een HijackThis-logje ter analyse.

Status
Niet open voor verdere reacties.
N

Nickkenny

hieronder een HijackThis-logje ter analyse. computer werkt trager.

Bedankt.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:15:30, on 27/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\eigenaar\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Object moved
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Object moved
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Object moved
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Object moved
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Object moved
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\vsocklib.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [PAC] Automatic Proxy Configuration
O15 - Trusted Zone: http://download.windowsupdate.microsoft.
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10107 bytes
 
Download LSPFix naar het bureaublad.
1. Start het programma als Administrator (via je rechter muisknop)
2. Selecteer "I know what I'am doing"
3. Zorg dat in het rechtse venster (remove venster) alle verwijzingen staan van: c:\windows\system32\vsocklib.dll
(Let op enkel deze mogen in het remove-venster staan, geen anderen!!!)
4. Klik op "Finish"
5. Herstart de pc.


Download
51a5f31352b88-icon_MBAR.png
Malwarebytes Anti-Rootkit naar het bureaublad.
Klik hier voor de complete handleiding.
  • Pak het ZIP bestand uit en dubbelklik hierna op "mbar.exe" om de tool te starten.
  • Let op! Malwarebytes Anti-Rootkit dient onder een account met administrator rechten te worden uitgevoerd.
  • Klik in het introductiescherm op "next" om door te gaan.
  • Klik in het volgende scherm op Update om Malwarebytes Anti-Rootkit van de laatste definities te voorzien.
  • Klik als de update gereed is op "Next" en klik hierna op "Scan".
  • Als de scan gereed is en er geen malware is gedetecteerd klik dan op "Exit"
  • Indien er malware wordt gedetecteerd zorg dat de items zijn aangevinkt en klik op "Cleanup" en herstart de computer.
  • Open na de herstart de map van MBAR en plaats de twee onderstaande log bestanden als bijlage in het volgende bericht
  • "mbar-log-{datum} (xx-xx-xx).txt" & "system-log.txt"
 
Er is niets gevonden met Malwarebytes Anti Rootkit

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 8497827840, free: 6406914048
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.294000 GHz
Memory total: 8497827840, free: 6372253696
Downloaded database version: v2014.01.27.09
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
01/27/2014 23:04:11
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ehdrv.sys
C:\Program Files\ESET\ESET NOD32 Antivirus\em006_64.dat
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Ext2Fsd.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\eamonm.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\epfwwfpr.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\psi_mf_amd64.sys
\??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\shell32.dll
\Windows\System32\normaliz.dll
\Windows\System32\difxapi.dll
\Windows\System32\lpk.dll
\Windows\System32\wininet.dll
\Windows\System32\urlmon.dll
\Windows\System32\sechost.dll
\Windows\System32\imm32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\psapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\user32.dll
\Windows\System32\kernel32.dll
\Windows\System32\ole32.dll
\Windows\System32\iertutil.dll
\Windows\System32\oleaut32.dll
\Windows\System32\setupapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\usp10.dll
\Windows\System32\msctf.dll
\Windows\System32\ws2_32.dll
\Windows\System32\wintrust.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\comctl32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\crypt32.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800819f060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xfffffa8007ea2680
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800819e060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa8007e95680
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800819e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800819eb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800819e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007e99520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007e95680, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 223CF753
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 488384512
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 488386560 Numsec = 488384512
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800819f060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800819fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800819f060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007ea6520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007ea2680, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: BBC58B91
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 976766976
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
<<<2>>>
<<<3>>>
Volume: D:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished
 
Goed, die tool mag je alvast terug verwijderen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.
 
Ccleaner heb ik al ,maar als ik een nieuwe versie wil downloden krijg ik de melding

bedreiging : win32/ Bunled. Toolbar. Google.D potentieel onveilige toepassing.
 
Download
51a5f5d096dae-icon_RSIT.png
RSIT van de onderstaande locaties en sla deze op het bureablad op.
Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.
 
Logfile of random's system information tool 1.09 (written by random/random)
Run by eigenaar at 2014-01-28 21:15:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 179 GB (75%) free of 238 GB
Total RAM: 8104 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:15:34, on 28/01/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\eigenaar.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Object moved
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Object moved
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Object moved
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Object moved
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Object moved
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\avira\antivir desktop\avsda.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [PAC] Automatic Proxy Configuration
O15 - Trusted Zone: http://download.windowsupdate.microsoft.
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10045 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"taskhost.exe"
taskeng.exe {51BEB3DD-465C-4245-AD3B-3E95CF45B6D0}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
WLIDSvcM.exe 2228
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe" /TUStart /pid:2168
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
ATKOSD.exe
WDC.exe
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:7008 CREDAT:145411
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:2584 CREDAT:79876
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:7008 CREDAT:210946
"C:\Users\eigenaar\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2918656]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-12-13 2587944]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-07 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"LockTaskbar"=0
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe]
"Debugger=""C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux9"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-01-28 21:15:31 ----D---- C:\rsit
2014-01-28 21:15:31 ----D---- C:\Program Files\trend micro
2014-01-28 16:41:07 ----D---- C:\Program Files (x86)\package
2014-01-28 16:41:06 ----A---- C:\Program Files (x86)\SteamTmp.exe
2014-01-27 23:04:11 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-27 23:04:10 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-01-27 23:02:27 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-01-24 19:13:07 ----D---- C:\Program Files\iPod
2014-01-24 19:13:06 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 19:13:06 ----D---- C:\Program Files\iTunes
2014-01-24 19:13:06 ----D---- C:\Program Files (x86)\iTunes
2014-01-20 19:06:55 ----D---- C:\Windows\pss
2014-01-20 17:29:43 ----D---- C:\Program Files (x86)\QuickTime
2014-01-20 17:25:20 ----D---- C:\Program Files (x86)\Secunia
2014-01-20 16:53:01 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-01-20 16:52:59 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-20 16:52:59 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-01-20 16:52:59 ----A---- C:\Windows\SYSWOW64\java.exe
2014-01-19 21:18:01 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-19 21:18:01 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-19 21:18:01 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-19 21:18:01 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-19 21:18:01 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-19 21:18:01 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-19 21:18:01 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-19 21:17:53 ----A---- C:\Windows\system32\win32k.sys
2014-01-19 21:17:52 ----A---- C:\Windows\system32\drivers\netio.sys
2014-01-06 20:23:36 ----A---- C:\Windows\SYSWOW64\GPhotos.scr
2014-01-05 14:21:36 ----D---- C:\Program Files (x86)\yaDIS
2013-12-30 22:58:13 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-30 22:58:12 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-30 22:58:11 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-30 22:58:09 ----A---- C:\Windows\system32\wmp.dll
2013-12-30 22:55:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-30 22:55:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-30 22:55:47 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-30 22:55:47 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-30 22:55:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-30 22:55:46 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-30 22:55:46 ----A---- C:\Windows\system32\wininet.dll
2013-12-30 22:55:46 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-30 22:55:46 ----A---- C:\Windows\system32\ieui.dll
2013-12-30 22:55:45 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-30 22:55:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-30 22:55:45 ----A---- C:\Windows\system32\url.dll
2013-12-30 22:55:45 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-30 22:55:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-30 22:55:44 ----A---- C:\Windows\system32\urlmon.dll
2013-12-30 22:55:44 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-30 22:55:43 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-30 22:55:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-30 22:55:43 ----A---- C:\Windows\system32\jscript9.dll
2013-12-30 22:55:43 ----A---- C:\Windows\system32\iertutil.dll
2013-12-30 22:55:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-30 22:55:42 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-30 22:55:42 ----A---- C:\Windows\system32\vbscript.dll
2013-12-30 22:55:42 ----A---- C:\Windows\system32\jscript.dll
2013-12-30 22:55:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-30 22:55:39 ----A---- C:\Windows\system32\mshtml.dll
2013-12-30 22:55:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-30 22:55:37 ----A---- C:\Windows\system32\ieframe.dll
2013-12-30 22:52:27 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-30 22:52:27 ----A---- C:\Windows\system32\tzres.dll
2013-12-30 22:52:24 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-30 22:52:24 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-30 22:52:24 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-30 22:52:24 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-30 22:52:23 ----A---- C:\Windows\system32\msieftp.dll
2013-12-30 22:52:22 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-30 22:52:19 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-30 22:52:19 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-30 22:51:24 ----A---- C:\Windows\system32\cscript.exe
2013-12-30 22:51:23 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-30 22:51:23 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-30 22:51:23 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-30 22:51:23 ----A---- C:\Windows\system32\wscript.exe
2013-12-30 22:51:23 ----A---- C:\Windows\system32\scrrun.dll
======List of files/folders modified in the last 1 month======
2014-01-28 21:15:34 ----D---- C:\Windows\Prefetch
2014-01-28 21:15:32 ----D---- C:\Windows\Temp
2014-01-28 21:15:31 ----RD---- C:\Program Files
2014-01-28 19:27:48 ----D---- C:\Windows\system32\config
2014-01-28 19:15:44 ----SHD---- C:\System Volume Information
2014-01-28 16:41:11 ----RD---- C:\Program Files (x86)
2014-01-28 16:41:06 ----D---- C:\Program Files (x86)\logs
2014-01-28 16:41:06 ----A---- C:\Program Files (x86)\Steam.exe
2014-01-28 16:41:06 ----A---- C:\Program Files (x86)\crashhandler.dll
2014-01-28 15:55:44 ----D---- C:\Windows\inf
2014-01-28 15:55:18 ----D---- C:\Windows
2014-01-27 23:29:26 ----D---- C:\Users\eigenaar\AppData\Roaming\uTorrent
2014-01-27 23:04:11 ----HD---- C:\ProgramData
2014-01-27 23:04:10 ----D---- C:\Windows\system32\drivers
2014-01-25 16:56:02 ----AD---- C:\ProgramData\Temp
2014-01-25 16:55:52 ----D---- C:\Program Files (x86)\SpywareBlaster
2014-01-25 16:49:04 ----D---- C:\AdwCleaner
2014-01-24 19:21:08 ----D---- C:\Windows\winsxs
2014-01-24 19:13:59 ----SHD---- C:\Windows\Installer
2014-01-24 19:13:40 ----D---- C:\Windows\SysWOW64
2014-01-24 19:13:39 ----D---- C:\Windows\System32
2014-01-24 19:10:19 ----D---- C:\ProgramData\Apple
2014-01-23 22:43:17 ----D---- C:\Windows\debug
2014-01-22 22:05:58 ----D---- C:\Windows\system32\Tasks
2014-01-20 17:32:04 ----D---- C:\Windows\system32\DriverStore
2014-01-20 17:32:04 ----D---- C:\Windows\system32\catroot
2014-01-20 17:21:42 ----D---- C:\ProgramData\Oracle
2014-01-20 16:52:59 ----D---- C:\Program Files (x86)\Java
2014-01-19 21:21:26 ----D---- C:\ProgramData\Microsoft Help
2014-01-19 21:20:30 ----D---- C:\Windows\system32\MRT
2014-01-19 21:18:30 ----A---- C:\Windows\system32\MRT.exe
2014-01-19 21:17:04 ----D---- C:\Windows\system32\catroot2
2014-01-19 12:48:58 ----D---- C:\Users\eigenaar\AppData\Roaming\Skype
2014-01-18 23:18:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-01-13 17:52:33 ----D---- C:\Users\eigenaar\AppData\Roaming\vlc
2014-01-13 17:51:23 ----D---- C:\Users\eigenaar\AppData\Roaming\dvdcss
2014-01-06 21:55:40 ----D---- C:\Users\eigenaar\AppData\Roaming\Vso
2014-01-02 15:35:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-31 23:10:51 ----D---- C:\Windows\rescache
2013-12-30 23:07:54 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-12-30 23:07:54 ----D---- C:\Windows\SYSWOW64\migration
2013-12-30 23:07:54 ----D---- C:\Windows\system32\nl-NL
2013-12-30 23:07:54 ----D---- C:\Windows\system32\migration
2013-12-30 23:07:54 ----D---- C:\Program Files\Windows Media Player
2013-12-30 23:07:54 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-30 23:07:54 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-30 23:07:53 ----D---- C:\Program Files\Internet Explorer
2013-12-30 22:47:48 ----D---- C:\Windows\SYSWOW64\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-04-08 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-01-17 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 Ext2Fsd;Linux ext2 file system driver; C:\Windows\system32\drivers\Ext2Fsd.sys [2011-07-09 769816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-08 2795880]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-25 2426672]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-12-06 18456]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-31 11856]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver; C:\Windows\system32\DRIVERS\FLxHCIc.sys [2010-06-27 206848]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2010-07-12 72648]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 LADF_DHP2;G35 DHP2 Filter Driver; C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys [2010-09-29 62168]
S3 LADF_SBVM;G35 SBVM Filter Driver; C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys [2010-09-29 377176]
S3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-01-07 43336]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-14 884512]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2010-04-06 244904]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-06 662232]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-11-07 2072896]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-13 136176]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-04-08 1260320]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18 257928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 42360]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-13 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-11 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
-----------------EOF-----------------
 
Download
51a5bf3d99e8a-ComboFixlogo16.png
ComboFix van één van de onderstaande locaties naar het bureaublad.
Bleeping Computer
Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe
  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  • Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.
  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.
 
ComboFix 14-01-27.02 - eigenaar 28/01/2014 21:33:50.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8104.6298 [GMT 1:00]
Gestart vanuit: c:\users\eigenaar\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\data
c:\program files (x86)\Unwise32.exe
c:\users\eigenaar\AppData\Roaming\vso_ts_preview.xml
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-12-28 to 2014-01-28 ))))))))))))))))))))))))))))))
.
.
2014-01-28 20:15 . 2014-01-28 20:15 -------- d-----w- C:\rsit
2014-01-28 20:15 . 2014-01-28 20:15 -------- d-----w- c:\program files\trend micro
2014-01-28 15:41 . 2014-01-28 15:41 -------- d-----w- c:\program files (x86)\package
2014-01-28 15:41 . 2014-01-28 15:41 1354736 ----a-w- c:\program files (x86)\SteamTmp.exe
2014-01-27 22:04 . 2014-01-27 22:19 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-27 22:04 . 2014-01-27 22:04 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-27 22:02 . 2014-01-27 22:02 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-01-24 18:13 . 2014-01-24 18:13 -------- d-----w- c:\program files\iPod
2014-01-24 18:13 . 2014-01-24 18:13 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-24 18:13 . 2014-01-24 18:13 -------- d-----w- c:\program files\iTunes
2014-01-24 18:13 . 2014-01-24 18:13 -------- d-----w- c:\program files (x86)\iTunes
2014-01-20 16:30 . 2014-01-20 16:30 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2014-01-20 16:30 . 2014-01-20 16:30 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2014-01-20 16:30 . 2014-01-20 16:30 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2014-01-20 16:30 . 2014-01-20 16:30 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2014-01-20 16:30 . 2014-01-20 16:30 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2014-01-20 16:29 . 2014-01-20 16:30 -------- d-----w- c:\program files (x86)\QuickTime
2014-01-20 16:25 . 2014-01-20 16:25 -------- d-----w- c:\program files (x86)\Secunia
2014-01-20 15:52 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-19 20:21 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{61C97E8A-DE35-412C-A873-BF38D03A67D3}\mpengine.dll
2014-01-19 20:18 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-19 20:18 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-19 20:18 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-19 20:18 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-19 20:18 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-19 20:18 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-19 20:18 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-19 20:17 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-19 20:17 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr
2014-01-05 13:21 . 2014-01-05 13:21 -------- d-----w- c:\program files (x86)\yaDIS
2013-12-30 21:58 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-30 21:58 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-30 21:58 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-30 21:58 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-30 21:58 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-30 21:52 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-30 21:52 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-30 21:52 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-30 21:52 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-30 21:52 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-30 21:52 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-30 21:52 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-30 21:52 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-30 21:52 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-30 21:52 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-30 21:51 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-30 21:51 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-30 21:51 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-30 21:51 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-30 21:51 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-30 21:51 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-30 21:51 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-30 21:51 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-30 21:43 . 2013-12-30 21:43 -------- d-----w- c:\users\eigenaar\AppData\Local\Secunia PSI
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-28 15:41 . 2011-08-23 17:08 282536 ----a-w- c:\program files (x86)\crashhandler.dll
2014-01-28 15:41 . 2005-09-01 13:43 1610664 ----a-w- c:\program files (x86)\Steam.exe
2014-01-19 20:18 . 2011-07-11 14:18 86054176 ----a-w- c:\windows\system32\MRT.exe
2014-01-18 22:18 . 2013-04-28 09:28 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-18 22:18 . 2013-04-28 09:28 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-06 14:47 . 2013-12-06 14:47 18456 ----a-w- c:\windows\system32\drivers\psi_mf_amd64.sys
2013-11-26 11:25 . 2011-02-07 06:21 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-07 00:52 . 2013-11-07 00:52 279000 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2013-11-07 00:52 . 2013-11-07 00:52 64000 ----a-w- c:\windows\system32\igfxsrvc.dll
2013-11-07 00:52 . 2013-11-07 00:52 515544 ----a-w- c:\windows\system32\igfxsrvc.exe
2013-11-07 00:52 . 2013-11-07 00:52 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2013-11-07 00:52 . 2013-11-07 00:52 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2013-11-07 00:52 . 2013-11-07 00:52 171992 ----a-w- c:\windows\system32\igfxtray.exe
2013-11-07 00:52 . 2013-11-07 00:52 116224 ----a-w- c:\windows\system32\igfxCoIn_v3347.dll
2013-11-07 00:52 . 2013-11-07 00:52 9007616 ----a-w- c:\windows\system32\igfxress.dll
2013-11-07 00:52 . 2013-11-07 00:52 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2013-11-07 00:52 . 2013-11-07 00:52 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2013-11-07 00:52 . 2013-11-07 00:52 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2013-11-07 00:52 . 2013-11-07 00:52 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2013-11-07 00:52 . 2013-11-07 00:52 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2013-11-07 00:52 . 2013-11-07 00:52 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2013-11-07 00:52 . 2013-11-07 00:52 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2013-11-07 00:52 . 2013-11-07 00:52 384512 ----a-w- c:\windows\system32\igfxpph.dll
2013-11-07 00:52 . 2013-11-07 00:52 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2013-11-07 00:52 . 2013-11-07 00:52 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2013-11-07 00:52 . 2013-11-07 00:52 442880 ----a-w- c:\windows\system32\igfxdev.dll
2013-11-07 00:52 . 2013-11-07 00:52 442328 ----a-w- c:\windows\system32\igfxpers.exe
2013-11-07 00:52 . 2013-11-07 00:52 330752 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2013-11-07 00:52 . 2013-11-07 00:52 28672 ----a-w- c:\windows\system32\igfxexps.dll
2013-11-07 00:52 . 2013-11-07 00:52 254936 ----a-w- c:\windows\system32\igfxext.exe
2013-11-07 00:52 . 2013-11-07 00:52 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2013-11-07 00:52 . 2013-11-07 00:52 142336 ----a-w- c:\windows\system32\igfxdo.dll
2013-11-07 00:52 . 2013-11-07 00:52 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2013-11-07 00:52 . 2013-11-07 00:52 12617216 ----a-w- c:\windows\system32\igdumd64.dll
2013-11-07 00:52 . 2013-11-07 00:52 11049472 ----a-w- c:\windows\SysWow64\igdumd32.dll
2013-11-07 00:52 . 2013-11-07 00:52 5363200 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2013-11-07 00:52 . 2013-11-07 00:52 98304 ----a-w- c:\windows\system32\igdde64.dll
2013-11-07 00:52 . 2013-11-07 00:52 77312 ----a-w- c:\windows\SysWow64\igdde32.dll
2013-11-07 00:52 . 2013-11-07 00:52 12859392 ----a-w- c:\windows\system32\igd10umd64.dll
2013-11-07 00:52 . 2012-03-19 21:11 11176448 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2013-11-07 00:52 . 2013-11-07 00:52 13031424 ----a-w- c:\windows\system32\ig4icd64.dll
2013-11-07 00:52 . 2013-11-07 00:52 5904856 ----a-w- c:\windows\system32\GfxUI.exe
2013-11-07 00:52 . 2013-11-07 00:52 399832 ----a-w- c:\windows\system32\hkcmd.exe
2013-11-07 00:52 . 2013-11-07 00:52 175104 ----a-w- c:\windows\system32\gfxSrvc.dll
2013-11-07 00:52 . 2013-11-07 00:52 110592 ----a-w- c:\windows\system32\hccutils.dll
2013-11-07 00:52 . 2013-11-07 00:52 10812928 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2013-11-07 00:52 . 2013-11-07 00:52 185816 ----a-w- c:\windows\system32\difx64.exe
2013-01-30 14:49 . 2013-01-30 14:49 647168 ----a-w- c:\program files (x86)\sdl.dll
2013-01-30 14:49 . 2011-08-23 17:08 283048 ----a-w- c:\program files (x86)\tier0_s64.dll
2013-01-30 14:49 . 2011-08-23 17:08 252328 ----a-w- c:\program files (x86)\vstdlib_s64.dll
2013-01-30 14:49 . 2011-08-23 17:08 204200 ----a-w- c:\program files (x86)\steamerrorreporter.exe
2013-01-30 14:49 . 2013-01-30 14:49 124416 ----a-w- c:\program files (x86)\avutil-51.dll
2013-01-30 14:49 . 2011-08-23 17:08 8390992 ----a-w- c:\program files (x86)\steamclient64.dll
2013-01-30 14:49 . 2011-08-23 17:08 714152 ----a-w- c:\program files (x86)\GameOverlayRenderer64.dll
2013-01-30 14:49 . 2011-08-23 17:08 71464 ----a-w- c:\program files (x86)\GameOverlayUI.exe
2013-01-30 14:49 . 2012-07-31 14:01 570280 ----a-w- c:\program files (x86)\AppOverlay64.dll
2013-01-30 14:49 . 2012-07-31 14:01 545704 ----a-w- c:\program files (x86)\AppOverlay.dll
2013-01-30 14:49 . 2011-08-23 17:08 608168 ----a-w- c:\program files (x86)\GameOverlayRenderer.dll
2013-01-30 14:49 . 2011-08-23 17:08 214440 ----a-w- c:\program files (x86)\vstdlib_s.dll
2013-01-30 14:49 . 2011-08-23 17:08 7023528 ----a-w- c:\program files (x86)\steamclient.dll
2013-01-30 14:49 . 2011-08-23 17:08 242088 ----a-w- c:\program files (x86)\tier0_s.dll
2013-01-30 14:49 . 2011-08-23 17:08 122864 ----a-w- c:\program files (x86)\CSERHelper.dll
2013-01-30 14:48 . 2011-08-23 17:08 2895424 ----a-w- c:\program files (x86)\Steam.dll
2013-01-30 14:48 . 2011-08-23 17:08 1039192 ----a-w- c:\program files (x86)\dbghelp.dll
2013-01-30 14:48 . 2011-08-23 17:08 8219048 ----a-w- c:\program files (x86)\SteamUI.dll
2013-01-30 14:48 . 2011-08-23 17:08 284456 ----a-w- c:\program files (x86)\WriteMiniDump.exe
2005-09-10 20:45 . 2005-09-10 20:45 111507 ----a-r- c:\program files (x86)\uninstall_css.exe
2005-08-30 23:13 . 2005-08-30 23:13 111574 ----a-r- c:\program files (x86)\uninstall_steam.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"ATKMEDIA"=c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys;c:\windows\SYSNATIVE\DRIVERS\FLxHCIc.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 Ext2Fsd;Linux ext2 file system driver; [x]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/02/07 08:37];c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl;c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
Inhoud van de 'Gedeelde Taken' map
.
2014-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11 22:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.be/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: microsoft.com\update
Trusted Zone: windowsupdate.microsoft.\download
TCP: DhcpNameServer = 195.130.130.5 195.130.131.5
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files (x86)\Cyberlink\PowerDVD9\000.fcl"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-1214992259-975148313-4146878049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1214992259-975148313-4146878049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_38.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Voltooingstijd: 2014-01-28 21:45:45 - machine werd herstart
ComboFix-quarantined-files.txt 2014-01-28 20:45
.
Pre-Run: 187.679.117.312 bytes beschikbaar
Post-Run: 187.127.259.136 bytes beschikbaar
.
- - End Of File - - 3D91CF2DD1325D46CC4DE4D3915DBB2E
A36C5E4F47E84449FF07ED3517B43A31
 
Download
adwcleaner.png
AdwCleaner by Xplode naar het bureaublad.
  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.
 
# AdwCleaner v3.018 - Report created 28/01/2014 at 22:06:24
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : eigenaar - WIN-7
# Running from : C:\Users\eigenaar\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16526

*************************
AdwCleaner[R0].txt - [769 octets] - [22/08/2013 19:21:04]
AdwCleaner[R1].txt - [828 octets] - [22/08/2013 19:22:20]
AdwCleaner[R2].txt - [809 octets] - [23/08/2013 22:20:40]
AdwCleaner[R3].txt - [1051 octets] - [26/08/2013 21:13:08]
AdwCleaner[R4].txt - [1220 octets] - [18/09/2013 19:06:21]
AdwCleaner[R5].txt - [1168 octets] - [28/09/2013 22:19:10]
AdwCleaner[R6].txt - [1531 octets] - [28/10/2013 20:13:59]
AdwCleaner[R7].txt - [1408 octets] - [13/11/2013 19:43:28]
AdwCleaner[R8].txt - [2217 octets] - [25/01/2014 16:48:12]
AdwCleaner[R9].txt - [1037 octets] - [28/01/2014 22:06:24]
AdwCleaner[S0].txt - [898 octets] - [22/08/2013 19:22:41]
AdwCleaner[S1].txt - [869 octets] - [23/08/2013 22:21:49]
AdwCleaner[S2].txt - [1117 octets] - [26/08/2013 21:14:32]
AdwCleaner[S3].txt - [1286 octets] - [18/09/2013 19:07:00]
AdwCleaner[S4].txt - [1230 octets] - [28/09/2013 22:19:49]
AdwCleaner[S5].txt - [1600 octets] - [28/10/2013 20:15:44]
AdwCleaner[S6].txt - [1470 octets] - [13/11/2013 19:44:17]
AdwCleaner[S7].txt - [2241 octets] - [25/01/2014 16:49:03]
########## EOF - C:\AdwCleaner\AdwCleaner[R9].txt - [1575 octets] ##########
 
haha, dat is duidelijk een geliefde tool. ;)

Ga naar de site van de
51a5de408905c-th_EsetLogo.png
ESET Online Scanner
  • Klik op de knop ESET Online Scanner
  • Zet een vinkje bij YES, I accept the Terms of Use
  • Klik op Start
  • Sta het ActiveX control toe om te installeren.
  • Klik op "Advanced settings"
  • Zet een vinkje bij de volgende opties:
    • Remove found threats
    • Scan archives
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Klik op Start
  • De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
  • Je mag het venster sluiten wanneer de scan klaar is.
  • Gebruik Kladblok om het logje te openen. Dit logje vind je op de locatie C:\Program Files\EsetOnlineScanner\log.txt
  • Kopieer en plak de inhoud van dit logje in je volgende bericht.

Gebruik je een andere browser dan IE, dan download je een kleine webinstaller, esetsmartinstaller_enu.exe.
De Eset Online scanner zal vervolgens in een kleiner venster opstarten, je markeert dan eerst de instelling zoals hierboven aangegeven.
Klik daarna op de knop "Start" - vervolgens zal eerst de database worden gedownload en is dat gebeurd, start de scan.
 
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=9d11edaaee5f7a459f09637186f6c913
# engine=16835
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-28 10:57:36
# local_time=2014-01-28 11:57:36 (+0100, Romance (standaardtijd))
# country="Belgium"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 790566 142579706 0 0
# compatibility_mode=8199 16776701 100 76 14427 96110296 0 0
# scanned=176405
# found=0
# cleaned=0
# scan_time=5882
# nod_component=V3 Build:0x30000000
 
Krijg dezelfde foutmelding bij updaten ccleaner
bedreiging : win32/ Bunled. Toolbar. Google.D potentieel onveilige toepassing.
 
Status
Niet open voor verdere reacties.
Terug
Bovenaan Onderaan