-03-25 03:23:58 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
    2015-03-25 03:23:55 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2015-03-25 03:00:57 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
    2015-03-25 03:00:57 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
    2015-03-25 03:00:15 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
    2015-03-23 03:25:15 726528 ----a-w- C:\Windows\System32\generaltel.dll
    2015-03-23 03:25:01 769536 ----a-w- C:\Windows\System32\invagent.dll
    2015-03-23 03:24:56 419840 ----a-w- C:\Windows\System32\devinv.dll
    2015-03-23 03:24:54 957952 ----a-w- C:\Windows\System32\appraiser.dll
    2015-03-23 03:24:53 30720 ----a-w- C:\Windows\System32\acmigration.dll
    2015-03-23 03:24:53 227328 ----a-w- C:\Windows\System32\aepdu.dll
    2015-03-23 03:24:53 192000 ----a-w- C:\Windows\System32\aepic.dll
    2015-03-23 03:17:39 1111552 ----a-w- C:\Windows\System32\aeinv.dll
    2015-03-17 05:22:37 5557696 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2015-03-17 05:22:35 95672 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2015-03-17 05:22:35 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2015-03-17 05:19:37 1727904 ----a-w- C:\Windows\System32\ntdll.dll
    2015-03-17 05:17:00 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2015-03-17 05:17:00 243712 ----a-w- C:\Windows\System32\wow64.dll
    2015-03-17 05:17:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2015-03-17 05:15:55 31232 ----a-w- C:\Windows\System32\lsass.exe
    2015-03-17 05:15:44 338432 ----a-w- C:\Windows\System32\conhost.exe
    2015-03-17 05:15:40 64000 ----a-w- C:\Windows\System32\auditpol.exe
    2015-03-17 05:13:29 60416 ----a-w- C:\Windows\System32\msobjs.dll
    2015-03-17 05:13:17 146432 ----a-w- C:\Windows\System32\msaudite.dll
    2015-03-17 05:01:09 3976632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2015-03-17 05:01:09 3920824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2015-03-17 04:59:26 1309696 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2015-03-17 04:57:25 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
    2015-03-17 04:57:21 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
    2015-03-17 04:57:20 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
    2015-03-17 04:57:17 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
    2015-03-17 04:57:17 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2015-03-17 04:57:13 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2015-03-17 04:57:12 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2015-03-17 04:57:11 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
    2015-03-17 04:57:07 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2015-03-17 04:56:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
    2015-03-17 04:56:56 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2015-03-17 04:56:41 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2015-03-17 04:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
    2015-03-17 04:56:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2015-03-17 04:56:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2015-03-17 04:56:00 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2015-03-17 04:53:35 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
    2015-03-17 04:53:13 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
    2015-03-17 03:45:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2015-03-17 03:45:23 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2015-03-17 03:43:04 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-03-17 03:43:04 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2015-03-17 03:43:04 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2015-03-17 03:43:03 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2015-03-13 04:25:14 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2015-03-13 04:25:01 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2015-03-13 04:09:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
    2015-03-13 04:08:33 584192 ----a-w- C:\Windows\System32\vbscript.dll
    2015-03-13 04:08:27 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2015-03-13 04:08:17 417280 ----a-w- C:\Windows\System32\html.iec
    2015-03-13 04:06:54 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2015-03-13 03:54:11 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
    2015-03-13 03:54:00 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2015-03-13 03:53:22 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
    2015-03-13 03:50:45 6025216 ----a-w- C:\Windows\System32\jscript9.dll
    2015-03-13 03:44:48 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2015-03-13 03:42:18 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2015-03-13 03:32:48 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2015-03-13 03:28:48 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2015-03-13 03:28:37 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2015-03-13 03:27:51 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2015-03-13 03:27:35 340992 ----a-w- C:\Windows\SysWow64\html.iec
    2015-03-13 03:26:19 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2015-03-13 03:16:26 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2015-03-13 03:15:40 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2015-03-13 03:05:50 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2015-03-13 03:05:24 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
    2015-03-13 03:01:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2015-03-13 02:49:21 4305408 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2015-03-13 02:45:57 2358784 ----a-w- C:\Windows\System32\wininet.dll
    2015-03-13 02:43:41 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2015-03-13 02:42:47 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2015-03-13 02:20:28 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
    2015-03-10 03:25:10 1882624 ----a-w- C:\Windows\System32\msxml3.dll
    2015-03-10 03:21:42 2048 ----a-w- C:\Windows\System32\msxml3r.dll
    2015-03-10 03:08:26 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2015-03-10 03:05:39 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
    2015-03-05 05:12:33 404480 ----a-w- C:\Windows\System32\gdi32.dll
    2015-03-05 04:05:06 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2015-03-04 04:55:13 367552 ----a-w- C:\Windows\System32\clfs.sys
    2015-03-04 04:41:27 79360 ----a-w- C:\Windows\System32\clfsw32.dll
    2015-03-04 04:10:54 58880 ----a-w- C:\Windows\SysWow64\clfsw32.dll
    2015-02-26 03:25:44 3204096 ----a-w- C:\Windows\System32\win32k.sys
    2015-02-25 03:18:01 754688 ----a-w- C:\Windows\System32\drivers\http.sys
    2015-02-20 04:41:01 41984 ----a-w- C:\Windows\System32\lpk.dll
    2015-02-20 04:40:59 100864 ----a-w- C:\Windows\System32\fontsub.dll
    .
    ============= FINISH: 17:29:18,85 ===============


    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17728
    Run by eigenaar at 17:28:16 on 2015-04-25
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3838.2564 [GMT 2:00]
    .
    AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.nl/
    BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [Spotify Web Helper] "C:\Users\eigenaar\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
    uRun: [Spotify] "C:\Users\eigenaar\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
    uRunOnce: [Report] C:\AdwCleaner\AdwCleaner[S1].txt
    mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    StartupFolder: C:\Users\eigenaar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DOWNLO~2.LNK - C:\ProgramData\{a8157d0a-2298-01a6-a815-57d0a229f428}\Download The Shamen - 1990 - En-Tact Torrent - KickassTorrents.exe
    StartupFolder: C:\Users\eigenaar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DOWNLO~1.LNK - C:\ProgramData\{6a9ae066-6ce1-81ab-6a9a-ae0666ce8199}\Download The Shamen En Tact (1990) @flac Torrent - KickassTorrents (1).exe
    StartupFolder: C:\Users\eigenaar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\THEBLA~1.LNK - C:\ProgramData\{778c7049-611f-4590-778c-c7049611c125}\The Black Dog Warp - 1995 - Spanners mp3 [email protected] by idaten.exe
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: EnableSecureUIAPath = dword:1
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    TCP: NameServer = 213.46.228.196 62.179.104.196
    TCP: Interfaces\{4846F724-B214-466F-ABC9-0916F4710250} : DHCPNameServer = 213.46.228.196 62.179.104.196
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\23s2rroq.default\
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]
    R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
    R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-11-16 111968]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
    R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-11-6 45856]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-5-20 202752]
    R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-1-20 77128]
    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-2-24 126952]
    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-2-24 389608]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-4-25 25816]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-11 452200]
    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-6-11 1349232]
    S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
    S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]
    S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-4-25 1080120]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-8-13 57840]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-4-15 114688]
    S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-4-25 63704]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-5 1255736]
    .
    =============== Created Last 30 ================
    .
    2015-04-25 11:28:07 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2015-04-25 11:27:51 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2015-04-25 11:27:51 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2015-04-25 11:27:51 107736 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2015-04-25 11:27:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-04-25 11:14:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2015-04-23 11:20:42 -------- d-----w- C:\ProgramData\14606596235212674330
    2015-04-15 11:12:59 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2015-04-04 14:44:25 -------- d-----w- C:\Program Files (x86)\Free WAV to MP3 Converter
    2015-04-04 13:51:29 -------- d-s---w- C:\Windows\SysWow64\GWX
    2015-04-04 13:51:28 -------- d-s---w- C:\Windows\System32\GWX
    2015-04-03 17:26:21 -------- dc----w- C:\Users\eigenaar\AppData\Local\MigWiz
    .
    ==================== Find3M ====================
    .
    2015-04-15 16:24:50 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2015-04-15 16:24:50 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2015-03-25 03:24:41 98304 ----a-w- C:\Windows\System32\wudriver.dll
    2015-03-25 03:24:41 3298816 ----a-w- C:\Windows\System32\wucltux.dll
    2015-03-25 03:24:41 191488 ----a-w- C:\Windows\System32\wuwebv.dll
    2015-03-25 03:24:08 60416 ----a-w- C:\Windows\System32\WinSetupUI.dll
    2015-03-25 03:23:58 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
    2015-03-25 03:23:55 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2015-03-25 03:00:57 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
    2015-03-25 03:00:57 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
    2015-03-25 03:00:15 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
    2015-03-23 03:25:15 726528 ----a-w- C:\Windows\System32\generaltel.dll
    2015-03-23 03:25:01 769536 ----a-w- C:\Windows\System32\invagent.dll
    2015-03-23 03:24:56 419840 ----a-w- C:\Windows\System32\devinv.dll
    2015-03-23 03:24:54 957952 ----a-w- C:\Windows\System32\appraiser.dll
    2015-03-23 03:24:53 30720 ----a-w- C:\Windows\System32\acmigration.dll
    2015-03-23 03:24:53 227328 ----a-w- C:\Windows\System32\aepdu.dll
    2015-03-23 03:24:53 192000 ----a-w- C:\Windows\System32\aepic.dll
    2015-03-23 03:17:39 1111552 ----a-w- C:\Windows\System32\aeinv.dll
    2015-03-17 05:22:37 5557696 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2015-03-17 05:22:35 95672 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2015-03-17 05:22:35 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2015-03-17 05:19:37 1727904 ----a-w- C:\Windows\System32\ntdll.dll
    2015-03-17 05:17:00 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2015-03-17 05:17:00 243712 ----a-w- C:\Windows\System32\wow64.dll
    2015-03-17 05:17:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2015-03-17 05:15:55 31232 ----a-w- C:\Windows\System32\lsass.exe
    2015-03-17 05:15:44 338432 ----a-w- C:\Windows\System32\conhost.exe
    2015-03-17 05:15:40 64000 ----a-w- C:\Windows\System32\auditpol.exe
    2015-03-17 05:13:29 60416 ----a-w- C:\Windows\System32\msobjs.dll
    2015-03-17 05:13:17 146432 ----a-w- C:\Windows\System32\msaudite.dll
    2015-03-17 05:01:09 3976632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2015-03-17 05:01:09 3920824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2015-03-17 04:59:26 1309696 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2015-03-17 04:57:25 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
    2015-03-17 04:57:21 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
    2015-03-17 04:57:20 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
    2015-03-17 04:57:17 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
    2015-03-17 04:57:17 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2015-03-17 04:57:13 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2015-03-17 04:57:12 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2015-03-17 04:57:11 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
    2015-03-17 04:57:07 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2015-03-17 04:56:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
    2015-03-17 04:56:56 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2015-03-17 04:56:41 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2015-03-17 04:56:15 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
    2015-03-17 04:56:01 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2015-03-17 04:56:01 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2015-03-17 04:56:00 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2015-03-17 04:53:35 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
    2015-03-17 04:53:13 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
    2015-03-17 03:45:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2015-03-17 03:45:23 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2015-03-17 03:43:04 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2015-03-17 03:43:04 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2015-03-17 03:43:04 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2015-03-17 03:43:03 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2015-03-13 04:25:14 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2015-03-13 04:25:01 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2015-03-13 04:09:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
    2015-03-13 04:08:33 584192 ----a-w- C:\Windows\System32\vbscript.dll
    2015-03-13 04:08:27 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2015-03-13 04:08:17 417280 ----a-w- C:\Windows\System32\html.iec
    2015-03-13 04:06:54 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2015-03-13 03:54:11 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
    2015-03-13 03:54:00 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2015-03-13 03:53:22 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
    2015-03-13 03:50:45 6025216 ----a-w- C:\Windows\System32\jscript9.dll
    2015-03-13 03:44:48 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2015-03-13 03:42:18 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2015-03-13 03:32:48 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2015-03-13 03:28:48 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2015-03-13 03:28:37 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2015-03-13 03:27:51 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2015-03-13 03:27:35 340992 ----a-w- C:\Windows\SysWow64\html.iec
    2015-03-13 03:26:19 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2015-03-13 03:16:26 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2015-03-13 03:15:40 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2015-03-13 03:05:50 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2015-03-13 03:05:24 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
    2015-03-13 03:01:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2015-03-13 02:49:21 4305408 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2015-03-13 02:45:57 2358784 ----a-w- C:\Windows\System32\wininet.dll
    2015-03-13 02:43:41 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2015-03-13 02:42:47 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2015-03-13 02:20:28 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
    2015-03-10 03:25:10 1882624 ----a-w- C:\Windows\System32\msxml3.dll
    2015-03-10 03:21:42 2048 ----a-w- C:\Windows\System32\msxml3r.dll
    2015-03-10 03:08:26 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2015-03-10 03:05:39 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
    2015-03-05 05:12:33 404480 ----a-w- C:\Windows\System32\gdi32.dll
    2015-03-05 04:05:06 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2015-03-04 04:55:13 367552 ----a-w- C:\Windows\System32\clfs.sys
    2015-03-04 04:41:27 79360 ----a-w- C:\Windows\System32\clfsw32.dll
    2015-03-04 04:10:54 58880 ----a-w- C:\Windows\SysWow64\clfsw32.dll
    2015-02-26 03:25:44 3204096 ----a-w- C:\Windows\System32\win32k.sys
    2015-02-25 03:18:01 754688 ----a-w- C:\Windows\System32\drivers\http.sys
    2015-02-20 04:41:01 41984 ----a-w- C:\Windows\System32\lpk.dll
    2015-02-20 04:40:59 100864 ----a-w- C:\Windows\System32\fontsub.dll
    .
    ============= FINISH: 17:29:18,85 ===============

  • #2
    Hoi opgezwolle,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub . ( INFO )
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Heb je deze richtlijnen gelezen en begrepen, mag je verder gaan.....



    Download of Update Ccleaner

    Start CCleaner op.
    • Run Ccleaner en klik in de linkse kolom op Opties
    • Selecteer het tabblad Geavanceerd
    • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
    • Selecteer het tabblad Instellingen
    • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
    • Klik in de linkse kolom op Cleaner.
    • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
    • Klik vervolgens in de linkse kolom op Register
    • Klik op Scan naar problemen.
    • Op de vraag of je een backup wil maken van het register, klik je "Ja".
    • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

    .


    Download Combofix naar je bureaublad.
    (Dus niet naar een download map of temp map)

    Extra nota... Zorg ervoor dat je Security software uitgeschakeld is tijdens het gebruik van Combofix.
    Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

    Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

    Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
    Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

    Als Combofix vraagt om een update, dan staat je dit toe.

    Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
    Deze kan je vinden als C:\combofix.txt.

    Post het Combofixlogje.

    * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
    • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
    • Illegal operation attempted on a registry key that has been marked for deletion.




    Extra nota... Zorg ervoor dat je Security software uitgeschakeld is tijdens het installeren en gebruik van E-Peek.

    Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

    Download setupE-Peek.exe naar je bureaublad.
    Dubbelklik erop en volg de instructies.
    Op het einde van de installatie, zal E-Peek opstarten.
    Klik op "Scan".
    Post de log.
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      ComboFix 15-04-27.01 - eigenaar 27-04-2015 21:05:48.1.2 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3838.2736 [GMT 2:00]
      Gestart vanuit: c:\users\Roel\Desktop\ComboFix.exe
      AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
      SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\programdata\14606596235212674330
      c:\programdata\14606596235212674330\4e2626808eb29462c89c4931f67ffcbf.ini
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\background.html
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\content.js
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\lsdb.js
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\manifest.json
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\Px7DiJOYF.js
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\background.html
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\content.js
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\EZ.js
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\lsdb.js
      c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\manifest.json
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\background.html
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\content.js
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\lsdb.js
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\manifest.json
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\Px7DiJOYF.js
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\background.html
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\content.js
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\EZ.js
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\lsdb.js
      c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\manifest.json
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\background.html
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\content.js
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\lsdb.js
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\manifest.json
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\Px7DiJOYF.js
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\background.html
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\content.js
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\EZ.js
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\lsdb.js
      c:\users\eigenaar\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\manifest.json
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\background.html
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\content.js
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\lsdb.js
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\manifest.json
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\Px7DiJOYF.js
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\background.html
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\content.js
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\EZ.js
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\lsdb.js
      c:\users\eigenaar\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\manifest.json
      c:\users\eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences
      c:\users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\23s2rroq.default\extensions\[email protected] et
      c:\users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\23s2rroq.default\extensions\[email protected] et\bootstrap.js
      c:\users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\23s2rroq.default\extensions\[email protected] et\chrome.manifest
      c:\users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\23s2rroq.default\extensions\[email protected] et\content\bg.js
      c:\users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\23s2rroq.default\extensions\[email protected] et\install.rdf
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\background.html
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\content.js
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\lsdb.js
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\manifest.json
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\Px7DiJOYF.js
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\background.html
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\content.js
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\EZ.js
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\lsdb.js
      c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\manifest.json
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\background.html
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\content.js
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\lsdb.js
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\manifest.json
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\Px7DiJOYF.js
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\background.html
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\content.js
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\EZ.js
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\lsdb.js
      c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\manifest.json
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\background.html
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\content.js
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\lsdb.js
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\manifest.json
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\Px7DiJOYF.js
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\background.html
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\content.js
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\EZ.js
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\lsdb.js
      c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\manifest.json
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\background.html
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\content.js
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\lsdb.js
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\manifest.json
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\Px7DiJOYF.js
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\background.html
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\content.js
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\EZ.js
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\lsdb.js
      c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\manifest.json
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\background.html
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\content.js
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\lsdb.js
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\manifest.json
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\Px7DiJOYF.js
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\background.html
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\content.js
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\EZ.js
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\lsdb.js
      c:\users\Roel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\manifest.json
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\background.html
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\content.js
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\lsdb.js
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\manifest.json
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\107\Px7DiJOYF.js
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\background.html
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\content.js
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\EZ.js
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\lsdb.js
      c:\users\Roel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbmpmegjpjkcakdlehcpgbnhdeophpme\3.7\manifest.json
      c:\users\Roel\AppData\Local\Google\Chrome\User Data\Default\Preferences
      c:\windows\IsUn0411.exe
      .
      .
      (((((((((((((((((((( Bestanden Gemaakt van 2015-03-27 to 2015-04-27 ))))))))))))))))))))))))))))))
      .
      .
      2015-04-25 11:28 . 2015-04-25 11:30 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
      2015-04-25 11:27 . 2015-04-25 11:27 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
      2015-04-25 11:27 . 2015-04-14 07:37 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
      2015-04-25 11:27 . 2015-04-14 07:37 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
      2015-04-25 11:27 . 2015-04-14 07:37 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
      2015-04-25 11:14 . 2015-04-25 11:14 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2015-04-24 22:58 . 2015-04-24 22:58 -------- d-----w- c:\users\Roel\AppData\Local\Mozilla
      2015-04-18 19:11 . 2015-04-18 19:11 -------- d-----w- c:\program files\Microsoft Silverlight
      2015-04-18 19:11 . 2015-04-18 19:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
      2015-04-15 11:12 . 2015-03-17 05:19 1727904 ----a-w- c:\windows\system32\ntdll.dll
      2015-04-13 21:52 . 2015-04-23 12:34 -------- d-----w- c:\users\Roel\AppData\Roaming\Audacity
      2015-04-04 14:44 . 2015-04-04 14:44 -------- d-----w- c:\program files (x86)\Free WAV to MP3 Converter
      2015-04-04 13:51 . 2015-04-04 13:51 -------- d-s---w- c:\windows\SysWow64\GWX
      2015-04-04 13:51 . 2015-04-04 13:51 -------- d-s---w- c:\windows\system32\GWX
      2015-04-03 17:26 . 2015-04-07 13:16 -------- dc----w- c:\users\eigenaar\AppData\Local\MigWiz
      .
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2015-04-18 16:56 . 2013-06-11 16:14 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
      2015-04-15 16:24 . 2012-11-06 16:46 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2015-04-15 16:24 . 2012-11-06 16:46 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2015-04-13 15:09 . 2015-02-26 13:21 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
      2015-04-07 13:53 . 2013-06-11 16:14 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
      2015-03-17 04:56 . 2015-04-15 11:12 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2015-03-01 19:25 . 2015-03-01 19:25 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
      2015-02-26 03:25 . 2015-03-11 21:27 3204096 ----a-w- c:\windows\system32\win32k.sys
      2015-02-20 04:41 . 2015-03-11 21:28 41984 ----a-w- c:\windows\system32\lpk.dll
      2015-02-20 04:40 . 2015-03-11 21:28 100864 ----a-w- c:\windows\system32\fontsub.dll
      2015-02-20 04:40 . 2015-03-11 21:28 14336 ----a-w- c:\windows\system32\dciman32.dll
      2015-02-20 04:40 . 2015-03-11 21:28 46080 ----a-w- c:\windows\system32\atmlib.dll
      2015-02-20 04:13 . 2015-03-11 21:28 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
      2015-02-20 04:13 . 2015-03-11 21:28 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
      2015-02-20 04:13 . 2015-03-11 21:28 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
      2015-02-20 04:12 . 2015-03-11 21:28 25600 ----a-w- c:\windows\SysWow64\lpk.dll
      2015-02-20 03:29 . 2015-03-11 21:28 372224 ----a-w- c:\windows\system32\atmfd.dll
      2015-02-20 03:09 . 2015-03-11 21:28 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
      2015-02-13 05:22 . 2015-03-11 21:27 14177280 ----a-w- c:\windows\system32\shell32.dll
      2015-02-04 10:23 . 2015-02-04 10:23 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
      2015-02-04 10:13 . 2015-02-04 10:13 869536 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
      2015-02-04 03:16 . 2015-03-11 21:27 465920 ----a-w- c:\windows\system32\WMPhoto.dll
      2015-02-04 02:54 . 2015-03-11 21:27 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
      2015-02-03 03:34 . 2015-03-11 21:27 693176 ----a-w- c:\windows\system32\winload.efi
      2015-02-03 03:34 . 2015-03-11 21:27 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
      2015-02-03 03:33 . 2015-03-11 21:27 616360 ----a-w- c:\windows\system32\winresume.efi
      2015-02-03 03:31 . 2015-03-11 21:27 14632960 ----a-w- c:\windows\system32\wmp.dll
      2015-02-03 03:31 . 2015-03-11 21:27 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
      2015-02-03 03:31 . 2015-03-11 21:27 229376 ----a-w- c:\windows\system32\wintrust.dll
      2015-02-03 03:31 . 2015-03-11 21:27 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
      2015-02-03 03:31 . 2015-03-11 21:27 215552 ----a-w- c:\windows\system32\ubpm.dll
      2015-02-03 03:31 . 2015-03-11 21:27 5120 ----a-w- c:\windows\system32\msdxm.ocx
      2015-02-03 03:31 . 2015-03-11 21:27 5120 ----a-w- c:\windows\system32\dxmasf.dll
      2015-02-03 03:31 . 2015-03-11 21:27 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
      2015-02-03 03:31 . 2015-03-11 21:27 1574400 ----a-w- c:\windows\system32\quartz.dll
      2015-02-03 03:31 . 2015-03-11 21:27 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
      2015-02-03 03:31 . 2015-03-11 21:27 371712 ----a-w- c:\windows\system32\qdvd.dll
      2015-02-03 03:31 . 2015-03-11 21:27 188416 ----a-w- c:\windows\system32\pcasvc.dll
      2015-02-03 03:31 . 2015-03-11 21:27 37376 ----a-w- c:\windows\system32\pcadm.dll
      2015-02-03 03:31 . 2015-03-11 21:27 9728 ----a-w- c:\windows\system32\spwmp.dll
      2015-02-03 03:31 . 2015-03-11 21:27 641024 ----a-w- c:\windows\system32\msscp.dll
      2015-02-03 03:31 . 2015-03-11 21:27 325632 ----a-w- c:\windows\system32\msnetobj.dll
      2015-02-03 03:31 . 2015-03-11 21:27 11264 ----a-w- c:\windows\system32\msmmsp.dll
      2015-02-03 03:31 . 2015-03-11 21:27 432128 ----a-w- c:\windows\system32\mfplat.dll
      2015-02-03 03:31 . 2015-03-11 21:27 4121600 ----a-w- c:\windows\system32\mf.dll
      2015-02-03 03:31 . 2015-03-11 21:27 206848 ----a-w- c:\windows\system32\mfps.dll
      2015-02-03 03:30 . 2015-03-11 21:27 631808 ----a-w- c:\windows\system32\evr.dll
      2015-02-03 03:30 . 2015-03-11 21:27 284672 ----a-w- c:\windows\system32\EncDump.dll
      2015-02-03 03:30 . 2015-03-11 21:27 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
      2015-02-03 03:30 . 2015-03-11 21:27 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
      2015-02-03 03:30 . 2015-03-11 21:27 1480192 ----a-w- c:\windows\system32\crypt32.dll
      2015-02-03 03:30 . 2015-03-11 21:27 1069056 ----a-w- c:\windows\system32\cryptui.dll
      2015-02-03 03:30 . 2015-03-11 21:27 82432 ----a-w- c:\windows\system32\cryptsp.dll
      2015-02-03 03:30 . 2015-03-11 21:27 187904 ----a-w- c:\windows\system32\cryptsvc.dll
      2015-02-03 03:30 . 2015-03-11 21:27 140288 ----a-w- c:\windows\system32\cryptnet.dll
      2015-02-03 03:30 . 2015-03-11 21:27 842240 ----a-w- c:\windows\system32\blackbox.dll
      2015-02-03 03:30 . 2015-03-11 21:27 680960 ----a-w- c:\windows\system32\audiosrv.dll
      2015-02-03 03:30 . 2015-03-11 21:27 440832 ----a-w- c:\windows\system32\AudioEng.dll
      2015-02-03 03:30 . 2015-03-11 21:27 296448 ----a-w- c:\windows\system32\AudioSes.dll
      2015-02-03 03:30 . 2015-03-11 21:27 32256 ----a-w- c:\windows\system32\appidsvc.dll
      2015-02-03 03:30 . 2015-03-11 21:27 58880 ----a-w- c:\windows\system32\appidapi.dll
      2015-02-03 03:30 . 2015-03-11 21:27 55808 ----a-w- c:\windows\system32\rrinstaller.exe
      2015-02-03 03:30 . 2015-03-11 21:27 9728 ----a-w- c:\windows\system32\pcalua.exe
      2015-02-03 03:30 . 2015-03-11 21:27 11264 ----a-w- c:\windows\system32\pcawrk.exe
      2015-02-03 03:30 . 2015-03-11 21:27 24576 ----a-w- c:\windows\system32\mfpmp.exe
      2015-02-03 03:30 . 2015-03-11 21:27 126464 ----a-w- c:\windows\system32\audiodg.exe
      2015-02-03 03:30 . 2015-03-11 21:27 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
      2015-02-03 03:30 . 2015-03-11 21:27 146944 ----a-w- c:\windows\system32\appidpolicyconverter.exe
      2015-02-03 03:30 . 2015-03-11 21:27 12625920 ----a-w- c:\windows\system32\wmploc.DLL
      2015-02-03 03:29 . 2015-03-11 21:27 8704 ----a-w- c:\windows\system32\pcaevts.dll
      2015-02-03 03:28 . 2015-03-11 21:27 2048 ----a-w- c:\windows\system32\mferror.dll
      2015-02-03 03:19 . 2015-03-11 21:27 663552 ----a-w- c:\windows\system32\drivers\PEAuth.sys
      2015-02-03 03:12 . 2015-03-11 21:27 617984 ----a-w- c:\windows\SysWow64\wmdrmsdk.dll
      2015-02-03 03:12 . 2015-03-11 21:27 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
      2015-02-03 03:12 . 2015-03-11 21:27 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
      2015-02-03 03:12 . 2015-03-11 21:27 171520 ----a-w- c:\windows\SysWow64\ubpm.dll
      2015-02-03 03:12 . 2015-03-11 21:27 4096 ----a-w- c:\windows\SysWow64\msdxm.ocx
      2015-02-03 03:12 . 2015-03-11 21:27 4096 ----a-w- c:\windows\SysWow64\dxmasf.dll
      2015-02-03 03:12 . 2015-03-11 21:27 1329664 ----a-w- c:\windows\SysWow64\quartz.dll
      2015-02-03 03:12 . 2015-03-11 21:27 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
      2015-02-03 03:12 . 2015-03-11 21:27 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
      2015-02-03 03:12 . 2015-03-11 21:27 8192 ----a-w- c:\windows\SysWow64\spwmp.dll
      2015-02-03 03:12 . 2015-03-11 21:27 504320 ----a-w- c:\windows\SysWow64\msscp.dll
      2015-02-03 03:12 . 2015-03-11 21:27 265216 ----a-w- c:\windows\SysWow64\msnetobj.dll
      2015-02-03 03:12 . 2015-03-11 21:27 3209728 ----a-w- c:\windows\SysWow64\mf.dll
      2015-02-03 03:12 . 2015-03-11 21:27 354816 ----a-w- c:\windows\SysWow64\mfplat.dll
      2015-02-03 03:12 . 2015-03-11 21:27 103424 ----a-w- c:\windows\SysWow64\mfps.dll
      2015-02-03 03:12 . 2015-03-11 21:27 489984 ----a-w- c:\windows\SysWow64\evr.dll
      2015-02-03 03:12 . 2015-03-11 21:27 988160 ----a-w- c:\windows\SysWow64\drmv2clt.dll
      2015-02-03 03:12 . 2015-03-11 21:27 406016 ----a-w- c:\windows\SysWow64\drmmgrtn.dll
      2015-02-03 03:12 . 2015-03-11 21:27 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
      2015-02-03 03:12 . 2015-03-11 21:27 81408 ----a-w- c:\windows\SysWow64\cryptsp.dll
      2015-02-03 03:12 . 2015-03-11 21:27 1005056 ----a-w- c:\windows\SysWow64\cryptui.dll
      2015-02-03 03:12 . 2015-03-11 21:27 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
      2015-02-03 03:12 . 2015-03-11 21:27 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
      2015-02-03 03:12 . 2015-03-11 21:27 744960 ----a-w- c:\windows\SysWow64\blackbox.dll
      2015-02-03 03:12 . 2015-03-11 21:27 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
      2015-02-03 03:12 . 2015-03-11 21:27 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
      2015-02-03 03:12 . 2015-03-11 21:27 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
      2015-02-03 03:11 . 2015-03-11 21:27 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive1]
      @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
      [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
      2013-08-13 16:13 222832 ----a-w- c:\users\eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive2]
      @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
      [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
      2013-08-13 16:13 222832 ----a-w- c:\users\eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive3]
      @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
      [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
      2013-08-13 16:13 222832 ----a-w- c:\users\eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\SkyDriveShell.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
      "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-08-04 39408]
      "Spotify Web Helper"="c:\users\eigenaar\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-04-09 2018360]
      "Spotify"="c:\users\eigenaar\AppData\Roaming\Spotify\Spotify.exe" [2015-04-09 7112248]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-12-17 2489456]
      "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 98304]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-02-13 60712]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "EnableSecureUIAPath"= 1 (0x1)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
      "LoadAppInit_DLLs"=1 (0x1)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "aux1"=wdmaud.drv
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
      .
      R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
      R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
      R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
      R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
      R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
      R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\ drivers\mwac.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
      R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
      S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
      S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
      S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
      S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
      S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS \avgidsdrivera.sys [x]
      S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
      S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
      S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
      S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
      S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.s ys [x]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
      S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
      .
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2015-04-17 21:48 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
      .
      Inhoud van de 'Gedeelde Taken' map
      .
      2015-04-26 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-06 16:24]
      .
      2015-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 19:31]
      .
      2015-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 19:31]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
      @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
      [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
      2013-08-13 16:13 261744 ----a-w- c:\users\eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
      @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
      [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
      2013-08-13 16:13 261744 ----a-w- c:\users\eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
      @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
      [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
      2013-08-13 16:13 261744 ----a-w- c:\users\eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64\SkyDriveShell64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 169768]
      .
      ------- Bijkomende Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://www.google.nl/
      mLocal Page = c:\windows\SysWOW64\blank.htm
      TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
      FF - ProfilePath - c:\users\eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\23s2rroq.default\
      .
      - - - - ORPHANS VERWIJDERD - - - -
      .
      c:\users\eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download The Shamen - 1990 - En-Tact Torrent - KickassTorrents.lnk - c:\programdata\{a8157d0a-2298-01a6-a815-57d0a229f428}\Download The Shamen - 1990 - En-Tact Torrent - KickassTorrents.exe --startup=1
      c:\users\eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download The Shamen En Tact (1990) @flac Torrent - KickassTorrents (1).lnk - c:\programdata\{6a9ae066-6ce1-81ab-6a9a-ae0666ce8199}\Download The Shamen En Tact (1990) @flac Torrent - KickassTorrents (1).exe --startup=1
      c:\users\eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The Black Dog Warp - 1995 - Spanners mp3 [email protected] by idaten.lnk - c:\programdata\{778c7049-611f-4590-778c-c7049611c125}\The Black Dog Warp - 1995 - Spanners mp3 [email protected] by idaten.exe --startup=1
      HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
      .
      .
      .
      --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
      .
      [HKEY_USERS\S-1-5-21-2411744380-2957005395-3141800515-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="WindowsLiveMail.Email.1"
      .
      [HKEY_USERS\S-1-5-21-2411744380-2957005395-3141800515-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
      @Denied: (2) (LocalSystem)
      "Progid"="WindowsLiveMail.VCard.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker6"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.17"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker6"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
      "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
      00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Voltooingstijd: 2015-04-27 21:12:18
      ComboFix-quarantined-files.txt 2015-04-27 19:12
      .
      Pre-Run: 135.268.339.712 bytes beschikbaar
      Post-Run: 134.973.591.552 bytes beschikbaar
      .
      - - End Of File - - 738E74A932EDE305E1888ACF4CE11671
      A36C5E4F47E84449FF07ED3517B43A31

      Comment


      • #4
        E-Peek geinstalleerd maar werkt niet. Krijg de melding: een apparaat dat op het systeem is aangesloten werkt niet.

        Comment


        • #5
          Download AppCheck.zip naar je bureaublad en unzip het.
          Rechtsklik op NetCheck.exe en voer uit als admin.
          Post de log.
          Last edited by Emphyrio; 27-04-15, 21:04.
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            ma 27 apr 2015 22:39
            Microsoft Windows NT 6.1.7601 Service Pack 1 User has admin rights.
            ******************************************
            .Net versions detection
            ******************************************
            v2.0.50727 2.0.50727.5420 SP2
            v3.0 3.0.30729.5420 SP2
            v3.5 3.5.30729.5420 SP1
            v4
            Client 4.5.50938
            Full 4.5.50938
            v4.0
            Client 4.0.0.0
            ******************************************
            SQL CE Version detection
            ******************************************
            SQL Server CE is not present
            SQL Server CE x86 is ok

            v3.5 = 3.5.8080.0 SP = 2
            SQL Server CE x64 is ok

            ******************************************
            E Dev detection
            ******************************************
            E Dev folder is not present

            Comment


            • #7
              Je hebt de installatie van E-Peek niet goed doorlopen.
              Installeer E-Peek terug.

              Op het einde van de installatie zal E-Peek automatisch opstarten.


              Last edited by Emphyrio; 27-04-15, 21:44.
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                Krijg weer hetzelfde na deinstalleren en opnieuw installeren.

                ma 27 apr 2015 22:55
                Microsoft Windows NT 6.1.7601 Service Pack 1 User has admin rights.
                ******************************************
                .Net versions detection
                ******************************************
                v2.0.50727 2.0.50727.5420 SP2
                v3.0 3.0.30729.5420 SP2
                v3.5 3.5.30729.5420 SP1
                v4
                Client 4.5.50938
                Full 4.5.50938
                v4.0
                Client 4.0.0.0
                ******************************************
                SQL CE Version detection
                ******************************************
                SQL Server CE is not present
                SQL Server CE x86 is ok

                v3.5 = 3.5.8080.0 SP = 2
                SQL Server CE x64 is ok

                ******************************************
                E Dev detection
                ******************************************
                E Dev folder is not present

                Comment


                • #9
                  Wanneer juist krijg je die melding?
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    die komt meteen als ik hem uitvoer met admin. het log verschijnt tegelijk met het venster van software solutions waarin staat:

                    Microsoft Windows NT 6.1.7601 Service Pack 1
                    You got admin rights

                    Checking Net version ... >> Net version is ok
                    Checking for SQL CE .... >> Check is ok
                    Check is ok
                    Checking for E Dev ....... >> E Dev folder does not exist. check is ok

                    All is ok. Go Ahead

                    Comment


                    • #11
                      Ik had het over E-Peek, niet de AppCheck

                      Zie mijn eerdere post (even aandachtig lezen aub).
                      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                      Comment


                      • #12
                        Weet niet of het normaal is maar hij is al een half uur aan het scannen. Voordat de scan begon gaf ie een korte foutmelding en toen ben ik gewoon doorgegaan met scan.

                        Comment


                        • #13
                          Staat je antivirus uit?

                          Bedoel je E-Peek scannen of het installeren?
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            E-Peek scannen bedoel ik. Issie nog steeds mee bezig.

                            MBAM licentie was verlopen maar heb afgelopen dagen toch scan uit kunnen voeren en log geplaatst hierboven. Net bij instellingen notificaties maar even uitgevinkt.

                            Comment


                            • #15
                              Oorspronkelijk geplaatst door opgezwolle Bekijk Berichten
                              MBAM licentie was verlopen maar heb afgelopen dagen toch scan uit kunnen voeren en log geplaatst hierboven. Net bij instellingen notificaties maar even uitgevinkt.
                              MBAM kan je ook gratis installeren.
                              De log die je plaatste was trouwens niet de scan log maar de systeem log van MBAM.



                              Oorspronkelijk geplaatst door Emphyrio Bekijk Berichten
                              Staat je antivirus uit?
                              ...
                              Last edited by Emphyrio; 27-04-15, 23:39.
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X