Reclame tijdens surfen express find

[matt37]

Beste forumleden,

 

Mijn oudste broer heeft tijdens het surfen precies iets leuks binnen gekregen.Een virus dat overal reclame plaatst en continu doorlinkt naar andere pagina´s, bijzonder vervelend dus. Ik had een tijdje geleden zelf een gelijkaardig probleem ( zie mijn vorig topic), ik heb alle stappen doorlopen van dit topic maar dat heeft weinig uitgehaald.

 

Daarom open ik nu maar een nieuw topic voor dit probleem, logje:

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dell at 2015-04-13 20:36:29
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 67 GB (55%) free of 122 GB
Total RAM: 8063 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:36:36, on 13-4-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Users\Dell\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Dell.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Flvto Youtube Downloader] "C:\Users\Dell\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe" /minimize
O4 - HKUS\S-1-5-21-3540658937-1616411972-2595502040-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3540658937-1616411972-2595502040-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: c:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 7375 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 26505520
\??\C:\Windows\system32\conhost.exe "-15745101031776198132-13390131211439590936-53249995827673273040555215-860872820
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\DellTPad\Apoint.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
"C:\Users\Dell\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe" /minimize
taskeng.exe {C3E98088-B66C-4A54-B242-D8DC8CFDACAA}
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2be60cad-7dfe-487c-9e79-53cfdf8bba7f -SystemEventPortName:HostProcess-ba8c7ff8-b419-43b0-baff-8ebe4bc28ea3 -IoCancelEventPortName:HostProcess-7be0ef48-7b40-4b51-a32b-c8ee768a5bfa -NonStateChangingEventPortName:HostProcess-e297d34a-d845-4b94-b210-31ecf1d5bdf9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:167e159e-ba7a-440a-a3e5-e8c0d275f9c4 -DeviceGroupId:
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\Windows\system32\wbem\unsecapp.exe -Embedding
ngservice.exe pipeserver
"Apntex.exe"
"C:\Program Files\DellTPad\HidFind.exe"
C:\Windows\system32\wbem\wmiprvse.exe
\??\C:\Windows\system32\conhost.exe "135737128210095496891567548698-262130748-710059268-130810825791783212420974414
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe" -startup

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Dell\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\2vanlhqt.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-03 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-13 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-03 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-13 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2013-07-08 708952]
"IntelPROSet"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2013-07-17 4791024]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-12-04 2747680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Flvto Youtube Downloader"=C:\Users\Dell\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe [2015-03-27 527872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [2013-09-12 134616]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-03 5512912]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-03-07 335232]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-04-13 20:36:29 ----D---- C:\rsit
2015-04-13 20:23:06 ----SHD---- C:\$RECYCLE.BIN
2015-04-13 20:23:02 ----A---- C:\ComboFix.txt
2015-04-13 20:18:37 ----A---- C:\Windows\zip.exe
2015-04-13 20:18:37 ----A---- C:\Windows\SWSC.exe
2015-04-13 20:18:37 ----A---- C:\Windows\SWREG.exe
2015-04-13 20:18:37 ----A---- C:\Windows\sed.exe
2015-04-13 20:18:37 ----A---- C:\Windows\PEV.exe
2015-04-13 20:18:37 ----A---- C:\Windows\NIRCMD.exe
2015-04-13 20:18:37 ----A---- C:\Windows\MBR.exe
2015-04-13 20:18:37 ----A---- C:\Windows\grep.exe
2015-04-13 20:17:55 ----D---- C:\Qoobox
2015-04-13 20:17:43 ----D---- C:\Windows\erdnt
2015-04-13 20:12:35 ----A---- C:\DelFix.txt
2015-04-13 20:07:35 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-04-13 20:07:18 ----D---- C:\Program Files (x86)\Java
2015-04-13 20:05:26 ----D---- C:\Program Files\trend micro
2015-04-07 18:20:45 ----D---- C:\Users\Dell\AppData\Roaming\Mozilla
2015-04-07 18:20:38 ----D---- C:\ProgramData\Mozilla
2015-04-07 18:20:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 18:20:37 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-07 18:08:55 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-07 18:08:55 ----SD---- C:\Windows\system32\GWX
2015-04-03 19:05:41 ----D---- C:\Users\Dell\AppData\Roaming\Dropbox
2015-04-03 18:35:32 ----D---- C:\Users\Dell\AppData\Roaming\AVAST Software
2015-04-03 18:34:38 ----D---- C:\Windows\SYSWOW64\vbox
2015-04-03 18:34:38 ----D---- C:\Windows\system32\vbox
2015-04-03 18:34:12 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-04-03 18:34:12 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-04-03 18:34:12 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-04-03 18:34:12 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-04-03 18:34:12 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-04-03 18:34:12 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-04-03 18:34:12 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-04-03 18:34:12 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-04-03 18:34:12 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-03 18:34:10 ----A---- C:\Windows\avastSS.scr
2015-04-03 18:33:06 ----D---- C:\Program Files\AVAST Software
2015-04-03 18:32:44 ----D---- C:\ProgramData\AVAST Software
2015-04-03 18:30:41 ----D---- C:\ProgramData\ohkihheilmfioeegpinjippdpfoanchk
2015-04-03 18:29:58 ----D---- C:\ProgramData\{6a81dd68-6d02-2955-6a81-1dd686d075a1}
2015-04-03 18:24:40 ----D---- C:\Users\Dell\AppData\Roaming\BSplayer Pro
2015-04-03 18:24:40 ----D---- C:\Users\Dell\AppData\Roaming\BSplayer
2015-04-03 18:24:40 ----D---- C:\Program Files (x86)\Webteh
2015-04-03 18:20:19 ----D---- C:\Program Files (x86)\IncrementFoobar
2015-04-03 18:20:00 ----D---- C:\Program Files (x86)\9GAG Mini
2015-04-03 18:19:21 ----D---- C:\ProgramData\jbdjgjinalbjbhldpnkndflncelmjkek
2015-04-03 18:18:46 ----D---- C:\ProgramData\{f2b26626-e70c-704f-f2b2-26626e70989b}
2015-04-03 18:15:16 ----D---- C:\Users\Dell\AppData\Roaming\Azureus
2015-04-03 18:15:15 ----D---- C:\Program Files (x86)\Vuze
2015-03-30 19:02:07 ----D---- C:\Users\Dell\AppData\Roaming\FlvtoConverter
2015-03-24 20:42:35 ----D---- C:\ProgramData\Sun
2015-03-24 20:42:21 ----D---- C:\ProgramData\Oracle
2015-03-24 20:41:40 ----D---- C:\ProgramData\WinZip
2015-03-24 20:41:38 ----D---- C:\Program Files\WinZip
2015-03-24 20:22:33 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2015-03-24 20:22:33 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-03-24 20:21:54 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-03-24 20:21:54 ----A---- C:\Windows\system32\d2d1.dll
2015-03-24 20:21:52 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-03-24 20:21:52 ----A---- C:\Windows\system32\d3d10warp.dll
2015-03-24 20:21:51 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2015-03-24 20:21:51 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2015-03-24 20:21:51 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2015-03-24 20:21:51 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2015-03-24 20:21:51 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2015-03-24 20:21:51 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-03-24 20:21:51 ----A---- C:\Windows\system32\KBDYAK.DLL
2015-03-24 20:21:51 ----A---- C:\Windows\system32\KBDTAT.DLL
2015-03-24 20:21:51 ----A---- C:\Windows\system32\KBDRU1.DLL
2015-03-24 20:21:51 ----A---- C:\Windows\system32\KBDRU.DLL
2015-03-24 20:21:51 ----A---- C:\Windows\system32\KBDBASH.DLL
2015-03-24 20:21:51 ----A---- C:\Windows\explorer.exe
2015-03-24 20:21:50 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2015-03-24 20:21:50 ----A---- C:\Windows\SYSWOW64\esent.dll
2015-03-24 20:21:50 ----A---- C:\Windows\system32\fsutil.exe
2015-03-24 20:21:50 ----A---- C:\Windows\system32\esent.dll
2015-03-24 20:21:50 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2015-03-24 20:21:50 ----A---- C:\Windows\system32\drivers\nvstor.sys
2015-03-24 20:21:50 ----A---- C:\Windows\system32\drivers\nvraid.sys
2015-03-24 20:21:50 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2015-03-24 20:21:50 ----A---- C:\Windows\system32\drivers\amdxata.sys
2015-03-24 20:21:50 ----A---- C:\Windows\system32\drivers\amdsata.sys
2015-03-24 20:21:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-24 20:21:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-24 20:21:24 ----A---- C:\Windows\system32\spoolsv.exe
2015-03-24 20:21:24 ----A---- C:\Windows\splwow64.exe
2015-03-24 20:21:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-24 20:18:24 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-24 20:18:24 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-24 20:16:07 ----D---- C:\Windows\SYSWOW64\Wat
2015-03-24 20:16:07 ----D---- C:\Windows\system32\Wat
2015-03-24 18:03:50 ----D---- C:\Users\Dell\AppData\Roaming\Adobe
2015-03-24 18:03:49 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

======List of files/folders modified in the last 1 month======

2015-04-13 20:36:31 ----D---- C:\Windows\Temp
2015-04-13 20:31:48 ----D---- C:\Windows\System32
2015-04-13 20:31:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-13 20:31:47 ----D---- C:\Windows\inf
2015-04-13 20:27:10 ----D---- C:\Windows\system32\config
2015-04-13 20:22:08 ----D---- C:\Windows
2015-04-13 20:22:08 ----A---- C:\Windows\system.ini
2015-04-13 20:22:03 ----D---- C:\Windows\system32\drivers\etc
2015-04-13 20:21:45 ----D---- C:\ProgramData
2015-04-13 20:20:26 ----D---- C:\Windows\SYSWOW64\drivers
2015-04-13 20:20:26 ----D---- C:\Windows\SysWOW64
2015-04-13 20:20:26 ----D---- C:\Windows\AppPatch
2015-04-13 20:20:25 ----D---- C:\Program Files (x86)\Common Files
2015-04-13 20:17:56 ----D---- C:\Windows\system32\drivers
2015-04-13 20:09:43 ----RD---- C:\Program Files (x86)
2015-04-13 20:09:43 ----RD---- C:\Program Files
2015-04-13 20:09:43 ----D---- C:\Windows\system32\Tasks
2015-04-13 20:07:36 ----SHD---- C:\Windows\Installer
2015-04-13 20:06:42 ----SHD---- C:\System Volume Information
2015-04-13 18:07:43 ----D---- C:\Windows\Registration
2015-04-08 22:11:13 ----D---- C:\Windows\Logs
2015-04-08 22:10:13 ----D---- C:\Windows\system32\NDF
2015-04-07 18:47:54 ----HD---- C:\Windows\system32\WLANProfiles
2015-04-07 18:08:56 ----D---- C:\Windows\winsxs
2015-04-03 19:19:45 ----D---- C:\Windows\system32\wdi
2015-03-30 20:58:56 ----SD---- C:\ProgramData\Microsoft
2015-03-30 20:58:56 ----D---- C:\Windows\system32\drivers\UMDF
2015-03-29 18:40:39 ----RSD---- C:\Windows\assembly
2015-03-29 18:38:33 ----D---- C:\Windows\Microsoft.NET
2015-03-24 20:23:12 ----RSD---- C:\Windows\Fonts
2015-03-24 20:23:12 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-03-24 20:23:12 ----D---- C:\Windows\system32\nl-NL
2015-03-24 20:23:11 ----D---- C:\Windows\system32\DriverStore
2015-03-24 20:22:37 ----D---- C:\Windows\system32\catroot2
2015-03-24 20:18:40 ----D---- C:\Windows\tracing
2015-03-24 20:17:40 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-03 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-03 271200]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-12-04 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-15 22128]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-03 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-03 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-03 442264]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-12-04 300320]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-03 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-03 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-03 136752]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-04-03 273824]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2013-05-21 496432]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-11-13 99288]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwsw00.sys [2013-05-29 11524096]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service; C:\Windows\system32\DRIVERS\ST_Accel.sys [2013-03-27 89312]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz134;cpuz134; \??\C:\Users\Dell\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-03 343336]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-07-17 626416]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-01 319376]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-11-13 169432]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-11-13 390616]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-04 1364256]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-07-17 149744]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-07-17 3377904]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-04-03 4030800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-08 116648]
S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-08 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-12 114688]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-03 148080]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-07-17 273136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-03-24 1255736]

-----------------EOF-----------------
 

 

Alvast bedankt ,

 

Matthias

[Asus]

Zodra één van de malware-experts online komt gebeurt de analyse van je logje en krijg je persoonlijke begeleiding.
 

[kape]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
• Dubbelklik op Zoek.exe om de tool te starten.
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

C:\ComboFix.txt:f
C:\Qoobox;fs
C:\DelFix.txt;f
C:\ProgramData\ohkihheilmfioeegpinjippdpfoanchk;fs
C:\ProgramData\{6a81dd68-6d02-2955-6a81-1dd686d075a1};ds
C:\Users\Dell\AppData\Roaming\BSplayer Pro;fs
C:\Users\Dell\AppData\Roaming\BSplayer;fs
C:\Program Files (x86)\IncrementFoobar;fs
C:\Program Files (x86)\9GAG Mini;fs
C:\ProgramData\jbdjgjinalbjbhldpnkndflncelmjkek;fs
C:\ProgramData\{f2b26626-e70c-704f-f2b2-26626e70989b};fs
emptyfolderscheck;delete
startupall;
filesrcm;

• Klik op de knop "More options" en vink nu de onderstaande opties aan.
• Do a Quick Scan
• Auto Clean
• De optie "Scan All Users" staat standaard aangevinkt.
• Klik nu op de knop "Run script".
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
• Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

[matt37]

Probleem lijkt nog niet beter, logje in bijlage

 

zoek-results.txt

14 april 2015 aangepast door matt37

[kape]

Download AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik op Scan.
  
• Klik vervolgens op Clean.
  
• Klik bij Herstarten Noodzakelijk op OK
  

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

• Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

[matt37]

logje in bijlage,probleem is echter nog niet opgelost

AdwCleanerS0.txt

[kape]

Ga naar de site van ESET Online Scanner.

Klik op de knop “Run ESET Online Scanner”

In een apart scherm krijg je de vraag om EsetSmartInstaller te downloaden

Klik op de link van esetsmartinstaller_enu.exe en dan start de download automatisch op.

Kies voor “Download” van dit bestand.

Klik op “uitvoeren” van dit bestand esetsmartinstaller_enu.exe

Zet een vinkje bij “YES, I accept the Terms of Use”

Klik op “Start”

Klik op "Advanced settings"

Zet een vinkje bij de volgende opties:

• Remove found threats
  
• Scan archives
  
• Scan for potentially unwanted applications
  
• Scan for potentially unsafe applications
  
• Enable Anti-Stealth technology
  

Klik op “Start”

De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.

Je mag het venster sluiten wanneer de scan klaar is.

Post het geopende logje in het volgende bericht als bijlage. Dit logje vind je op de locatie C:\Program Files\Eset\EsetOnlineScanner\log.txt

[matt37]

Deze scanner heeft wel wat gevonden, maar het probleem is er nog, logje in bijlage.

log.txt

[kape]

Download MalwareBytes Anti-Malware bij voorkeur naar het bureaublad.

• Dubbelklik op mbam-setup-2.0.exe om de installatie van Malwarebytes Anti-Malware te starten.
  
• Volg de verdere aanwijzingen, de volledige installatieprocedure kunt u nalezen op de volgende link - Malwarebytes Anti-Malware installeren.
  
• Klik vervolgens bovenin het scherm op Scan.
  
• Kies vervolgens de Aangepaste scan en klik op Scan nu.
  
  • Plaats vervolgens een vinkje bij de optie Scan naar rootkits.
    
  • Selecteer in het rechter venster alle aanwezige harde schijven en partities.
    

  [*]Klik vervolgens op de knop Start scan om de aangepaste uit te voeren.

  [*]Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.

  [*]De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.

  [*]Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.

  • Klik vervolgens op de knop Acties toepassen, bij de melding dat uw computer opnieuw opgestart moet worden klikt u op Nee.
    
  • Klik vervolgens op de knop Bekijk gedetailleerd logboek en klik op de knop exporteer en kies de optie tekstbestand (*.txt).
    
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog en klik vervolgens op de knop Opslaan.
    
  • Dit bestand zal standaard op uw bureaublad worden opgeslagen.
    

MalwareBytes' Anti-Malware logbestand plaatsen

• Voeg het logbestand wat u zojuist heeft opgeslagen als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in Malwarebytes Anti-Malware bij Historie > Programmalogboeken)
  
• Plaats de inhoud van dit logbestand in het volgende bericht.
  

Wil je meer uitleg - in beeld en geluid - over de werking van Malwarebytes, bekijk dan onze eigen PCH-video hier.