Vraag & Antwoord

18 antwoorden

Ik heb de melding niet weer gehad.

OTL logfile created on: 7-7-2013 11:34:44 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

7,98 Gb Total Physical Memory | 6,52 Gb Available Physical Memory | 81,63% Memory free
15,96 Gb Paging File | 14,40 Gb Available in Paging File | 90,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 224,13 Gb Total Space | 107,98 Gb Free Space | 48,18% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 1649,25 Gb Free Space | 88,53% Space Free | Partition Type: NTFS

Computer Name: BERT-PC | User Name: Bert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Anoniem 7 juli 2013 09:40

Ik krijg na het opstarten steeds weer dezelfde melding van MBAM. Hij staat steeds in Users/name/appdata/local/temp/470D.tmp/logitech.exe. Vreemd dat het een logitech bestand is. Iemand hier een oplossing voor?

Anoniem 3 juli 2013 18:27

Een bestandsnaam zegt verder niets. Vaak krijgt malware een naam die vertrouwd klinkt.

Controleer dat bestand eens op https://www.virustotal.com/nl/

Als meerdere programma's dat als malware detecteren moet je het hele systeem eens grondig scannen. Wordt er dan nog niets gevonden door je eigen AV, probeer het dan eens met de Emsisoft Emergency kit

Anoniem 4 juli 2013 09:38

Logitech zet vreemd genoeg bepaalde driverbestanden in de tijdelijke mappen.

Verwijder je die, worden ze ook weer teruggezet.

Maar laten we kijken hoe jouw Windows er bij staat:

[b:7fdda04be5]Welk programma[/b:7fdda04be5]:

Anoniem 5 juli 2013 08:36

OTL Extras logfile created on: 5-7-2013 10:42:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

7,98 Gb Total Physical Memory | 6,71 Gb Available Physical Memory | 84,06% Memory free
15,96 Gb Paging File | 14,16 Gb Available in Paging File | 88,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 224,13 Gb Total Space | 109,03 Gb Free Space | 48,65% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 1649,25 Gb Free Space | 88,53% Space Free | Partition Type: NTFS

Computer Name: BERT-PC | User Name: Bert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Anoniem 5 juli 2013 08:49

OTL logfile created on: 5-7-2013 10:42:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

7,98 Gb Total Physical Memory | 6,71 Gb Available Physical Memory | 84,06% Memory free
15,96 Gb Paging File | 14,16 Gb Available in Paging File | 88,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 224,13 Gb Total Space | 109,03 Gb Free Space | 48,65% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 1649,25 Gb Free Space | 88,53% Space Free | Partition Type: NTFS

Computer Name: BERT-PC | User Name: Bert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Anoniem 5 juli 2013 08:50

Graag de drie logs in één keer posten.

Anoniem 5 juli 2013 09:47

# AdwCleaner v2.304 - Verslag gemaakt op 05/07/2013 om 12:42:26
# Geactualiseerd op 03/07/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Bert - BERT-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Bert\Downloads\adwcleaner.exe
# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

Map Verwijderd : C:\ProgramData\InstallMate
Map Verwijderd : C:\Users\Bert\AppData\Local\Wondershare
Map Verwijderd : C:\Users\Bert\AppData\Roaming\OpenCandy

***** [Register] *****

Sleutel Verwijderd : HKCU\Software\SmartBar
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Waarde Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=NL&userid=ff1b389a-b345-4724-b5b1-a8b019f5a6b0&searchtype=ds&q={searchTerms}&installDate=26/03/2013 –> hxxp://www.google.com
Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=NL&userid=ff1b389a-b345-4724-b5b1-a8b019f5a6b0&searchtype=ds&q={searchTerms}&installDate=26/03/2013 –> hxxp://www.google.com
Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=NL&userid=ff1b389a-b345-4724-b5b1-a8b019f5a6b0&searchtype=ds&q={searchTerms}&installDate=26/03/2013 –> hxxp://www.google.com
Vervangen : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=NL&userid=ff1b389a-b345-4724-b5b1-a8b019f5a6b0&searchtype=ds&q={searchTerms}&installDate=26/03/2013 –> hxxp://www.google.com
Vervangen : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=NL&userid=ff1b389a-b345-4724-b5b1-a8b019f5a6b0&searchtype=ds&q={searchTerms}&installDate=26/03/2013 –> hxxp://www.google.com
Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=NL&userid=ff1b389a-b345-4724-b5b1-a8b019f5a6b0&searchtype=ds&q={searchTerms}&installDate=26/03/2013 –> hxxp://www.google.com

-\\ Google Chrome v27.0.1453.116

File : C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Preferences

Verwijderd [l.3861] : urls_to_restore_on_startup = [ "hxxps://www.google.nl/", [ "hxxp://search.conduit.com/?ctid=C[…]

-\\ Opera v12.15.1748.0

File : C:\Users\Bert\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[S1].txt - [3542 octets] - [05/07/2013 12:42:26]

########## EOF - C:\AdwCleaner[S1].txt - [3602 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Bert on vr 05-07-2013 at 12:48:16,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Bert\appdata\local\{019CA7EE-5527-46B7-9DEA-BA6992FE5ED1}
Successfully deleted: [Empty Folder] C:\Users\Bert\appdata\local\{1C7F5D42-6557-4860-B9B8-9A18548D4F3C}
Successfully deleted: [Empty Folder] C:\Users\Bert\appdata\local\{1CFB0F6B-75C3-47CB-AE65-5107FD5EBF8C}
Successfully deleted: [Empty Folder] C:\Users\Bert\appdata\local\{5F09684F-62D4-4D78-B5E8-A06EB266EA9C}
Successfully deleted: [Empty Folder] C:\Users\Bert\appdata\local\{68F3531E-6354-4B57-8AE2-8DF8C0C0D4FC}
Successfully deleted: [Empty Folder] C:\Users\Bert\appdata\local\{8C5359CB-BB7E-46C8-8B18-D82DA03F694B}
Successfully deleted: [Empty Folder] C:\Users\Bert\appdata\local\{F2F6D39F-780C-41F6-97E6-D24DF6F1058B}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on vr 05-07-2013 at 12:50:59,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V8.6.2 _x64_ [Jul 2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : hxxp://www.adlice.com/forum/
Website : hxxp://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

besturingssysteem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestart vanuit : Normale modus
Gebruiker : Bert [Administrator rechten]
Modus : Scan – Datum : 07/05/2013 12:52:36
| ARK || FAK || MBR |

¤¤¤ Kwaadaardige processen : 0 ¤¤¤

¤¤¤ Register verwijzingen : 7 ¤¤¤
[RUN][SUSP PATH] HKLM\[…]\Wow6432Node\[…]\Run : AMD Catalyst (C:\ProgramData\Catalyst\CCC\colorrgb.exe [-]) -> gevonden
[HJ POL] HKCU\[…]\System : DisableTaskMgr (0) -> gevonden
[HJ POL] HKCU\[…]\System : DisableRegistryTools (0) -> gevonden
[HJ POL] HKLM\[…]\System : ConsentPromptBehaviorAdmin (0) -> gevonden
[HJ POL] HKLM\[…]\Wow6432Node\[…]\System : ConsentPromptBehaviorAdmin (0) -> gevonden
[HJ DESK] HKLM\[…]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> gevonden
[HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> gevonden

¤¤¤ geplande taken : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ webbrowsers : 0 ¤¤¤

¤¤¤ Speciale Files / Folders: ¤¤¤

¤¤¤ Driver : [Niet geladen 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infectie : ¤¤¤

¤¤¤ HOSTS Bestand: ¤¤¤
–> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Controle: ¤¤¤

+++++ PhysicalDrive0: M4-CT256 M4SSD2 SATA Disk Device +++++
— User —
[MBR] e33cb6f0ce1e4ab46a3e73571abb1880
[BSP] 076d677b30f76797af44975d020f07c9 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 350 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 718848 | Size: 229510 Mo
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 470755328 | Size: 14336 Mo
User = LL1 … OK!
User = LL2 … OK!

+++++ PhysicalDrive1: M4-CT256 M4SSD2 SATA Disk Device +++++
— User —
[MBR] 43231d686d1a1d4672e0605bd93b4f30
[BSP] 3eea5ef7fbc3da3ecda469111b39788b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 Mo
User = LL1 … OK!
User = LL2 … OK!

Gereed : << RKreport[0]_S_07052013_125236.txt >>

Anoniem 5 juli 2013 10:55

Wat RK toont zijn standaard gegevens.

We kijken verder:

[b:841c6df2f1]Welk programma[/b:841c6df2f1]: [img:841c6df2f1]http://www.imgdumper.nl/uploads6/51c590ce3cf4a/51c590ce361e7-ComboFix_resized_2.png[/img:841c6df2f1]

Anoniem 5 juli 2013 11:53

ComboFix 13-07-04.01 - Bert 05-07-2013 15:59:23.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8173.6624 [GMT 2:00]
Gestart vanuit: C:\Users\Bert\Downloads\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

C:\ProgramData\Catalyst
C:\ProgramData\Catalyst\CCC\1.bat
C:\ProgramData\Catalyst\CCC\1.exe
C:\ProgramData\Catalyst\CCC\123.bat
C:\ProgramData\Catalyst\CCC\checkOS.txt
C:\ProgramData\Catalyst\CCC\colorrgb.exe
C:\ProgramData\Catalyst\CCC\mnr.exe
C:\ProgramData\Catalyst\CCC\OpenCL.exe
C:\ProgramData\Catalyst\CCC\start.reg
C:\ProgramData\Catalyst\CCC\stop.bat
C:\ProgramData\Catalyst\CCC\StringCheck.txt
C:\ProgramData\Catalyst\CCC\upd.exe
C:\ProgramData\Catalyst\CCC\upd1.exe
C:\Windows\pkunzip.pif
C:\Windows\pkzip.pif
C:\Windows\SysWow64\frapsvid.dll

(((((((((((((((((((( Bestanden Gemaakt van 2013-06-05 to 2013-07-05 ))))))))))))))))))))))))))))))

2013-07-05 10:48:15 . 2013-07-05 10:48:15 ——– d—–w- C:\Windows\ERUNT
2013-07-05 10:48:12 . 2013-07-05 10:48:12 ——– d—–w- C:\JRT
2013-07-04 16:52:26 . 2013-07-04 16:52:40 ——– d—–w- C:\Users\Bert\AppData\Local\Downloader
2013-07-04 16:52:11 . 2013-07-04 16:52:11 ——– d—–w- C:\Program Files (x86)\Downloader
2013-07-02 06:17:11 . 2013-06-12 03:08:52 9552976 —-a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{88FCA82C-D7E1-48B5-A94F-5330B7F23F45}\mpengine.dll
2013-07-01 17:03:35 . 2013-07-01 17:03:35 ——– d—–w- C:\ProgramData\SystemRequirementsLab
2013-06-30 15:05:55 . 2013-06-30 19:27:33 ——– d—–w- C:\Program Files (x86)\EZDownloader
2013-06-30 09:53:50 . 2013-06-30 09:53:50 ——– d—–w- C:\Users\Bert\AppData\Roaming\theHunter
2013-06-30 09:53:50 . 2013-06-30 09:53:50 ——– d—–w- C:\Users\Bert\AppData\Local\theHunter
2013-06-30 09:38:53 . 2013-06-30 09:38:53 ——– d—–w- C:\ProgramData\Hunter
2013-06-24 19:18:20 . 2013-06-27 07:21:35 ——– d—–w- C:\Users\Bert\AppData\Roaming\Epson
2013-06-24 18:08:50 . 2013-06-24 18:08:50 ——– d—–w- C:\Users\Bert\AppData\Roaming\tabagames
2013-06-22 18:24:47 . 2013-06-23 07:05:06 ——– d—–w- C:\Program Files (x86)\Euro Truck Simulator 2
2013-06-22 05:59:28 . 2013-06-22 05:59:23 312232 —-a-w- C:\Windows\system32\javaws.exe
2013-06-22 05:59:25 . 2013-06-22 05:59:23 189352 —-a-w- C:\Windows\system32\javaw.exe
2013-06-22 05:59:25 . 2013-06-22 05:59:23 188840 —-a-w- C:\Windows\system32\java.exe
2013-06-22 05:59:25 . 2013-06-22 05:59:23 108968 —-a-w- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-06-22 05:59:22 . 2013-06-22 05:59:22 ——– d—–w- C:\Program Files\Java
2013-06-21 13:00:36 . 2013-06-21 13:00:36 ——– d—–w- C:\ProgramData\ATI
2013-06-21 13:00:34 . 2013-06-21 13:00:34 ——– d—–w- C:\Program Files (x86)\AMD AVT
2013-06-21 11:55:26 . 2013-06-21 11:55:26 ——– d—–w- C:\Users\Bert\AppData\Roaming\Milestone
2013-06-20 18:25:51 . 2013-06-24 18:01:41 ——– d—–w- C:\Users\Bert\AppData\Roaming\uTorrent
2013-06-15 19:43:14 . 2013-06-15 20:17:37 ——– d—–w- C:\Users\Bert\AppData\Roaming\SpinTires
2013-06-15 11:43:02 . 2013-06-08 14:08:00 279040 —-a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-06-15 11:43:02 . 2013-06-08 12:28:46 2706432 —-a-w- C:\Windows\system32\mshtml.tlb
2013-06-15 11:43:02 . 2013-06-08 11:41:58 218112 —-a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-06-15 11:43:02 . 2013-06-08 11:13:19 2706432 —-a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-15 11:43:01 . 2013-06-08 14:08:10 1365504 —-a-w- C:\Windows\system32\urlmon.dll
2013-06-15 11:43:01 . 2013-06-08 14:06:58 526336 —-a-w- C:\Windows\system32\ieui.dll
2013-06-15 11:43:01 . 2013-06-08 14:06:58 2648064 —-a-w- C:\Windows\system32\iertutil.dll
2013-06-15 11:42:59 . 2013-06-08 14:06:57 15404544 —-a-w- C:\Windows\system32\ieframe.dll
2013-06-15 11:42:58 . 2013-06-08 14:07:17 19233792 —-a-w- C:\Windows\system32\mshtml.dll
2013-06-14 18:39:53 . 2013-06-14 18:39:53 ——– d—–w- C:\Users\Bert\AppData\Local\Rockstar Games
2013-06-14 08:02:47 . 2013-07-05 07:00:55 ——– d—–w- C:\ProgramData\ManiaPlanet
2013-06-14 08:02:47 . 2013-07-04 16:57:20 ——– d—–w- C:\Program Files (x86)\ManiaPlanet
2013-06-12 15:31:55 . 2013-05-08 06:39:01 1910632 —-a-w- C:\Windows\system32\drivers\tcpip.sys
2013-06-08 12:17:54 . 2013-06-08 12:17:55 ——– d—–w- C:\hitsplat
2013-06-07 11:14:45 . 2013-06-07 11:14:45 ——– d—–w- C:\Users\Bert\matrixiicache
.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-06-27 20:48:27 . 2013-03-21 06:04:54 189936 —-a-w- C:\Windows\system32\drivers\aswVmm.sys
2013-06-27 20:48:27 . 2013-01-25 14:35:27 378944 —-a-w- C:\Windows\system32\drivers\aswSP.sys
2013-06-27 20:48:27 . 2013-01-25 14:35:27 1030952 —-a-w- C:\Windows\system32\drivers\aswSnx.sys
2013-06-22 05:59:23 . 2012-06-22 12:05:27 972712 —-a-w- C:\Windows\system32\deployJava1.dll
2013-06-22 05:59:23 . 2012-06-22 12:05:27 1093032 —-a-w- C:\Windows\system32\npDeployJava1.dll
2013-06-21 11:53:34 . 2013-03-21 12:18:53 692104 —-a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-21 11:53:34 . 2012-06-22 12:06:14 71048 —-a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-13 01:01:35 . 2012-06-22 10:55:13 75825640 —-a-w- C:\Windows\system32\MRT.exe
2013-06-12 19:48:23 . 2012-06-22 12:05:09 867240 —-a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48:17 . 2012-06-22 12:05:09 789416 —-a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-12 19:47:57 . 2013-05-02 05:28:51 96168 —-a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-03 07:14:45 . 2013-06-03 07:14:42 38688 —-a-w- C:\Windows\system32\cc_20130603_091441.reg
2013-05-28 06:44:35 . 2013-05-28 06:44:35 53248 —-a-w- C:\Windows\SysWow64\unrar.dll
2013-05-14 06:32:56 . 2011-03-29 01:36:46 22240 —-a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-11 14:17:08 . 2013-01-25 18:50:57 189248 —-a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-05-09 08:59:07 . 2013-03-21 06:04:54 65336 —-a-w- C:\Windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59:07 . 2013-01-25 14:35:27 72016 —-a-w- C:\Windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59:07 . 2013-01-25 14:35:27 64288 —-a-w- C:\Windows\system32\drivers\aswTdi.sys
2013-05-09 08:59:06 . 2013-01-25 17:39:20 131232 —-a-w- C:\Windows\system32\drivers\aswFW.sys
2013-05-09 08:59:06 . 2013-01-25 17:39:18 270824 —-a-w- C:\Windows\system32\drivers\aswNdis2.sys
2013-05-09 08:59:06 . 2013-01-25 17:39:18 22600 —-a-w- C:\Windows\system32\drivers\aswKbd.sys
2013-05-09 08:59:06 . 2013-01-25 14:35:27 80816 —-a-w- C:\Windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59:06 . 2013-01-25 14:35:27 33400 —-a-w- C:\Windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58:37 . 2013-01-25 14:35:17 41664 —-a-w- C:\Windows\avastSS.scr
2013-05-09 08:58:11 . 2013-01-25 14:35:27 287840 —-a-w- C:\Windows\system32\aswBoot.exe
2013-05-02 00:06:08 . 2010-11-21 03:27:21 278800 ——w- C:\Windows\system32\MpSigStub.exe
2013-04-30 08:41:24 . 2013-05-05 08:45:51 840264 —-a-w- C:\Windows\SysWow64\pbsvc.exe
2013-04-26 16:08:14 . 2013-04-26 16:04:04 723230 —-a-w- C:\Windows\unins000.exe
2013-04-13 05:49:23 . 2013-05-16 05:36:47 135168 —-a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 . 2013-05-16 05:36:47 350208 —-a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 . 2013-05-16 05:36:47 308736 —-a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 . 2013-05-16 05:36:47 111104 —-a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 . 2013-05-16 05:36:47 474624 —-a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 . 2013-05-16 05:36:47 2176512 —-a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 . 2013-04-24 05:48:59 1656680 —-a-w- C:\Windows\system32\drivers\ntfs.sys
2013-04-10 06:01:54 . 2013-05-16 05:36:48 265064 —-a-w- C:\Windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01:53 . 2013-05-16 05:36:48 983400 —-a-w- C:\Windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 . 2013-05-16 05:36:40 3153920 —-a-w- C:\Windows\system32\win32k.sys
2013-04-08 07:58:14 . 2013-04-08 07:58:10 968 —-a-w- C:\Windows\system32\cc_20130408_095809.reg
2013-04-07 16:23:28 . 2013-03-23 14:21:14 280904 —-a-w- C:\Windows\SysWow64\PnkBstrB.xtr

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-23 11:02:17 220632 —-a-w- C:\Users\Bert\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-23 11:02:17 220632 —-a-w- C:\Users\Bert\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-23 11:02:17 220632 —-a-w- C:\Users\Bert\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Bert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-06-27 12:23:57 1104384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2013-05-09 08:58:30 4858968]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 15:06:40 642728]
"Philips Device Listener"="C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe" [2012-02-08 09:49:16 380416]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 21:06:36 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 cpuz135;cpuz135;C:\Windows\TEMP\cpuz135\cpuz135_x64.sys;C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys;C:\Windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys;C:\Windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys;C:\Windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys;C:\Windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys;C:\Windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys;C:\Windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBPNPA;USB PnP Sound Device Interface;C:\Windows\system32\drivers\CM10864.sys;C:\Windows\SYSNATIVE\drivers\CM10864.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amd_sata;amd_sata;C:\Windows\system32\drivers\amd_sata.sys;C:\Windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;C:\Windows\system32\drivers\amd_xata.sys;C:\Windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 aswKbd;aswKbd; [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys;C:\Windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe;C:\Windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys;C:\Windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe;C:\Program Files\AVAST Software\Avast\afwServ.exe [x]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys;C:\Windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\Drivers\EtronHub3.sys;C:\Windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\Drivers\EtronXHCI.sys;C:\Windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]

— Andere Services/Drivers In Geheugen —

*NewlyCreated* - WS2IFSL

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-20 16:17:25 1165776 —-a-w- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe

Inhoud van de 'Gedeelde Taken' map

2013-07-05 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-21 12:18:53 . 2013-06-21 11:53:35]

2013-07-04 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2418530806-2394264233-3435411408-1002Core.job
- C:\Users\Bert\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-31 14:18:50 . 2013-03-31 14:18:49]

2013-07-05 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2418530806-2394264233-3435411408-1002UA.job
- C:\Users\Bert\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-31 14:18:50 . 2013-03-31 14:18:49]

2013-07-05 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-25 03:29:10 . 2013-01-25 03:29:10]

2013-07-05 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-25 03:29:10 . 2013-01-25 03:29:10]

——— X64 Entries ———–

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-23 11:02:16 244696 —-a-w- C:\Users\Bert\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-23 11:02:16 244696 —-a-w- C:\Users\Bert\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-23 11:02:16 244696 —-a-w- C:\Users\Bert\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58:09 133840 —-a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57:26 778192 —-a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57:26 778192 —-a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57:26 778192 —-a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57:26 778192 —-a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57:26 778192 —-a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57:26 778192 —-a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cm108Sound"="C:\Windows\Syswow64\cm108.dll" [2013-01-16 15:54:04 8757248]

——- Bijkomende Scan ——-

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://www.diesiedleronline.de/de/startseite
mLocal Page = C:\Windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
TCP: DhcpNameServer = 212.54.35.25 212.54.40.25

- - - - ORPHANS VERWIJDERD - - - -

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Anoniem 5 juli 2013 14:07

[b:80df2f02d9]Welk programma[/b:80df2f02d9]: sUbs [b:80df2f02d9]dds.scr[/b:80df2f02d9]
[b:80df2f02d9]Waarvoor/waarom[/b:80df2f02d9]: DDS is een diagnosetool en maakt gebruik van scripts.
[b:80df2f02d9]Moeilijkheidsgraad[/b:80df2f02d9]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
[b:80df2f02d9]Downloadlokatie[/b:80df2f02d9]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen!
[b:80df2f02d9]Download[/b:80df2f02d9] sUBs dds.scr [b:80df2f02d9]hier[/b:80df2f02d9]

[img:80df2f02d9]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:80df2f02d9]

[b:80df2f02d9]sUBs dds.scr gebruiken[/b:80df2f02d9]:
[list:80df2f02d9][*:80df2f02d9][b:80df2f02d9]

Anoniem 6 juli 2013 07:02

Wil het lukken?

Anoniem 7 juli 2013 08:53

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 25-1-2013 4:25:52
System Uptime: 7-7-2013 1:30:51 (10 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-990FXA-UD3
Processor: AMD FX™-8350 Eight-Core Processor | Socket M2 | 4000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 224 GiB total, 108,063 GiB free.
D: is FIXED (NTFS) - 1863 GiB total, 1649,253 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP143: 25-6-2013 8:03:16 - Windows Update
RP144: 29-6-2013 7:17:48 - Windows Update
RP145: 30-6-2013 19:00:07 - Windows Back-up
RP146: 2-7-2013 8:17:04 - Windows Update
RP147: 4-7-2013 18:57:21 - DirectX is geïnstalleerd.
RP148: 6-7-2013 7:19:10 - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
AMD Accelerated Video Transcoding
AMD APP CPU SDK Runtime
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD Steady Video Plug-In
AMD VISION Engine Control Center
µTorrent
avast! Internet Security
AVG PC TuneUp
AVG PC TuneUp Language Pack (nl-NL)
Battlefield 3™
Battlelog Web Plugins
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Call of Duty: Modern Warfare 2
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cossacks: Back to War
Crysis® 2
D3DX10
Dolby Home Theater v4
Downloader
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Print CD
EPSON Scan
EpsonNet Config V4
ESN Sonar
Etron USB3.0 Host Controller
Euro Truck Simulator 2
Facebook Messenger 2.1.4814.0
Fotogalerie
Fraps
Galerie de photos
Google Chrome
Google Drive
Google Update Helper
GRID 2 © Codemasters version 1
Java 7 Update 25
Java 7 Update 25 (64-bit)
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware versie 1.75.0.1300
ManiaPlanet
Media converter
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Movie Maker
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
Opera 12.15
Origin
Philips Media Converter
Philips Songbird
Photo Common
Photo Gallery
PowerISO
Printer EPSON PX710W Series verwijderen
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Skype™ 6.5
Spotify
Steam
System Requirements Lab CYRI
TeamSpeak 3 Client
Tixati
Total Commander (Remove or Repair)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Uplay
USB PnP Sound Device
Windows-stuurprogrammapakket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Movie Maker 2.6
Xfire
.
==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.25.2
Run by Bert at 11:09:15 on 2013-07-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8173.6868 [GMT 2:00]
.
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Bert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.diesiedleronline.de/de/startseite
uSearchAssistant = hxxp://www.google.com
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Spotify Web Helper] "C:\Users\Bert\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Philips Device Listener] "C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: NameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{3B629CB8-C6D6-4AE4-9638-DE27D7734B4B} : DHCPNameServer = 212.54.35.25 212.54.40.25
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" –configure-user-settings –verbose-logging –system-level –multi-install –chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
x64-Run: [Cm108Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-1-24 80000]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-1-24 40576]
R0 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-1-25 22600]
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2013-1-25 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2013-1-25 270824]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-21 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-21 189936]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2013-1-25 131232]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-1-25 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-1-25 378944]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-29 241152]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-1-25 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-1-25 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-17 46808]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-5-17 137960]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2012-8-23 2148216]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-7-29 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-7-29 79104]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-1-24 565352]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2012-7-4 11880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-25 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-25 701512]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-3-23 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-25 25928]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-24 19456]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-1-24 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-24 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-24 30208]
S3 USBPNPA;USB PnP Sound Device Interface;C:\Windows\System32\drivers\CM10864.sys [2013-4-5 1310720]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-26 1255736]
.
=============== Created Last 30 ================
.
2013-07-06 05:19:18 9552976 —-a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5392CCE1-7B04-487F-B1A5-E07CAA336437}\mpengine.dll
2013-07-05 14:03:44 ——– d—–w- C:\$RECYCLE.BIN
2013-07-05 13:58:46 98816 —-a-w- C:\Windows\sed.exe
2013-07-05 13:58:46 256000 —-a-w- C:\Windows\PEV.exe
2013-07-05 13:58:46 208896 —-a-w- C:\Windows\MBR.exe
2013-07-05 13:58:44 ——– d—–w- C:\ComboFix
2013-07-05 10:48:15 ——– d—–w- C:\Windows\ERUNT
2013-07-05 10:48:12 ——– d—–w- C:\JRT
2013-07-04 16:52:26 ——– d—–w- C:\Users\Bert\AppData\Local\Downloader
2013-07-04 16:52:11 ——– d—–w- C:\Program Files (x86)\Downloader
2013-07-02 08:38:20 ——– d—–w- C:\Users\Bert\matrixiicache1
2013-07-01 17:03:35 ——– d—–w- C:\ProgramData\SystemRequirementsLab
2013-06-30 15:05:55 ——– d—–w- C:\Program Files (x86)\EZDownloader
2013-06-30 09:38:53 ——– d—–w- C:\ProgramData\Hunter
2013-06-22 18:24:47 ——– d—–w- C:\Program Files (x86)\Euro Truck Simulator 2
2013-06-22 05:59:25 108968 —-a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-06-21 13:00:34 ——– d—–w- C:\Program Files (x86)\AMD AVT
2013-06-20 18:25:51 ——– d—–w- C:\Users\Bert\AppData\Roaming\uTorrent
2013-06-15 11:43:02 279040 —-a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-06-15 11:43:02 2706432 —-a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-15 11:43:02 2706432 —-a-w- C:\Windows\System32\mshtml.tlb
2013-06-15 11:43:02 218112 —-a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-06-14 08:02:47 ——– d—–w- C:\ProgramData\ManiaPlanet
2013-06-14 08:02:47 ——– d—–w- C:\Program Files (x86)\ManiaPlanet
2013-06-12 15:31:55 751104 —-a-w- C:\Windows\System32\win32spl.dll
2013-06-08 12:17:54 ——– d—–w- C:\hitsplat
2013-06-07 11:14:45 ——– d—–w- C:\Users\Bert\matrixiicache
.
==================== Find3M ====================
.
2013-06-27 20:48:27 189936 —-a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-06-27 20:48:27 1030952 —-a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-06-22 05:59:23 972712 —-a-w- C:\Windows\System32\deployJava1.dll
2013-06-22 05:59:23 1093032 —-a-w- C:\Windows\System32\npDeployJava1.dll
2013-06-21 11:53:34 71048 —-a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-21 11:53:34 692104 —-a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-12 19:48:23 867240 —-a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48:17 789416 —-a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-12 19:47:57 96168 —-a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-03 07:14:45 38688 —-a-w- C:\Windows\System32\cc_20130603_091441.reg
2013-05-28 06:44:35 53248 —-a-w- C:\Windows\SysWow64\unrar.dll
2013-05-17 01:25:57 1767936 —-a-w- C:\Windows\SysWow64\wininet.dll
2013-05-17 01:25:27 2877440 —-a-w- C:\Windows\SysWow64\jscript9.dll
2013-05-17 01:25:26 61440 —-a-w- C:\Windows\SysWow64\iesetup.dll
2013-05-17 01:25:26 109056 —-a-w- C:\Windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03 2241024 —-a-w- C:\Windows\System32\wininet.dll
2013-05-17 00:58:10 3958784 —-a-w- C:\Windows\System32\jscript9.dll
2013-05-17 00:58:08 67072 —-a-w- C:\Windows\System32\iesetup.dll
2013-05-17 00:58:08 136704 —-a-w- C:\Windows\System32\iesysprep.dll
2013-05-14 12:23:25 89600 —-a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13 71680 —-a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-05-13 05:51:01 184320 —-a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 —-a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 —-a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 —-a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 —-a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 —-a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 —-a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 —-a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 —-a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 —-a-w- C:\Windows\SysWow64\certenc.dll
2013-05-11 14:17:08 189248 —-a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-05-10 05:49:27 30720 —-a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 —-a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-09 08:59:07 72016 —-a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-05-09 08:59:07 65336 —-a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-05-09 08:59:06 80816 —-a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-05-09 08:59:06 270824 —-a-w- C:\Windows\System32\drivers\aswNdis2.sys
2013-05-09 08:59:06 22600 —-a-w- C:\Windows\System32\drivers\aswKbd.sys
2013-05-09 08:59:06 131232 —-a-w- C:\Windows\System32\drivers\aswFW.sys
2013-05-09 08:58:37 41664 —-a-w- C:\Windows\avastSS.scr
2013-05-08 06:39:01 1910632 —-a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-02 00:06:08 278800 ——w- C:\Windows\System32\MpSigStub.exe
2013-04-30 08:41:24 840264 —-a-w- C:\Windows\SysWow64\pbsvc.exe
2013-04-26 16:08:14 723230 —-a-w- C:\Windows\unins000.exe
2013-04-26 04:55:21 492544 —-a-w- C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32 1505280 —-a-w- C:\Windows\SysWow64\d3d11.dll
2013-04-17 07:02:06 1230336 —-a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:46 1424384 —-a-w- C:\Windows\System32\WindowsCodecs.dll
2013-04-13 05:49:23 135168 —-a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 —-a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 —-a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 —-a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 —-a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 —-a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 —-a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 —-a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 —-a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 3153920 —-a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 11:09:24,58 ===============

Anoniem 7 juli 2013 09:10

Laat weten hoe jouw Windows inmiddels draait en doe ook onderstaande:

[b:7b0bb5db3b]Welk programma[/b:7b0bb5db3b]:

Anoniem 7 juli 2013 09:25

[b:266ebc1982]Sluit voordat

Anoniem 7 juli 2013 10:28

All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\BlueStacks Agent\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\boincmgr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\boinctray\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\msnmsgr\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========

Anoniem 7 juli 2013 18:00

Alles naar wens inmiddels?

Anoniem 7 juli 2013 19:37

Ja nu is alles weer normaal. Mijn dank is groot.

Anoniem 7 juli 2013 19:40

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.

Vraag & Antwoord

Trojan.BCMiner keert steeds terug

Beantwoord deze vraag

Gerelateerde vragen

Registreren

We hebben je een e-mail gestuurd!

Oops… er ging wat mis.

Hoera, je account is nu geactiveerd!

Dit token is niet meer valide.

Wachtwoord vergeten?

Je aanvraag is verstuurd

Wachtwoord herstellen

Wachtwoord herstellen

Dit token is niet meer valide.

Bedankt!

Je vraag is geplaatst!

Je antwoord is geplaatst!

Bevestigingsmail verstuurd!