Ga naar inhoud

Funmoods verwijderen

camel1980
 Delen

Aanbevolen berichten

  • Reacties 54
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Het is dat ik je gewoon geloof want het zou niet meer moeten kunnen.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Hier kan je lezen hoe je Combofix moet gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: klik hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:

DDS - Bleeping Computer download.

DDS - Bleeping Computer download.

DDS - Infospyware.

dds_scr.gif

DDS is een diagnosetool en maakt gebruik van scripts.

Schakel je beveiligings software uit voordat je DDS uitvoert!

Dubbelklik op DDS om de tool te starten.

DDS zal 2 logfiles openen:

* DDS.txt

* Attach.txt

Een scherm vraagt je om beide logjes op te slaan omdat de logjes weg zullen zijn als je ze sluit.

Sla de logjes op bijvoorbeeld op je bureaublad of een andere plaats waar je ze makkelijk terug vind.

Post het DDS.txt logje met je volgende antwoord. De Attach.txt post je alleen wanneer ik hier om vraag.

Link naar reactie
Delen op andere sites
camel1980 Enthousiasteling

camel1980

Geplaatst:
  • Auteur
Geplaatst:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16519

Run by Dhr. van at 18:39:04 on 2013-03-25

Microsoft Windows 8 6.2.9200.0.1252.31.1043.18.8072.6936 [GMT 1:00]

.

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Windows\system32\dashost.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\dwm.exe

C:\Windows\system32\taskhostex.exe

C:\Windows\Explorer.EXE

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe

C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.nl/

mWinlogon: Userinit = userinit.exe,

mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"

mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 212.54.40.25 212.54.35.25

TCP: Interfaces\{1FC42585-82F0-4135-B0A2-06BDB7A16093} : DHCPNameServer = 212.54.40.25 212.54.35.25

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = hxxp://www.google.com

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\Drivers\ctxusbm.sys [2011-6-13 91864]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-26 166720]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-26 365376]

R3 RTL8168;Realtek 8168 NT-stuurprogramma;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]

.

=============== Created Last 30 ================

.

2013-03-25 17:00:10 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ED6012EB-CB2C-4EB5-B462-C6A643D37E41}\mpengine.dll

2013-03-24 19:18:02 9311288 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2013-03-23 20:56:59 -------- d-sh--w- C:\$RECYCLE.BIN

2013-03-23 20:55:49 -------- d-----w- C:\Users\Dhr. van \AppData\Local\Temp

2013-03-23 15:32:31 388096 ----a-r- C:\Users\Dhr. van Kempen\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-03-23 15:32:30 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-03-21 17:54:55 20992 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2013-03-10 20:00:26 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin

2013-02-27 15:52:37 1010688 ----a-w- C:\Windows\System32\reseteng.dll

2013-02-27 15:52:36 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll

2013-02-27 15:52:35 443392 ----a-w- C:\Windows\System32\ReAgent.dll

.

==================== Find3M ====================

.

2013-03-05 23:07:25 78168 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-03-05 23:07:25 692568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-03-02 08:22:18 361984 ----a-w- C:\Windows\SysWow64\MFMediaEngine.dll

2013-03-02 02:44:30 468992 ----a-w- C:\Windows\System32\MFMediaEngine.dll

2013-02-15 07:58:59 39936 ----a-w- C:\Windows\apppatch\apppatch64\acspecfc.dll

2013-02-15 06:35:40 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-02-12 01:30:04 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll

2013-02-12 00:56:19 53760 ----a-w- C:\Windows\System32\UXInit.dll

2013-02-12 00:25:18 4041728 ----a-w- C:\Windows\System32\win32k.sys

2013-02-07 04:09:56 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys

2013-02-07 03:34:58 10115072 ----a-w- C:\Windows\System32\twinui.dll

2013-02-07 03:33:47 2302464 ----a-w- C:\Windows\System32\authui.dll

2013-02-07 03:33:42 2146816 ----a-w- C:\Windows\System32\actxprxy.dll

2013-02-07 01:34:00 8856576 ----a-w- C:\Windows\SysWow64\twinui.dll

2013-02-07 01:33:03 2033664 ----a-w- C:\Windows\SysWow64\authui.dll

2013-02-07 01:33:01 754176 ----a-w- C:\Windows\SysWow64\actxprxy.dll

2013-02-05 22:31:11 622080 ----a-w- C:\Windows\System32\drivers\srv2.sys

2013-02-05 22:29:09 370688 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2013-02-05 22:28:48 247808 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2013-02-05 22:28:36 215552 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2013-02-05 04:58:01 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-02-05 04:56:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-02-05 04:56:27 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-02-05 04:56:27 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-02-05 03:55:27 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-02-05 01:44:50 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll

2013-02-04 22:39:47 2246656 ----a-w- C:\Windows\System32\wininet.dll

2013-02-04 22:39:39 907776 ----a-w- C:\Windows\System32\uxtheme.dll

2013-02-04 22:38:55 3966464 ----a-w- C:\Windows\System32\jscript9.dll

2013-02-04 22:38:53 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-02-02 11:19:44 496872 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-02-02 11:19:44 446184 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS

2013-02-02 11:19:41 329960 ----a-w- C:\Windows\System32\drivers\storport.sys

2013-02-02 11:19:33 61672 ----a-w- C:\Windows\System32\drivers\crashdmp.sys

2013-02-02 10:54:54 1933544 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-02-02 10:28:54 993512 ----a-w- C:\Windows\System32\drivers\ndis.sys

2013-02-02 10:28:54 2226408 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-02-02 09:42:07 2207232 ----a-w- C:\Windows\SysWow64\PrintConfig.dll

2013-02-02 08:40:58 375808 ----a-w- C:\Windows\SysWow64\wbem\WmiPrvSE.exe

2013-02-02 08:40:55 80896 ----a-w- C:\Windows\SysWow64\tasklist.exe

2013-02-02 08:40:55 79360 ----a-w- C:\Windows\SysWow64\taskkill.exe

2013-02-02 08:40:36 155136 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll

2013-02-02 08:40:35 370688 ----a-w- C:\Windows\SysWow64\WWanAPI.dll

2013-02-02 08:40:27 131072 ----a-w- C:\Windows\SysWow64\wbem\WmiDcPrv.dll

2013-02-02 08:40:26 410624 ----a-w- C:\Windows\SysWow64\wlroamextension.dll

2013-02-02 08:40:22 197632 ----a-w- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll

2013-02-02 08:40:22 10792448 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll

2013-02-02 08:40:01 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll

2013-02-02 08:39:59 325632 ----a-w- C:\Windows\SysWow64\schannel.dll

2013-02-02 08:39:47 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll

2013-02-02 08:39:34 55296 ----a-w- C:\Windows\SysWow64\nlaapi.dll

2013-02-02 08:39:34 15872 ----a-w- C:\Windows\SysWow64\nlmproxy.dll

2013-02-02 08:39:34 12288 ----a-w- C:\Windows\SysWow64\nlmsprep.dll

2013-02-02 08:39:33 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll

2013-02-02 08:39:28 5090816 ----a-w- C:\Windows\SysWow64\mstscax.dll

2013-02-02 08:39:15 157696 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll

2013-02-02 08:38:54 567808 ----a-w- C:\Windows\SysWow64\duser.dll

2013-02-02 08:24:19 107520 ----a-w- C:\Windows\System32\taskkill.exe

2013-02-02 08:24:19 102400 ----a-w- C:\Windows\System32\tasklist.exe

2013-02-02 08:23:44 228352 ----a-w- C:\Windows\System32\XpsRasterService.dll

2013-02-02 08:23:43 475136 ----a-w- C:\Windows\System32\WWanAPI.dll

2013-02-02 08:23:37 611840 ----a-w- C:\Windows\System32\wpd_ci.dll

2013-02-02 08:23:37 105472 ----a-w- C:\Windows\System32\wpdbusenum.dll

2013-02-02 08:23:30 830464 ----a-w- C:\Windows\System32\wbem\WmiPrvSD.dll

2013-02-02 08:23:28 543232 ----a-w- C:\Windows\System32\wlroamextension.dll

2013-02-02 08:23:21 13643264 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll

2013-02-02 08:23:19 293376 ----a-w- C:\Windows\System32\Windows.Networking.Connectivity.dll

2013-02-02 08:23:18 731648 ----a-w- C:\Windows\System32\win32spl.dll

2013-02-02 08:23:16 87552 ----a-w- C:\Windows\System32\wersvc.dll

2013-02-02 08:22:28 448512 ----a-w- C:\Windows\System32\SettingSync.dll

2013-02-02 08:22:22 416256 ----a-w- C:\Windows\System32\schannel.dll

2013-02-02 08:21:45 467456 ----a-w- C:\Windows\System32\netprofmsvc.dll

2013-02-02 08:21:44 385024 ----a-w- C:\Windows\System32\ncsi.dll

2013-02-02 08:21:38 5977600 ----a-w- C:\Windows\System32\mstscax.dll

2013-02-02 08:21:10 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll

2013-02-02 08:20:47 260096 ----a-w- C:\Windows\System32\hotspotauth.dll

2013-02-02 08:20:31 729600 ----a-w- C:\Windows\System32\duser.dll

2013-02-02 07:30:05 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-02 07:25:52 297984 ----a-w- C:\Windows\System32\drivers\ks.sys

2013-02-02 07:25:26 82944 ----a-w- C:\Windows\System32\drivers\hidclass.sys

2013-02-02 07:25:23 37632 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys

2013-02-02 05:41:57 1437184 ----a-w- C:\Windows\SysWow64\GdiPlus.dll

2013-02-02 05:31:54 1690624 ----a-w- C:\Windows\System32\GdiPlus.dll

2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe

2013-01-14 03:56:14 6967016 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-01-10 01:53:32 28904 ----a-w- C:\Windows\System32\drivers\msgpiowin32.sys

2013-01-10 01:40:39 1448168 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-01-10 01:40:38 303848 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-01-10 01:39:29 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys

2013-01-10 01:39:22 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys

2013-01-10 01:29:56 91880 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2013-01-10 01:29:21 785504 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2013-01-09 23:26:53 83968 ----a-w- C:\Windows\SysWow64\wiaacmgr.exe

2013-01-09 23:26:46 1611776 ----a-w- C:\Windows\SysWow64\mmc.exe

2013-01-09 23:26:35 410624 ----a-w- C:\Windows\SysWow64\Windows.Networking.dll

2013-01-09 23:26:35 261120 ----a-w- C:\Windows\SysWow64\Windows.Media.dll

2013-01-09 23:26:23 1752064 ----a-w- C:\Windows\SysWow64\setupapi.dll

2013-01-09 23:26:20 67584 ----a-w- C:\Windows\SysWow64\samlib.dll

2013-01-09 23:26:04 890880 ----a-w- C:\Windows\SysWow64\msctf.dll

2013-01-09 23:26:03 436736 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL

.

============= FINISH: 18:39:16,71 ===============

Link naar reactie
Delen op andere sites
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Ik zie geen sporen van funmoods in bovenstaande logje.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Link naar reactie
Delen op andere sites
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Download OTL naar je Bureaublad

  • Dubbelklik op OTL.com om het programma te openen. Zorg ervoor dat all andere vensters gesloten zijn, en laat het programma ongestoord zijn werk doen.
  • Zet een vinkje bij Scan All Users.
  • Klik op de knop Quick Scan. Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef. De scan zal niet heel erg lang duren.
    • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.Txt. Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.
    • Kopieer (Bewerken->Alles selecteren, Bewerken->Kopiëren) en plak (Bewerken->Alles selecteren, Bewerken->Plakken) de inhoud van deze twee bestanden één voor één in je volgende bericht.

Link naar reactie
Delen op andere sites
camel1980 Enthousiasteling

camel1980

Geplaatst:
  • Auteur
Geplaatst:

OTL logfile created on: 26-3-2013 18:49:11 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dhr. van \Desktop

64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16519)

Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

7,88 Gb Total Physical Memory | 6,75 Gb Available Physical Memory | 85,57% Memory free

9,07 Gb Paging File | 7,81 Gb Available in Paging File | 86,16% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 931,17 Gb Total Space | 521,81 Gb Free Space | 56,04% Space Free | Partition Type: NTFS

Computer Name: WIN45245623643 | User Name: Dhr. van | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-03-26 18:48:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dhr. van \Desktop\OTL.com

PRC - [2012-07-19 09:53:16 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2012-07-19 09:53:10 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2012-07-05 13:23:34 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

PRC - [2011-07-19 21:01:24 | 000,862,144 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

PRC - [2011-07-19 21:00:14 | 000,358,336 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

PRC - [2011-07-19 18:59:04 | 000,964,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2013-02-02 09:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)

SRV:64bit: - [2013-01-10 00:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)

SRV:64bit: - [2013-01-10 00:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)

SRV:64bit: - [2012-12-06 05:23:00 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)

SRV:64bit: - [2012-12-06 05:22:59 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)

SRV:64bit: - [2012-11-06 05:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)

SRV:64bit: - [2012-11-06 05:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)

SRV:64bit: - [2012-09-20 10:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)

SRV:64bit: - [2012-09-20 07:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)

SRV:64bit: - [2012-09-20 07:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)

SRV:64bit: - [2012-07-26 04:17:59 | 000,015,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)

SRV:64bit: - [2012-07-26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)

SRV:64bit: - [2012-07-26 04:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)

SRV:64bit: - [2012-07-26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)

SRV:64bit: - [2012-07-26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)

SRV:64bit: - [2012-07-26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)

SRV:64bit: - [2012-07-26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)

SRV:64bit: - [2012-07-26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)

SRV:64bit: - [2012-07-26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)

SRV:64bit: - [2012-07-26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)

SRV:64bit: - [2012-07-26 04:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)

SRV:64bit: - [2012-07-26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)

SRV:64bit: - [2012-07-26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)

SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)

SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)

SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)

SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)

SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)

SRV:64bit: - [2012-07-26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)

SRV:64bit: - [2012-06-19 19:10:34 | 000,634,632 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®

SRV - [2012-11-06 05:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)

SRV - [2012-10-10 02:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)

SRV - [2012-07-26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)

SRV - [2012-07-19 09:53:16 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2012-07-19 09:53:10 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2012-07-05 13:23:34 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-02-07 05:09:56 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)

DRV:64bit: - [2013-02-02 12:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)

DRV:64bit: - [2013-02-02 08:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)

DRV:64bit: - [2013-01-10 02:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)

DRV:64bit: - [2013-01-10 02:39:29 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2012-11-27 04:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)

DRV:64bit: - [2012-11-20 05:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)

DRV:64bit: - [2012-11-06 04:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)

DRV:64bit: - [2012-10-12 09:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012-10-11 08:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)

DRV:64bit: - [2012-10-11 08:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)

DRV:64bit: - [2012-10-10 02:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2012-09-20 08:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)

DRV:64bit: - [2012-09-20 08:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)

DRV:64bit: - [2012-09-20 08:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)

DRV:64bit: - [2012-09-20 08:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2012-09-20 08:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2012-09-20 08:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)

DRV:64bit: - [2012-07-26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012-07-26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)

DRV:64bit: - [2012-07-26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)

DRV:64bit: - [2012-07-26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)

DRV:64bit: - [2012-07-26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)

DRV:64bit: - [2012-07-26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)

DRV:64bit: - [2012-07-26 06:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)

DRV:64bit: - [2012-07-26 06:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)

DRV:64bit: - [2012-07-26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)

DRV:64bit: - [2012-07-26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2012-07-26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2012-07-26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)

DRV:64bit: - [2012-07-26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2012-07-26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)

DRV:64bit: - [2012-07-26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)

DRV:64bit: - [2012-07-26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2012-07-26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)

DRV:64bit: - [2012-07-26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2012-07-26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2012-07-26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)

DRV:64bit: - [2012-07-26 05:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)

DRV:64bit: - [2012-07-26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)

DRV:64bit: - [2012-07-26 05:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)

DRV:64bit: - [2012-07-26 05:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)

DRV:64bit: - [2012-07-26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)

DRV:64bit: - [2012-07-26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)

DRV:64bit: - [2012-07-26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)

DRV:64bit: - [2012-07-26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)

DRV:64bit: - [2012-07-26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)

DRV:64bit: - [2012-07-26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)

DRV:64bit: - [2012-07-26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)

DRV:64bit: - [2012-07-26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)

DRV:64bit: - [2012-07-26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)

DRV:64bit: - [2012-07-26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)

DRV:64bit: - [2012-07-26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)

DRV:64bit: - [2012-07-26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)

DRV:64bit: - [2012-07-26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)

DRV:64bit: - [2012-07-26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)

DRV:64bit: - [2012-07-26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012-07-26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)

DRV:64bit: - [2012-07-26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2012-07-26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012-07-26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)

DRV:64bit: - [2012-07-26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)

DRV:64bit: - [2012-07-26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)

DRV:64bit: - [2012-07-26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)

DRV:64bit: - [2012-07-02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2012-06-02 15:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)

DRV:64bit: - [2011-06-13 11:29:02 | 000,091,864 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ctxusbm.sys -- (ctxusbm)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Funmoods Search

IE - HKLM\..\SearchScopes\{405C961F-6876-D2AC-3B81-551399A58B9F}: "URL" = {searchTerms} - Bing

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1221115360-33263869-4063845751-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\S-1-5-21-1221115360-33263869-4063845751-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

IE - HKU\S-1-5-21-1221115360-33263869-4063845751-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL

IE - HKU\S-1-5-21-1221115360-33263869-4063845751-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 94 41 62 F3 CE CD 01 [binary data]

IE - HKU\S-1-5-21-1221115360-33263869-4063845751-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1221115360-33263869-4063845751-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = {searchTerms} - Bing

IE - HKU\S-1-5-21-1221115360-33263869-4063845751-1001\..\SearchScopes\{405C961F-6876-D2AC-3B81-551399A58B9F}: "URL" = {searchTerms} - Bing

IE - HKU\S-1-5-21-1221115360-33263869-4063845751-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = {searchTerms} - Google Search}

IE - HKU\S-1-5-21-1221115360-33263869-4063845751-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

========== Chrome ==========

O1 HOSTS File: ([2013-03-25 20:52:26 | 000,000,840 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)

O4 - HKLM..\Run: [iMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-1221115360-33263869-4063845751-1001\..Trusted Domains: ggzbreburg.nl ([portal] https in Vertrouwde websites)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FC42585-82F0-4135-B0A2-06BDB7A16093}: DhcpNameServer = 212.54.40.25 212.54.35.25

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found

O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found

O18:64bit: - Protocol\Filter\ica - No CLSID value found

O18:64bit: - Protocol\Filter\text/xml - No CLSID value found

O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O30 - LSA: Security Packages - (livessp) - File not found

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-03-26 18:48:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dhr. van \Desktop\OTL.com

[2013-03-25 20:54:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013-03-25 20:52:56 | 000,000,000 | ---D | C] -- C:\Windows\Temp

[2013-03-25 20:52:56 | 000,000,000 | ---D | C] -- C:\Users\Dhr. van \AppData\Local\Temp

[2013-03-25 20:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2013-03-25 20:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2013-03-25 18:34:08 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Dhr. van \Desktop\dds.com

[2013-03-24 20:22:24 | 005,044,071 | ---- | C] (Swearware) -- C:\Users\Dhr. van \Desktop\ComboFix.exe

[2013-03-23 16:32:31 | 000,000,000 | ---D | C] -- C:\Users\Dhr. van \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2013-03-23 16:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2013-03-09 22:09:21 | 000,000,000 | ---D | C] -- C:\Users\Dhr. van \AppData\Roaming\WinRAR

========== Files - Modified Within 30 Days ==========

[2013-03-26 18:48:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dhr. van \Desktop\OTL.com

[2013-03-26 18:47:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013-03-26 17:45:46 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013-03-25 22:30:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013-03-25 21:04:43 | 001,792,392 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013-03-25 21:04:43 | 000,795,678 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat

[2013-03-25 21:04:43 | 000,710,046 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013-03-25 21:04:43 | 000,158,970 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat

[2013-03-25 21:04:43 | 000,132,416 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013-03-25 21:00:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[2013-03-25 21:00:24 | 2475,950,079 | -HS- | M] () -- C:\hiberfil.sys

[2013-03-25 20:52:26 | 000,000,840 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2013-03-25 20:50:57 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe

[2013-03-25 20:30:55 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2013-03-25 18:34:08 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Dhr. van \Desktop\dds.com

[2013-03-24 20:22:33 | 005,044,071 | ---- | M] (Swearware) -- C:\Users\Dhr. van \Desktop\ComboFix.exe

[2013-03-24 13:44:16 | 000,609,993 | ---- | M] () -- C:\Users\Dhr. van \Desktop\adwcleaner.exe

[2013-03-23 21:51:31 | 001,264,814 | ---- | M] () -- C:\Users\Dhr. van \Desktop\zoek.exe

[2013-03-23 16:32:31 | 000,003,019 | ---- | M] () -- C:\Users\Dhr. van \Desktop\HiJackThis.lnk

[2013-03-23 16:11:37 | 000,319,436 | ---- | M] () -- C:\Users\Dhr. van \Desktop\ouders-helpen-kinderen.pdf

[2013-03-23 14:37:22 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013-03-21 22:48:00 | 000,301,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2013-03-25 20:52:56 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe

[2013-03-25 20:30:55 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2013-03-24 13:44:16 | 000,609,993 | ---- | C] () -- C:\Users\Dhr. van \Desktop\adwcleaner.exe

[2013-03-23 21:51:27 | 001,264,814 | ---- | C] () -- C:\Users\Dhr. van \Desktop\zoek.exe

[2013-03-23 16:32:31 | 000,003,019 | ---- | C] () -- C:\Users\Dhr. van \Desktop\HiJackThis.lnk

[2013-03-23 16:11:37 | 000,319,436 | ---- | C] () -- C:\Users\Dhr. van \Desktop\ouders-helpen-kinderen.pdf

[2013-03-21 22:47:55 | 000,301,288 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012-12-31 12:39:09 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2012-12-31 12:39:09 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2012-12-31 12:39:09 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll

[2012-12-31 12:39:07 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2012-12-31 12:39:04 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2012-12-02 15:38:19 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini

[2012-11-30 16:26:16 | 000,000,392 | ---- | C] () -- C:\Windows\ODBC.INI

[2012-11-26 13:46:59 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll

[2012-10-10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

[2012-10-10 02:22:32 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin

[2012-10-10 02:22:16 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin

[2012-07-26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2012-07-26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2012-07-26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2012-07-26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2012-07-25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2012-07-25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2012-06-19 18:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

[2012-06-02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013-01-10 00:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013-01-10 00:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-03-10 10:34:12 | 000,000,000 | ---D | M] -- C:\Users\Dhr. van \AppData\Roaming\Belastingdienst

[2012-12-29 15:43:46 | 000,000,000 | ---D | M] -- C:\Users\Dhr. van \AppData\Roaming\FLVPlayerPackages

[2013-03-24 14:57:26 | 000,000,000 | ---D | M] -- C:\Users\Dhr. van \AppData\Roaming\GrabIt

[2012-11-30 14:04:33 | 000,000,000 | ---D | M] -- C:\Users\Dhr. van \AppData\Roaming\ICAClient

[2013-03-02 10:40:40 | 000,000,000 | ---D | M] -- C:\Users\Dhr. van \AppData\Roaming\ImgBurn

[2012-11-30 13:32:39 | 000,000,000 | ---D | M] -- C:\Users\Dhr. van \AppData\Roaming\Windows Live Writer

========== Purity Check ==========

< End of report >

Link naar reactie
Delen op andere sites
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Start OTL

  • Plak het volgende onder Custom Scans/Fixes

    :Commands
    [createrestorepoint]
    :OTL
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Funmoods Search
    O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
    O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
    O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
    O18:64bit: - Protocol\Filter\ica - No CLSID value found
    O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O30 - LSA: Security Packages - (livessp) - File not found
    :Services
    :Files
    ipconfig /flushdns /c
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [reboot]
  • Klik daarna bovenaan op de knop Run Fix
  • Laat het programma ongestoord zijn werk doen. De pc zal na afloop opnieuw opgestart worden.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.