1. Deze website gebruikt cookies. Door deze website verder te gebruiken, gaat u akkoord met ons gebruik van cookies. Leer Meer.

Flippend toetsenbord?

Discussie in 'Opgeloste / Inactieve HJT-logs' gestart door Python99, 9 apr 2014.

Discussie Flippend toetsenbord? in het Opgeloste / Inactieve HJT-logs forum op nationaalcomputerforum.nl/.

Topicstatus:
Niet open voor verdere reacties.
  1. Python99

    Python99 Gevestigd lid

    hallo allemaal

    ik heb laats mijn computer een 'clean sweep' gegeven. Deels omdat dat beter is voor de harde schijf (toch?), deels omdat er een virus op zat:mellow:
    Nu doet ie het weer prima, op een ding na: Af en toe, op de meest random momenten, begint het toetsenbord raar te doen. Als ik probeer te typen, typt hij sommige toetsen helemaal niet, en andere toetsen typen iets hl anders dan dat ze moeten doen. Een R wordt bijvoorbeeld een , een A wordt een @, en zo voort. Er gebeuren ook andere dingen, zodra het toetsenbord raar begint te doen:
    -Als ik door mijn bestanden probeer te komen, moet ik alles handmatig openen (rechtermuisknop, openen). Als ik dit doe, opent hij een venster. Een normale dubbelklik wordt beschouwd als een (rechtermuisknop, eigenschappen)
    -In een webbrowser, als ik op een link klik, opent hij de link altijd in een nieuw tabblad. Als ik vervolgens van tabbladen switch,dan 'vervaalt' het oude tabblad (het wordt helemaal onscherp. Ik moet dan 1 keer klikken op het tabblad, en dan doet hij het weer.
    Ik heb al meerdere virusscans gedaan, maar hij vond niks. Het begint ondertussen irritant te worden, en weet niet meer waar ik aan moet denken. Daarom vraag ik: Weet iemand hier wat het kan zijn? Ik heb al verhalen gehoord van andere mensen die hetzelfde hebben gehad, maar wisten niet meer wat ze nou precies deden om het weer te fixen.

    Groetjes

    Python99


    edit: Ik heb twee toetsenborden aan mijn computer hangen, 1 via usb, en 1 via dat 'ouderwetse' gedoe:wink:. Ik weet niet of dat nog wat uitmaakt
     
    Laatst bewerkt: 9 apr 2014
  2. OB1

    OB1 Ps3: cL_OliverB (Bo1+Bo2)

    Welke scans heb je gedaan?
    Heb je het bij beide toetsenborden?

    Verstuurd van mijn GT-S5839i met Tapatalk
     
  3. Python99

    Python99 Gevestigd lid

    gewoon mijn computer gescand met AVG
    ja, bij beide toetsenborden gebeurt precies het zelfde
     
  4. OB1

    OB1 Ps3: cL_OliverB (Bo1+Bo2)

    Download de setup van MalwareBytes Anti-Malware naar het bureaublad.

    • Dubbelklik op mbam-setup-2.0.exe om de installatie van Malwarebytes Anti-Malware te starten.
    • Volg de verdere aanwijzingen, de volledige installatieprocedure kunt u nalezen op de volgende link - Malwarebytes Anti-Malware installeren.

    • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
    • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
    • De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.
    • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
      • Klik vervolgens op de knop Acties toepassen, bij de melding dat uw computer opnieuw opgestart moet worden klikt u op Nee.
      • Klik vervolgens op de knop Bekijk gedetailleerd logboek en klik op de knop exporteer en kies de optie tekstbestand (*.txt).
      • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog en klik vervolgens op de knop Opslaan.
      • Dit bestand zal standaard op uw bureaublad worden opgeslagen.
    [​IMG]
    Post de inhoud van het logbestand in een volgend bericht, gewoon via kopiren > plakken
     
  5. Python99

    Python99 Gevestigd lid

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 11-4-2014
    Scan Time: 13:27:43
    Logfile: .log
    Administrator: Yes

    Version: 2.00.1.1004
    Malware Database: v2014.04.11.06
    Rootkit Database: v2014.03.27.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Chameleon: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Gebruiker

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 252982
    Time Elapsed: 9 min, 28 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Shuriken: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 4
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [4bc74fdabcbff046c102f7a0e71cb64a],
    PUP.Optional.Qone8.A, HKLM\SOFTWARE\WOW6432NODE\qone8Software, , [ba58d752d2a90a2c0c624056d42fe020],
    PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [44ce6fbaa1da80b63c874354b54e3cc4],
    PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, , [cf43c168a9d2082ea6c87101c2407a86],

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 10
    PUP.Optional.Qone8.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (Chrome.exe), Bad: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[5db567c2eb90ea4c8fecff1f679d9b65]
    PUP.Optional.Qone8, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[b0625dccc6b54cea517ca97408fc659b]
    Hijack.StartPage, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (http://www.google.com), Bad: (http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[1002a28790ebda5c49e9b36144c08f71]
    Hijack.StartPage, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (http://www.google.com), Bad: (http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[a66c6cbd78039b9b17190c08768e44bc]
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[a0722dfc4c2fad897d5139e4c3414fb1]
    PUP.Optional.Qone8.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (Chrome.exe), Bad: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[8c86a08985f61422b0cbd04e887c817f]
    PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[42d050d9d8a39b9bf0ddea333cc838c8]
    Hijack.StartPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (http://www.google.com), Bad: (http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[49c9fe2b3447c0760c26b16349bbf808]
    Hijack.StartPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (http://www.google.com), Bad: (http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[5db5cd5c6e0de94d57d9e82ce024cc34]
    PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[060cb178c5b6d462e5e9f4296b9907f9]

    Folders: 26
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\img, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\img\weather, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\js, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\en-US, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\es-419, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\es-ES, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\fr-BE, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\fr-CA, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\fr-CH, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\fr-FR, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\fr-LU, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\it-CH, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\it-IT, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\pl, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\pt-BR, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\ru, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\ru-MO, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\tr-TR, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\vi-VI, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\zh-CN, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\zh-TW, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.IePluginService.A, C:\PROGRAMDATA\IePluginService, , [ca48ae7bec8faa8c70b84517e31ff50b],
    PUP.Optional.IePluginService.A, C:\PROGRAMDATA\IePluginService\update, , [ca48ae7bec8faa8c70b84517e31ff50b],

    Files: 57
    PUP.Optional.OpenCandy, C:\$Recycle.Bin\S-1-5-21-1914704134-3901138233-515259785-1000\$RZFUH38.exe, , [c84aae7b611ac3738894c081b84c827e],
    PUP.Optional.OneClickDownloader.A, C:\Users\Gebruiker\Downloads\Garrys_Mod_13_v153_rar.exe, , [d63c41e85526b08608c1c14a2ed308f8],
    PUP.Optional.SkyTech.A, C:\Users\Gebruiker\AppData\Local\Temp\nssF5A6.tmp\ild_qone8.exe, , [71a1ca5f730867cffd0a3e1253aed030],
    PUP.Optional.SkyTech.A, C:\Users\Gebruiker\AppData\Local\Temp\fullpackage_temp1397215376\alilog.dll, , [5bb7d356dc9fbc7a24ee83af8080d030],
    PUP.Optional.SkyTech.A, C:\Users\Gebruiker\AppData\Local\Temp\fullpackage_temp1397215376\package1.zip, , [38da36f33a4165d118fab979ee126f91],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\search.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\sliders.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, , [858dc06962195adc82ef1959b34ffb05],
    PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, , [cf43c168a9d2082ea6c87101c2407a86],
    PUP.Optional.Qone8.A, C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "chrome://apps/", "http://www.google.com/", "http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A" ],), ,[f91934f56b102016ff54b6939d67ac54]

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  6. OB1

    OB1 Ps3: cL_OliverB (Bo1+Bo2)

    Ik laat dit topic door abbs of Abraham overnemen aangezien jij adware hebt.
     
  7. Abraham54

    Abraham54 Administrator

    Download [​IMG] ComboFix via n van deze locaties:
    Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!

    Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
    Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    Opmerkingen:
    • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
    ComboFix opstarten:
    • Windows Vista, Windows 7 en Windows 8: via rechtsklik op ComboFix.exe en kies voor "Als Administrator uitvoeren".
    ComboFix is opgestart:
    • Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    • Combofix sluit tijdens de scan de internet verbinding probeer deze tussentijds niet te herstellen!
    • Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    • Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    • Post de inhoud van dit logbestand via DDRMMR's kleurcodeerder in je volgende bericht.
    • Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt
    Belangrijke opmerking:
    • Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
    • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
    • Start dan de computer opnieuw op.
     
  8. Python99

    Python99 Gevestigd lid

    [hjt]
    combofix 14-04-09.02 - gebruiker 11-04-2014 19:23:34.1.4 - x64
    microsoft windows 7 ultimate 6.1.7601.1.1252.31.1043.18.7671.5755 [gmt 2:00]
    gestart vanuit: c:\users\gebruiker\desktop\combofix.exe
    av: avg internet security 2014 *disabled/updated* {0e9420c4-06b3-7fa0-3ab1-6e49cb52ecd9}
    fw: avg internet security 2014 *enabled* {36afa1e1-4cdc-7ef8-11ee-c77c3581aba2}
    sp: avg internet security 2014 *disabled/updated* {b5f5c120-2089-702e-0001-553bb0d5a664}
    sp: windows defender *disabled/outdated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
    * nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((( bestanden gemaakt van 2014-03-11 to 2014-04-11 ))))))))))))))))))))))))))))))
    .
    .
    2014-04-11 17:30 . 2014-04-11 17:30 -------- d-----w- c:\users\default\appdata\local\temp
    2014-04-11 17:02 . 2014-04-11 17:02 -------- d--h--w- c:\program files (x86)\common files\eainstaller
    2014-04-11 17:00 . 2014-04-11 17:05 -------- d-----w- c:\program files (x86)\tank inspector
    2014-04-11 12:45 . 2014-04-11 12:47 -------- d-----w- c:\program files (x86)\origin games
    2014-04-11 11:23 . 2014-04-11 11:24 -------- d-----w- c:\programdata\wpm
    2014-04-11 11:17 . 2014-04-11 11:32 119512 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2014-04-11 11:17 . 2014-04-11 11:17 -------- d-----w- c:\programdata\malwarebytes
    2014-04-10 11:35 . 2014-04-10 11:35 -------- d-----w- c:\programdata\mcafee
    2014-04-09 17:27 . 2014-04-09 17:27 -------- d-----w- c:\program files\autodesk
    2014-04-09 17:14 . 2014-04-10 11:54 -------- d-----w- c:\programdata\boost_interprocess
    2014-04-09 17:12 . 2014-04-09 17:12 -------- d-----w- c:\programdata\flexnet
    2014-04-09 17:10 . 2014-04-09 17:10 -------- d-----w- c:\program files (x86)\common files\macrovision shared
    2014-04-09 17:07 . 2014-04-09 17:10 -------- d-----w- c:\program files (x86)\common files\autodesk shared
    2014-04-09 16:22 . 2014-04-09 16:22 -------- d-----w- c:\autodesk
    2014-04-09 14:23 . 2014-04-09 14:23 -------- d-----w- c:\program files (x86)\gemm
    2014-04-03 14:28 . 2014-04-03 14:28 -------- d-----w- c:\program files (x86)\craft animations
    2014-04-03 14:26 . 2014-04-03 14:26 -------- d-----w- c:\program files (x86)\allegorithmic
    2014-04-03 14:25 . 2014-04-09 17:11 -------- d-----w- c:\program files (x86)\autodesk
    2014-04-03 14:25 . 2014-04-09 17:13 -------- d-----w- c:\programdata\autodesk
    2014-04-01 15:06 . 2014-04-01 17:37 -------- d-----w- c:\apps
    2014-04-01 14:19 . 2014-04-01 14:42 -------- d-----w- c:\program files\blender foundation
    2014-04-01 14:17 . 2014-04-09 16:55 -------- d-----w- c:\program files (x86)\niftools
    2014-03-28 19:42 . 2014-03-29 13:23 2106216 ----a-w- c:\windows\syswow64\d3dcompiler_43.dll
    2014-03-28 19:42 . 2014-03-29 13:24 -------- d-----w- c:\programdata\razer
    2014-03-28 19:42 . 2014-03-29 13:24 -------- d-----w- c:\program files (x86)\razer
    2014-03-28 19:04 . 2014-04-03 14:29 -------- d-----w- c:\windows\system32\appmgmt
    2014-03-28 17:35 . 2014-03-28 17:35 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
    2014-03-28 17:35 . 2014-03-28 17:35 -------- d-----w- c:\program files (x86)\daemon tools lite
    2014-03-28 17:34 . 2014-03-28 18:47 -------- d-----w- c:\programdata\daemon tools lite
    2014-03-27 11:45 . 2014-03-27 11:45 -------- d-----w- c:\program files (x86)\common files\skype
    2014-03-27 11:45 . 2014-03-27 11:45 -------- d-----r- c:\program files (x86)\skype
    2014-03-27 11:45 . 2014-03-27 11:45 -------- d-----w- c:\programdata\skype
    2014-03-18 14:03 . 2014-04-10 11:35 70832 ----a-w- c:\windows\syswow64\flashplayercplapp.cpl
    2014-03-18 14:03 . 2014-04-10 11:35 692400 ----a-w- c:\windows\syswow64\flashplayerapp.exe
    2014-03-18 14:03 . 2014-03-18 14:03 -------- d-----w- c:\windows\syswow64\macromed
    2014-03-18 14:03 . 2014-03-18 14:03 -------- d-----w- c:\windows\system32\macromed
    2014-03-16 13:22 . 2014-03-16 13:22 -------- d-----w- c:\program files\microsoft silverlight
    2014-03-16 13:22 . 2014-03-16 13:22 -------- d-----w- c:\program files (x86)\microsoft silverlight
    2014-03-16 09:29 . 2014-03-27 16:19 -------- d--h--w- c:\windows\msdownld.tmp
    2014-03-16 09:29 . 2014-04-11 16:51 -------- d-----w- c:\spellen
    2014-03-15 18:24 . 2014-03-28 19:43 -------- d-----w- c:\programdata\avg2014
    2014-03-15 18:24 . 2014-03-15 18:24 -------- d-----w- c:\$avg
    2014-03-15 18:24 . 2014-03-15 18:24 -------- d-----w- c:\program files (x86)\avg
    2014-03-15 18:22 . 2014-04-11 16:18 -------- d-----w- c:\programdata\mfadata
    2014-03-15 18:22 . 2014-03-15 18:22 -------- d--h--w- c:\programdata\common files
    2014-03-15 14:00 . 2014-03-15 14:01 -------- d-----w- c:\boss
    2014-03-15 14:00 . 2014-03-15 14:00 -------- d-----w- c:\windows\syswow64\files
    2014-03-15 13:59 . 2014-03-15 13:59 -------- d-----w- c:\windows\syswow64\skyprocdebug
    2014-03-15 13:59 . 2014-03-15 13:59 -------- d-----w- c:\programdata\oracle
    2014-03-15 13:59 . 2014-03-15 13:59 -------- d-----w- c:\program files (x86)\common files\java
    2014-03-15 13:59 . 2014-03-15 13:59 96168 ----a-w- c:\windows\syswow64\windowsaccessbridge-32.dll
    2014-03-15 13:59 . 2014-03-15 13:59 -------- d-----w- c:\program files (x86)\java
    2014-03-15 13:44 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-nl\wdf01000.sys.mui
    2014-03-15 13:23 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
    2014-03-15 13:15 . 2014-03-15 13:16 -------- d-----w- c:\windows\system32\mrt
    2014-03-15 13:14 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\wudfpf.sys
    2014-03-15 13:14 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\wudfrd.sys
    2014-03-15 13:14 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\wudfhost.exe
    2014-03-15 13:14 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\wudfsvc.dll
    2014-03-15 13:14 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\wudfx.dll
    2014-03-15 13:14 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\wudfcoinstaller.dll
    2014-03-15 13:14 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\wudfplatform.dll
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\syswow64\en
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\syswow64\drivers\umdf\en-us
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\syswow64\0409
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\syswow64\wbem\en-us
    2014-03-15 13:08 . 2014-03-15 14:10 -------- d-----w- c:\windows\system32\drivers\en-us
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\system32\en
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\system32\drivers\umdf\en-us
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\system32\0409
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\system32\wbem\en-us
    2014-03-15 13:03 . 2009-07-13 17:30 3584 ----a-w- c:\windows\system32\spool\prtprocs\x64\en-us\lxkptprc.dll.mui
    2014-03-15 12:59 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\syswow64\d3d11.dll
    2014-03-15 12:58 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll
    2014-03-15 12:48 . 2013-10-12 02:25 832000 ----a-w- c:\windows\system32\nshwfp.dll
    2014-03-15 12:48 . 2013-10-12 02:24 861184 ----a-w- c:\windows\system32\ikeext.dll
    2014-03-15 12:48 . 2013-10-12 02:24 324096 ----a-w- c:\windows\system32\fwpuclnt.dll
    2014-03-15 12:48 . 2013-10-12 02:23 706560 ----a-w- c:\windows\system32\bfe.dll
    2014-03-15 12:48 . 2013-10-12 01:57 657920 ----a-w- c:\windows\syswow64\nshwfp.dll
    2014-03-15 12:48 . 2013-10-12 01:56 216576 ----a-w- c:\windows\syswow64\fwpuclnt.dll
    2014-03-14 19:44 . 2014-04-09 14:34 -------- d-----w- c:\games
    2014-03-14 19:43 . 2014-03-14 19:43 -------- d-----w- c:\program files\nexus mod manager
    2014-03-14 17:44 . 2014-04-11 17:15 -------- d-----w- c:\programdata\origin
    2014-03-14 17:44 . 2014-03-14 17:44 -------- d-----w- c:\programdata\electronic arts
    2014-03-14 17:44 . 2014-04-11 12:45 -------- d-----w- c:\program files (x86)\origin
    2014-03-14 17:43 . 2014-04-11 17:15 -------- d-----w- c:\program files (x86)\steam
    2014-03-14 17:43 . 2014-04-10 19:11 -------- d-----w- c:\program files (x86)\common files\steam
    2014-03-14 17:38 . 2009-04-10 19:58 14720 ----a-w- c:\windows\system32\drivers\valofltr.sys
    2014-03-14 17:38 . 2014-03-14 17:38 -------- d-----w- c:\program files (x86)\roccat
    2014-03-14 17:37 . 2014-03-14 17:37 -------- d-----w- c:\program files (x86)\mad catz
    2014-03-14 17:34 . 2014-03-14 17:34 -------- d-----w- c:\program files (x86)\amd avt
    2014-03-14 17:34 . 2014-03-14 17:34 -------- d-----w- c:\program files (x86)\amd
    2014-03-14 17:34 . 2014-03-14 17:34 -------- d-----w- c:\program files (x86)\common files\ati technologies
    2014-03-14 17:34 . 2014-03-14 17:34 -------- d-----w- c:\program files\ati technologies
    2014-03-14 17:33 . 2014-03-14 17:33 -------- d-----w- c:\programdata\ati
    2014-03-14 17:33 . 2014-03-14 17:34 -------- d-----w- c:\program files\amd
    2014-03-14 17:33 . 2014-03-14 17:33 -------- d-----w- c:\program files\common files\ati technologies
    2014-03-14 17:30 . 2014-03-14 17:30 -------- d-----w- c:\program files (x86)\microsoft.net
    2014-03-14 17:30 . 2014-03-15 14:00 -------- d-----w- c:\programdata\package cache
    2014-03-14 17:29 . 2014-03-14 17:29 -------- d-----w- c:\amd
    2014-03-14 16:24 . 2014-03-14 16:24 -------- d-----w- c:\programdata\smarttechnology
    2014-03-14 16:24 . 2014-03-14 16:24 -------- d-----w- c:\program files\smarttechnology
    2014-03-14 16:23 . 2014-03-14 16:23 -------- d-----w- c:\program files\winrar
    2014-03-14 16:00 . 2014-04-11 13:41 -------- d-----w- c:\program files (x86)\google
    2014-03-14 15:59 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
    2014-03-14 15:59 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
    2014-03-14 15:59 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
    2014-03-14 15:59 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
    2014-03-14 15:59 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
    2014-03-14 15:59 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
    2014-03-14 15:59 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
    2014-03-14 15:59 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
    2014-03-14 15:59 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
    2014-03-14 15:57 . 2014-03-14 15:57 -------- d-----w- c:\windows\options
    2014-03-14 15:57 . 2011-08-31 12:55 2736640 ----a-w- c:\windows\system32\drivers\athrx.sys
    2014-03-14 15:57 . 2011-08-31 12:55 2736640 ----a-w- c:\windows\system32\athrx.sys
    2014-03-14 15:57 . 2014-03-14 15:57 -------- d-----w- c:\programdata\tp-link
    2014-03-14 15:56 . 2014-03-14 15:56 0 ----a-w- c:\windows\ativpsrm.bin
    2014-03-14 15:53 . 2014-03-14 15:53 -------- d-----w- c:\windows\syswow64\rtcom
    2014-03-14 15:53 . 2014-03-14 15:53 -------- d-----w- c:\program files\realtek
    2014-03-14 15:51 . 2014-03-14 17:34 -------- d-----w- c:\programdata\amd
    2014-03-14 15:51 . 2010-02-18 08:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
    2014-03-14 15:51 . 2014-03-14 15:51 -------- dc----w- c:\windows\system32\drvstore
    2014-03-14 15:51 . 2010-12-15 15:06 47232 ----a-r- c:\windows\system32\drivers\usbfilter.sys
    2014-03-14 15:51 . 2011-07-28 09:01 58880 ----a-w- c:\windows\system32\coinst.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-03-02 13:05 . 2012-03-04 16:19 90015360 ----a-w- c:\windows\system32\mrt.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    regedit4
    .
    [hkey_current_user\software\microsoft\windows\currentversion\run]
    "sidebar"=c:\program files\windows sidebar\sidebar.exe [2010-11-21 1475584]
    "daemon tools lite"=c:\program files (x86)\daemon tools lite\dtlite.exe [2014-03-04 3696912]
    .
    [hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run]
    "adobe arm"=c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-11-21 959904]
    "startccc"=c:\program files (x86)\ati technologies\ati.ace\core-static\amd64\clistart.exe [2013-12-06 766208]
    "roccatvalo"=c:\program files (x86)\roccat\valo keyboard\valomonitor.exe [2009-12-16 196608]
    "sunjavaupdatesched"=c:\program files (x86)\common files\java\java update\jusched.exe [2013-07-02 254336]
    "avg_ui"=c:\program files (x86)\avg\avg2014\avgui.exe [2014-03-19 4971024]
    .
    c:\programdata\microsoft\windows\start menu\programs\startup\
    rat 9 charge indicator.lnk - c:\windows\installer\{e351a4ac-5d5d-4748-a2fe-310ec70f3e05}\_cd6d2b41032fc8a5bf211a.exe [2014-3-14 75993]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
    "consentpromptbehavioradmin"= 0 (0x0)
    "consentpromptbehavioruser"= 0 (0x0)
    "enablelua"= 0 (0x0)
    "enableuiadesktoptoggle"= 0 (0x0)
    .
    [hkey_current_user\software\microsoft\windows\currentversion\policies\explorer]
    "noresolvetrack"= 1 (0x1)
    .
    r2 avgidsagent;avgidsagent;c:\program files (x86)\avg\avg2014\avgidsagent.exe;c:\program files (x86)\avg\avg2014\avgidsagent.exe [x]
    r2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [x]
    r2 mi-raysat_3dsmax2012_32;mental ray 3.9 satellite for autodesk 3ds max 2012 32-bit - english 32-bit;c:\program files (x86)\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe;c:\program files (x86)\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe [x]
    r2 skypeupdate;skype updater;c:\program files (x86)\skype\updater\updater.exe;c:\program files (x86)\skype\updater\updater.exe [x]
    r3 amdiox64;amd io driver;c:\windows\system32\drivers\amdiox64.sys;c:\windows\sysnative\drivers\amdiox64.sys [x]
    r3 b06diag;broadcom netxtreme ii diag driver;c:\windows\system32\drivers\bxdiaga.sys;c:\windows\sysnative\drivers\bxdiaga.sys [x]
    r3 bfn7x64;bigfoot networks killer gaming service;c:\windows\system32\drivers\xeno7x64.sys;c:\windows\sysnative\drivers\xeno7x64.sys [x]
    r3 bfnvis64;bigfoot networks killer gaming service;c:\windows\system32\drivers\xenova64.sys;c:\windows\sysnative\drivers\xenova64.sys [x]
    r3 bxois;bxois;c:\windows\system32\drivers\bxois.sys;c:\windows\sysnative\drivers\bxois.sys [x]
    r3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\sysnative\drivers\dmvsc.sys [x]
    r3 iamtve;stuurprogramma voor intel(r) active management technology - kcs;c:\windows\system32\drivers\iamtve.sys;c:\windows\sysnative\drivers\iamtve.sys [x]
    r3 iamtxpe;stuurprogramma voor intel(r) active management technology - kcs;c:\windows\system32\drivers\iamtxpe.sys;c:\windows\sysnative\drivers\iamtxpe.sys [x]
    r3 ifcoemp;ifcoemp;c:\windows\system32\drivers\ifm60x64.sys;c:\windows\sysnative\drivers\ifm60x64.sys [x]
    r3 ifcoevb;ifcoevb;c:\windows\system32\drivers\ifp60x64.sys;c:\windows\sysnative\drivers\ifp60x64.sys [x]
    r3 ioatdma1;ioatdma1;c:\windows\system32\drivers\qd162x64.sys;c:\windows\sysnative\drivers\qd162x64.sys [x]
    r3 ioatdma2;intel(r) quickdata technology device ver.2;c:\windows\system32\drivers\qd262x64.sys;c:\windows\sysnative\drivers\qd262x64.sys [x]
    r3 msicdsetup;msicdsetup;e:\cdriver64.sys;e:\cdriver64.sys [x]
    r3 ntiolib_1_0_c;ntiolib_1_0_c;e:\ntiolib_x64.sys;e:\ntiolib_x64.sys [x]
    r3 rdpvideominiport;remote desktop video miniport driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\sysnative\drivers\rdpvideominiport.sys [x]
    r3 rtl8192su;realtek rtl8192su wireless lan 802.11n usb 2.0 network adapter;c:\windows\system32\drivers\rtl8192su.sys;c:\windows\sysnative\drivers\rtl8192su.sys [x]
    r3 synth3dvsc;microsoft virtual 3d video transport driver;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\sysnative\drivers\synth3dvsc.sys [x]
    r3 terminpt;microsoft remote desktop input driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\sysnative\drivers\terminpt.sys [x]
    r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\sysnative\drivers\tsusbflt.sys [x]
    r3 tsusbgd;remote desktop generic usb device;c:\windows\system32\drivers\tsusbgd.sys;c:\windows\sysnative\drivers\tsusbgd.sys [x]
    r3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\sysnative\drivers\tsusbhub.sys [x]
    r3 vgpu;vgpu;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\sysnative\drivers\rdvgkmd.sys [x]
    s0 avgidsha;avgidsha;c:\windows\system32\drivers\avgidsha.sys;c:\windows\sysnative\drivers\avgidsha.sys [x]
    s0 avgloga;avg logging driver;c:\windows\system32\drivers\avgloga.sys;c:\windows\sysnative\drivers\avgloga.sys [x]
    s0 avgmfx64;avg mini-filter resident anti-virus shield;c:\windows\system32\drivers\avgmfx64.sys;c:\windows\sysnative\drivers\avgmfx64.sys [x]
    s0 avgrkx64;avg anti-rootkit driver;c:\windows\system32\drivers\avgrkx64.sys;c:\windows\sysnative\drivers\avgrkx64.sys [x]
    s1 avgdiska;avg disk driver;c:\windows\system32\drivers\avgdiska.sys;c:\windows\sysnative\drivers\avgdiska.sys [x]
    s1 avgfwfd;avg network filter service;c:\windows\system32\drivers\avgfwd6a.sys;c:\windows\sysnative\drivers\avgfwd6a.sys [x]
    s1 avgidsdriver;avgidsdriver;c:\windows\system32\drivers\avgidsdrivera.sys;c:\windows\sysnative\drivers\avgidsdrivera.sys [x]
    s1 avgldx64;avg avi loader driver;c:\windows\system32\drivers\avgldx64.sys;c:\windows\sysnative\drivers\avgldx64.sys [x]
    s1 avgtdia;avg tdi driver;c:\windows\system32\drivers\avgtdia.sys;c:\windows\sysnative\drivers\avgtdia.sys [x]
    s1 dtsoftbus01;daemon tools virtual bus driver;c:\windows\system32\drivers\dtsoftbus01.sys;c:\windows\sysnative\drivers\dtsoftbus01.sys [x]
    s2 amd external events utility;amd external events utility;c:\windows\system32\atiesrxx.exe;c:\windows\sysnative\atiesrxx.exe [x]
    s2 amd fuel service;amd fuel service;c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe;c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe [x]
    s2 aoddriver4.2.0;aoddriver4.2.0;c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys;c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys [x]
    s2 avgfws;avg firewall;c:\program files (x86)\avg\avg2014\avgfws.exe;c:\program files (x86)\avg\avg2014\avgfws.exe [x]
    s2 avgwd;avg watchdog;c:\program files (x86)\avg\avg2014\avgwdsvc.exe;c:\program files (x86)\avg\avg2014\avgwdsvc.exe [x]
    s3 atihdaudioservice;amd function driver for hd audio service;c:\windows\system32\drivers\atihdw76.sys;c:\windows\sysnative\drivers\atihdw76.sys [x]
    s3 rtl8167;realtek 8167 nt driver;c:\windows\system32\drivers\rt64win7.sys;c:\windows\sysnative\drivers\rt64win7.sys [x]
    s3 saik0cfa;saik0cfa;c:\windows\system32\drivers\saik0cfa.sys;c:\windows\sysnative\drivers\saik0cfa.sys [x]
    s3 saiu0cfa;saiu0cfa;c:\windows\system32\drivers\saiu0cfa.sys;c:\windows\sysnative\drivers\saiu0cfa.sys [x]
    s3 usbfilter;amd usb filter driver;c:\windows\system32\drivers\usbfilter.sys;c:\windows\sysnative\drivers\usbfilter.sys [x]
    s3 valfltr;roccat valo keyboard;c:\windows\system32\drivers\valofltr.sys;c:\windows\sysnative\drivers\valofltr.sys [x]
    .
    .
    [hkey_local_machine\software\wow6432node\microsoft\active setup\installed components\{8a69d345-d564-463c-aff1-a69d9e530f96}]
    2014-04-11 13:42 1077576 ----a-w- c:\program files (x86)\google\chrome\application\34.0.1847.116\installer\chrmstp.exe
    .
    inhoud van de 'gedeelde taken' map
    .
    2014-04-11 c:\windows\tasks\adobe flash player updater.job
    - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe [2014-03-18 11:35]
    .
    2014-04-11 c:\windows\tasks\googleupdatetaskmachinecore.job
    - c:\program files (x86)\google\update\googleupdate.exe [2014-04-11 13:41]
    .
    2014-04-11 c:\windows\tasks\googleupdatetaskmachineua.job
    - c:\program files (x86)\google\update\googleupdate.exe [2014-04-11 13:41]
    .
    .
    --------- x64 entries -----------
    .
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\run]
    "rthdvcpl"=c:\program files\realtek\audio\hda\rtkngui64.exe [2012-05-08 6470760]
    "profileru"=c:\program files\smarttechnology\software\profileru.exe [2013-04-16 454144]
    "saimfd"=c:\program files\smarttechnology\software\saimfd.exe [2013-04-16 158208]
    .
    ------- bijkomende scan -------
    .
    ulocal page = c:\windows\system32\blank.htm
    ustart page = hxxp://www.google.com
    udefault_search_url = hxxp://www.qone8.com/web/?type=ds&ts=1397215390&from=ild&uid=st31000524as_9vpgjp5axxxx9vpgjp5a&q={searchterms}
    mdefault_search_url = hxxp://www.qone8.com/web/?type=ds&ts=1397215390&from=ild&uid=st31000524as_9vpgjp5axxxx9vpgjp5a&q={searchterms}
    mdefault_page_url = hxxp://www.google.com
    mstart page = hxxp://www.google.com
    mlocal page = c:\windows\syswow64\blank.htm
    msearch page = hxxp://www.qone8.com/web/?type=ds&ts=1397215390&from=ild&uid=st31000524as_9vpgjp5axxxx9vpgjp5a&q={searchterms}
    tcp: dhcpnameserver = 212.54.40.25 212.54.35.25
    .
    - - - - orphans verwijderd - - - -
    .
    toolbar-locked - (no file)
    toolbar-locked - (no file)
    .
    .
    .
    --------------------- vergrendelde register sleutels ---------------------
    .
    [hkey_local_machine\software\classes\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}]
    @denied: (a 2) (everyone)
    @="flashbroker"
    "localizedstring"="@c:\\windows\\system32\\macromed\\flash\\flashutil64_13_0_0_182_activex.exe,-101"
    .
    [hkey_local_machine\software\classes\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\elevation]
    "enabled"=dword:00000001
    .
    [hkey_local_machine\software\classes\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\localserver32]
    @=c:\\windows\\system32\\macromed\\flash\\flashutil64_13_0_0_182_activex.exe
    .
    [hkey_local_machine\software\classes\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\typelib]
    @="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
    .
    [hkey_local_machine\software\classes\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}]
    @denied: (a 2) (everyone)
    @="iflashbroker5"
    .
    [hkey_local_machine\software\classes\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}\proxystubclsid32]
    @="{00020424-0000-0000-c000-000000000046}"
    .
    [hkey_local_machine\software\classes\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}\typelib]
    @="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
    "version"="1.0"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}]
    @denied: (a 2) (everyone)
    @="flashbroker"
    "localizedstring"="@c:\\windows\\syswow64\\macromed\\flash\\flashutil32_13_0_0_182_activex.exe,-101"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\elevation]
    "enabled"=dword:00000001
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\localserver32]
    @=c:\\windows\\syswow64\\macromed\\flash\\flashutil32_13_0_0_182_activex.exe
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\typelib]
    @="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}]
    @denied: (a 2) (everyone)
    @="shockwave flash object"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\inprocserver32]
    @=c:\\windows\\syswow64\\macromed\\flash\\flash32_13_0_0_182.ocx
    "threadingmodel"="apartment"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\miscstatus]
    @="0"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\progid]
    @="shockwaveflash.shockwaveflash.13"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
    @=c:\\windows\\syswow64\\macromed\\flash\\flash32_13_0_0_182.ocx, 1"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\typelib]
    @="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\version]
    @="1.0"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
    @="shockwaveflash.shockwaveflash"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}]
    @denied: (a 2) (everyone)
    @="macromedia flash factory object"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\inprocserver32]
    @=c:\\windows\\syswow64\\macromed\\flash\\flash32_13_0_0_182.ocx
    "threadingmodel"="apartment"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\progid]
    @="flashfactory.flashfactory.1"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
    @=c:\\windows\\syswow64\\macromed\\flash\\flash32_13_0_0_182.ocx, 1"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\typelib]
    @="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\version]
    @="1.0"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
    @="flashfactory.flashfactory"
    .
    [hkey_local_machine\software\classes\wow6432node\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}]
    @denied: (a 2) (everyone)
    @="iflashbroker5"
    .
    [hkey_local_machine\software\classes\wow6432node\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}\proxystubclsid32]
    @="{00020424-0000-0000-c000-000000000046}"
    .
    [hkey_local_machine\software\classes\wow6432node\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}\typelib]
    @="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
    "version"="1.0"
    .
    [hkey_local_machine\system\controlset002\control\pcw\security]
    @denied: (full) (everyone)
    .
    voltooingstijd: 2014-04-11 19:32:15
    combofix-quarantined-files.txt 2014-04-11 17:32
    .
    pre-run: 875.058.933.760 bytes beschikbaar
    post-run: 875.898.626.048 bytes beschikbaar
    .
    - - end of file - - 3684182729dfb8e61f568e7db3a3b1e5
    a36c5e4f47e84449ff07ed3517b43a31
    [/hjt]
     
  9. Abraham54

    Abraham54 Administrator

    Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programmas\Bureau-accessoires\Kladblok (of Notepad)".

    Kopieer en plak de volgende (blauwe tekst in het code-venster) in het lege kladblokvenster.


    Code:
    [B][color=#0000FF]ClearJavaCache::
    
    Folder::
    c:\program files (x86)\common files\eainstaller
    c:\programdata\wpm
    c:\programdata\mcafee
    [/COLOR][/B]
    Sla dit kladblokbestand op je bureaublad op als CFScript.txt.

    Nu eerst de antivirus en eventuele spywarescanners deaktiveren!
    Zorg ook ervoor dat alle andere openstaande vensters gesloten zijn, ook de webbrowser.


    Sleep CFScript.txt in ComboFix.exe


    [​IMG]

    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


    Post het Combofix-log dat na het opnieuw starten wordt getoond via de kleurcodeerder!
    Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in C:\Combofix.txt

    Belangrijke opmerking:
    • Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
    • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
    • Start dan de computer opnieuw op.
     
    Laatst bewerkt: 11 apr 2014
  10. Python99

    Python99 Gevestigd lid

    [hjt]
    combofix 14-04-12.01 - gebruiker 12-04-2014 16:54:16.2.4 - x64
    microsoft windows 7 ultimate 6.1.7601.1.1252.31.1043.18.7671.5992 [gmt 2:00]
    gestart vanuit: c:\users\gebruiker\desktop\combofix.exe
    gebruikte opdracht switches :: c:\users\gebruiker\desktop\cfscript.txt
    av: avg internet security 2014 *disabled/updated* {0e9420c4-06b3-7fa0-3ab1-6e49cb52ecd9}
    fw: avg internet security 2014 *enabled* {36afa1e1-4cdc-7ef8-11ee-c77c3581aba2}
    sp: avg internet security 2014 *disabled/updated* {b5f5c120-2089-702e-0001-553bb0d5a664}
    sp: windows defender *disabled/outdated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
    * nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((((((((((((((((( andere verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\common files\eainstaller
    c:\program files (x86)\common files\eainstaller\command and conquer 3 tw and kw\cleanup.dat
    c:\program files (x86)\common files\eainstaller\command and conquer 3 tw and kw\cleanup.exe
    c:\program files (x86)\common files\eainstaller\command and conquer 3 tw and kw\gdf.dll
    c:\programdata\mcafee
    c:\programdata\mcafee\mclogs\mcuicnt\mcuicnt\mcuicnt000.log
    c:\programdata\mcafee\mclogs\partnercustom\mcchsvc\mcchsvc000.log
    c:\programdata\mcafee\mclogs\partnercustom\mcuicnt\mcuicnt000.log
    c:\programdata\mcafee\mclogs\partnercustom\securityscan_release\securityscan_release000.log
    c:\programdata\mcafee\mclogs\partnercustom\ssscheduler\ssscheduler000.log
    c:\programdata\mcafee\mclogs\securityscanner\mcuicnt\mcuicnt000.log
    c:\programdata\wpm
    c:\programdata\wpm\log\wprotectmanager_2014-04-11[13-23-49-786].log
    .
    .
    (((((((((((((((((((( bestanden gemaakt van 2014-03-12 to 2014-04-12 ))))))))))))))))))))))))))))))
    .
    .
    2014-04-12 14:59 . 2014-04-12 14:59 -------- d-----w- c:\users\default\appdata\local\temp
    2014-04-12 11:11 . 2014-04-12 11:11 -------- d-----w- c:\programdata\warthunder
    2014-04-11 17:00 . 2014-04-11 17:05 -------- d-----w- c:\program files (x86)\tank inspector
    2014-04-11 12:45 . 2014-04-11 12:47 -------- d-----w- c:\program files (x86)\origin games
    2014-04-11 11:17 . 2014-04-11 11:32 119512 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2014-04-11 11:17 . 2014-04-11 11:17 -------- d-----w- c:\programdata\malwarebytes
    2014-04-09 17:27 . 2014-04-09 17:27 -------- d-----w- c:\program files\autodesk
    2014-04-09 17:14 . 2014-04-10 11:54 -------- d-----w- c:\programdata\boost_interprocess
    2014-04-09 17:12 . 2014-04-09 17:12 -------- d-----w- c:\programdata\flexnet
    2014-04-09 17:10 . 2014-04-09 17:10 -------- d-----w- c:\program files (x86)\common files\macrovision shared
    2014-04-09 17:07 . 2014-04-09 17:10 -------- d-----w- c:\program files (x86)\common files\autodesk shared
    2014-04-09 16:22 . 2014-04-09 16:22 -------- d-----w- c:\autodesk
    2014-04-09 14:23 . 2014-04-09 14:23 -------- d-----w- c:\program files (x86)\gemm
    2014-04-03 14:28 . 2014-04-03 14:28 -------- d-----w- c:\program files (x86)\craft animations
    2014-04-03 14:26 . 2014-04-03 14:26 -------- d-----w- c:\program files (x86)\allegorithmic
    2014-04-03 14:25 . 2014-04-09 17:11 -------- d-----w- c:\program files (x86)\autodesk
    2014-04-03 14:25 . 2014-04-09 17:13 -------- d-----w- c:\programdata\autodesk
    2014-04-01 15:06 . 2014-04-01 17:37 -------- d-----w- c:\apps
    2014-04-01 14:19 . 2014-04-01 14:42 -------- d-----w- c:\program files\blender foundation
    2014-04-01 14:17 . 2014-04-09 16:55 -------- d-----w- c:\program files (x86)\niftools
    2014-03-28 19:42 . 2014-03-29 13:23 2106216 ----a-w- c:\windows\syswow64\d3dcompiler_43.dll
    2014-03-28 19:42 . 2014-03-29 13:24 -------- d-----w- c:\programdata\razer
    2014-03-28 19:42 . 2014-03-29 13:24 -------- d-----w- c:\program files (x86)\razer
    2014-03-28 19:04 . 2014-04-03 14:29 -------- d-----w- c:\windows\system32\appmgmt
    2014-03-28 17:35 . 2014-03-28 17:35 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
    2014-03-28 17:35 . 2014-03-28 17:35 -------- d-----w- c:\program files (x86)\daemon tools lite
    2014-03-28 17:34 . 2014-03-28 18:47 -------- d-----w- c:\programdata\daemon tools lite
    2014-03-27 11:45 . 2014-03-27 11:45 -------- d-----w- c:\program files (x86)\common files\skype
    2014-03-27 11:45 . 2014-03-27 11:45 -------- d-----r- c:\program files (x86)\skype
    2014-03-27 11:45 . 2014-03-27 11:45 -------- d-----w- c:\programdata\skype
    2014-03-18 14:03 . 2014-04-10 11:35 70832 ----a-w- c:\windows\syswow64\flashplayercplapp.cpl
    2014-03-18 14:03 . 2014-04-10 11:35 692400 ----a-w- c:\windows\syswow64\flashplayerapp.exe
    2014-03-18 14:03 . 2014-03-18 14:03 -------- d-----w- c:\windows\syswow64\macromed
    2014-03-18 14:03 . 2014-03-18 14:03 -------- d-----w- c:\windows\system32\macromed
    2014-03-16 13:22 . 2014-03-16 13:22 -------- d-----w- c:\program files\microsoft silverlight
    2014-03-16 13:22 . 2014-03-16 13:22 -------- d-----w- c:\program files (x86)\microsoft silverlight
    2014-03-16 09:29 . 2014-04-12 14:02 -------- d--h--w- c:\windows\msdownld.tmp
    2014-03-16 09:29 . 2014-04-12 11:11 -------- d-----w- c:\spellen
    2014-03-15 18:24 . 2014-03-28 19:43 -------- d-----w- c:\programdata\avg2014
    2014-03-15 18:24 . 2014-03-15 18:24 -------- d-----w- c:\$avg
    2014-03-15 18:24 . 2014-03-15 18:24 -------- d-----w- c:\program files (x86)\avg
    2014-03-15 18:22 . 2014-04-12 14:37 -------- d-----w- c:\programdata\mfadata
    2014-03-15 18:22 . 2014-03-15 18:22 -------- d--h--w- c:\programdata\common files
    2014-03-15 14:00 . 2014-03-15 14:01 -------- d-----w- c:\boss
    2014-03-15 14:00 . 2014-03-15 14:00 -------- d-----w- c:\windows\syswow64\files
    2014-03-15 13:59 . 2014-03-15 13:59 -------- d-----w- c:\windows\syswow64\skyprocdebug
    2014-03-15 13:59 . 2014-03-15 13:59 -------- d-----w- c:\programdata\oracle
    2014-03-15 13:59 . 2014-03-15 13:59 -------- d-----w- c:\program files (x86)\common files\java
    2014-03-15 13:59 . 2014-03-15 13:59 96168 ----a-w- c:\windows\syswow64\windowsaccessbridge-32.dll
    2014-03-15 13:59 . 2014-03-15 13:59 -------- d-----w- c:\program files (x86)\java
    2014-03-15 13:44 . 2012-07-26 07:49 2560 ----a-w- c:\windows\system32\drivers\nl-nl\wdf01000.sys.mui
    2014-03-15 13:23 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
    2014-03-15 13:15 . 2014-03-15 13:16 -------- d-----w- c:\windows\system32\mrt
    2014-03-15 13:14 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\wudfpf.sys
    2014-03-15 13:14 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\wudfrd.sys
    2014-03-15 13:14 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\wudfhost.exe
    2014-03-15 13:14 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\wudfsvc.dll
    2014-03-15 13:14 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\wudfx.dll
    2014-03-15 13:14 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\wudfcoinstaller.dll
    2014-03-15 13:14 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\wudfplatform.dll
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\syswow64\en
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\syswow64\drivers\umdf\en-us
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\syswow64\0409
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\syswow64\wbem\en-us
    2014-03-15 13:08 . 2014-03-15 14:10 -------- d-----w- c:\windows\system32\drivers\en-us
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\system32\en
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\system32\drivers\umdf\en-us
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\system32\0409
    2014-03-15 13:08 . 2014-03-15 13:08 -------- d-----w- c:\windows\system32\wbem\en-us
    2014-03-15 13:03 . 2009-07-13 17:30 3584 ----a-w- c:\windows\system32\spool\prtprocs\x64\en-us\lxkptprc.dll.mui
    2014-03-15 12:59 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\syswow64\d3d11.dll
    2014-03-15 12:58 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll
    2014-03-15 12:48 . 2013-10-12 02:25 832000 ----a-w- c:\windows\system32\nshwfp.dll
    2014-03-15 12:48 . 2013-10-12 02:24 861184 ----a-w- c:\windows\system32\ikeext.dll
    2014-03-15 12:48 . 2013-10-12 02:24 324096 ----a-w- c:\windows\system32\fwpuclnt.dll
    2014-03-15 12:48 . 2013-10-12 02:23 706560 ----a-w- c:\windows\system32\bfe.dll
    2014-03-15 12:48 . 2013-10-12 01:57 657920 ----a-w- c:\windows\syswow64\nshwfp.dll
    2014-03-15 12:48 . 2013-10-12 01:56 216576 ----a-w- c:\windows\syswow64\fwpuclnt.dll
    2014-03-14 19:44 . 2014-04-09 14:34 -------- d-----w- c:\games
    2014-03-14 19:43 . 2014-03-14 19:43 -------- d-----w- c:\program files\nexus mod manager
    2014-03-14 17:44 . 2014-04-11 17:15 -------- d-----w- c:\programdata\origin
    2014-03-14 17:44 . 2014-03-14 17:44 -------- d-----w- c:\programdata\electronic arts
    2014-03-14 17:44 . 2014-04-11 12:45 -------- d-----w- c:\program files (x86)\origin
    2014-03-14 17:43 . 2014-04-12 14:03 -------- d-----w- c:\program files (x86)\steam
    2014-03-14 17:43 . 2014-04-10 19:11 -------- d-----w- c:\program files (x86)\common files\steam
    2014-03-14 17:38 . 2009-04-10 19:58 14720 ----a-w- c:\windows\system32\drivers\valofltr.sys
    2014-03-14 17:38 . 2014-03-14 17:38 -------- d-----w- c:\program files (x86)\roccat
    2014-03-14 17:37 . 2014-03-14 17:37 -------- d-----w- c:\program files (x86)\mad catz
    2014-03-14 17:34 . 2014-03-14 17:34 -------- d-----w- c:\program files (x86)\amd avt
    2014-03-14 17:34 . 2014-03-14 17:34 -------- d-----w- c:\program files (x86)\amd
    2014-03-14 17:34 . 2014-03-14 17:34 -------- d-----w- c:\program files (x86)\common files\ati technologies
    2014-03-14 17:34 . 2014-03-14 17:34 -------- d-----w- c:\program files\ati technologies
    2014-03-14 17:33 . 2014-03-14 17:33 -------- d-----w- c:\programdata\ati
    2014-03-14 17:33 . 2014-03-14 17:34 -------- d-----w- c:\program files\amd
    2014-03-14 17:33 . 2014-03-14 17:33 -------- d-----w- c:\program files\common files\ati technologies
    2014-03-14 17:30 . 2014-03-14 17:30 -------- d-----w- c:\program files (x86)\microsoft.net
    2014-03-14 17:30 . 2014-03-15 14:00 -------- d-----w- c:\programdata\package cache
    2014-03-14 17:29 . 2014-03-14 17:29 -------- d-----w- c:\amd
    2014-03-14 16:24 . 2014-03-14 16:24 -------- d-----w- c:\programdata\smarttechnology
    2014-03-14 16:24 . 2014-03-14 16:24 -------- d-----w- c:\program files\smarttechnology
    2014-03-14 16:23 . 2014-03-14 16:23 -------- d-----w- c:\program files\winrar
    2014-03-14 16:00 . 2014-04-11 13:41 -------- d-----w- c:\program files (x86)\google
    2014-03-14 15:59 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
    2014-03-14 15:59 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
    2014-03-14 15:59 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
    2014-03-14 15:59 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
    2014-03-14 15:59 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
    2014-03-14 15:59 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
    2014-03-14 15:59 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
    2014-03-14 15:59 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
    2014-03-14 15:59 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
    2014-03-14 15:57 . 2014-03-14 15:57 -------- d-----w- c:\windows\options
    2014-03-14 15:57 . 2011-08-31 12:55 2736640 ----a-w- c:\windows\system32\drivers\athrx.sys
    2014-03-14 15:57 . 2011-08-31 12:55 2736640 ----a-w- c:\windows\system32\athrx.sys
    2014-03-14 15:57 . 2014-03-14 15:57 -------- d-----w- c:\programdata\tp-link
    2014-03-14 15:56 . 2014-03-14 15:56 0 ----a-w- c:\windows\ativpsrm.bin
    2014-03-14 15:53 . 2014-03-14 15:53 -------- d-----w- c:\windows\syswow64\rtcom
    2014-03-14 15:53 . 2014-03-14 15:53 -------- d-----w- c:\program files\realtek
    2014-03-14 15:51 . 2014-03-14 17:34 -------- d-----w- c:\programdata\amd
    2014-03-14 15:51 . 2010-02-18 08:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
    2014-03-14 15:51 . 2014-03-14 15:51 -------- dc----w- c:\windows\system32\drvstore
    2014-03-14 15:51 . 2010-12-15 15:06 47232 ----a-r- c:\windows\system32\drivers\usbfilter.sys
    2014-03-14 15:51 . 2011-07-28 09:01 58880 ----a-w- c:\windows\system32\coinst.dll
    2014-03-14 15:51 . 2011-07-28 09:36 462848 ----a-w- c:\windows\system32\atidemgx.dll
    2014-03-14 15:50 . 2014-03-14 15:50 -------- d-----w- c:\program files\ati
    .
    .
    ((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-03-02 13:05 . 2012-03-04 16:19 90015360 ----a-w- c:\windows\system32\mrt.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    regedit4
    .
    [hkey_current_user\software\microsoft\windows\currentversion\run]
    "sidebar"=c:\program files\windows sidebar\sidebar.exe [2010-11-21 1475584]
    "daemon tools lite"=c:\program files (x86)\daemon tools lite\dtlite.exe [2014-03-04 3696912]
    .
    [hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run]
    "adobe arm"=c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-11-21 959904]
    "startccc"=c:\program files (x86)\ati technologies\ati.ace\core-static\amd64\clistart.exe [2013-12-06 766208]
    "roccatvalo"=c:\program files (x86)\roccat\valo keyboard\valomonitor.exe [2009-12-16 196608]
    "sunjavaupdatesched"=c:\program files (x86)\common files\java\java update\jusched.exe [2013-07-02 254336]
    "avg_ui"=c:\program files (x86)\avg\avg2014\avgui.exe [2014-03-19 4971024]
    .
    c:\programdata\microsoft\windows\start menu\programs\startup\
    rat 9 charge indicator.lnk - c:\windows\installer\{e351a4ac-5d5d-4748-a2fe-310ec70f3e05}\_cd6d2b41032fc8a5bf211a.exe [2014-3-14 75993]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
    "consentpromptbehavioradmin"= 0 (0x0)
    "consentpromptbehavioruser"= 0 (0x0)
    "enablelua"= 0 (0x0)
    "enableuiadesktoptoggle"= 0 (0x0)
    .
    [hkey_current_user\software\microsoft\windows\currentversion\policies\explorer]
    "noresolvetrack"= 1 (0x1)
    .
    r2 avgidsagent;avgidsagent;c:\program files (x86)\avg\avg2014\avgidsagent.exe;c:\program files (x86)\avg\avg2014\avgidsagent.exe [x]
    r2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [x]
    r2 mi-raysat_3dsmax2012_32;mental ray 3.9 satellite for autodesk 3ds max 2012 32-bit - english 32-bit;c:\program files (x86)\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe;c:\program files (x86)\autodesk\3ds max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe [x]
    r2 skypeupdate;skype updater;c:\program files (x86)\skype\updater\updater.exe;c:\program files (x86)\skype\updater\updater.exe [x]
    r3 amdiox64;amd io driver;c:\windows\system32\drivers\amdiox64.sys;c:\windows\sysnative\drivers\amdiox64.sys [x]
    r3 b06diag;broadcom netxtreme ii diag driver;c:\windows\system32\drivers\bxdiaga.sys;c:\windows\sysnative\drivers\bxdiaga.sys [x]
    r3 bfn7x64;bigfoot networks killer gaming service;c:\windows\system32\drivers\xeno7x64.sys;c:\windows\sysnative\drivers\xeno7x64.sys [x]
    r3 bfnvis64;bigfoot networks killer gaming service;c:\windows\system32\drivers\xenova64.sys;c:\windows\sysnative\drivers\xenova64.sys [x]
    r3 bxois;bxois;c:\windows\system32\drivers\bxois.sys;c:\windows\sysnative\drivers\bxois.sys [x]
    r3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\sysnative\drivers\dmvsc.sys [x]
    r3 iamtve;stuurprogramma voor intel(r) active management technology - kcs;c:\windows\system32\drivers\iamtve.sys;c:\windows\sysnative\drivers\iamtve.sys [x]
    r3 iamtxpe;stuurprogramma voor intel(r) active management technology - kcs;c:\windows\system32\drivers\iamtxpe.sys;c:\windows\sysnative\drivers\iamtxpe.sys [x]
    r3 ifcoemp;ifcoemp;c:\windows\system32\drivers\ifm60x64.sys;c:\windows\sysnative\drivers\ifm60x64.sys [x]
    r3 ifcoevb;ifcoevb;c:\windows\system32\drivers\ifp60x64.sys;c:\windows\sysnative\drivers\ifp60x64.sys [x]
    r3 ioatdma1;ioatdma1;c:\windows\system32\drivers\qd162x64.sys;c:\windows\sysnative\drivers\qd162x64.sys [x]
    r3 ioatdma2;intel(r) quickdata technology device ver.2;c:\windows\system32\drivers\qd262x64.sys;c:\windows\sysnative\drivers\qd262x64.sys [x]
    r3 msicdsetup;msicdsetup;e:\cdriver64.sys;e:\cdriver64.sys [x]
    r3 ntiolib_1_0_c;ntiolib_1_0_c;e:\ntiolib_x64.sys;e:\ntiolib_x64.sys [x]
    r3 rdpvideominiport;remote desktop video miniport driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\sysnative\drivers\rdpvideominiport.sys [x]
    r3 rtl8192su;realtek rtl8192su wireless lan 802.11n usb 2.0 network adapter;c:\windows\system32\drivers\rtl8192su.sys;c:\windows\sysnative\drivers\rtl8192su.sys [x]
    r3 synth3dvsc;microsoft virtual 3d video transport driver;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\sysnative\drivers\synth3dvsc.sys [x]
    r3 terminpt;microsoft remote desktop input driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\sysnative\drivers\terminpt.sys [x]
    r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\sysnative\drivers\tsusbflt.sys [x]
    r3 tsusbgd;remote desktop generic usb device;c:\windows\system32\drivers\tsusbgd.sys;c:\windows\sysnative\drivers\tsusbgd.sys [x]
    r3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\sysnative\drivers\tsusbhub.sys [x]
    r3 vgpu;vgpu;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\sysnative\drivers\rdvgkmd.sys [x]
    s0 avgidsha;avgidsha;c:\windows\system32\drivers\avgidsha.sys;c:\windows\sysnative\drivers\avgidsha.sys [x]
    s0 avgloga;avg logging driver;c:\windows\system32\drivers\avgloga.sys;c:\windows\sysnative\drivers\avgloga.sys [x]
    s0 avgmfx64;avg mini-filter resident anti-virus shield;c:\windows\system32\drivers\avgmfx64.sys;c:\windows\sysnative\drivers\avgmfx64.sys [x]
    s0 avgrkx64;avg anti-rootkit driver;c:\windows\system32\drivers\avgrkx64.sys;c:\windows\sysnative\drivers\avgrkx64.sys [x]
    s1 avgdiska;avg disk driver;c:\windows\system32\drivers\avgdiska.sys;c:\windows\sysnative\drivers\avgdiska.sys [x]
    s1 avgfwfd;avg network filter service;c:\windows\system32\drivers\avgfwd6a.sys;c:\windows\sysnative\drivers\avgfwd6a.sys [x]
    s1 avgidsdriver;avgidsdriver;c:\windows\system32\drivers\avgidsdrivera.sys;c:\windows\sysnative\drivers\avgidsdrivera.sys [x]
    s1 avgldx64;avg avi loader driver;c:\windows\system32\drivers\avgldx64.sys;c:\windows\sysnative\drivers\avgldx64.sys [x]
    s1 avgtdia;avg tdi driver;c:\windows\system32\drivers\avgtdia.sys;c:\windows\sysnative\drivers\avgtdia.sys [x]
    s1 dtsoftbus01;daemon tools virtual bus driver;c:\windows\system32\drivers\dtsoftbus01.sys;c:\windows\sysnative\drivers\dtsoftbus01.sys [x]
    s2 amd external events utility;amd external events utility;c:\windows\system32\atiesrxx.exe;c:\windows\sysnative\atiesrxx.exe [x]
    s2 amd fuel service;amd fuel service;c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe;c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe [x]
    s2 aoddriver4.2.0;aoddriver4.2.0;c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys;c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys [x]
    s2 avgfws;avg firewall;c:\program files (x86)\avg\avg2014\avgfws.exe;c:\program files (x86)\avg\avg2014\avgfws.exe [x]
    s2 avgwd;avg watchdog;c:\program files (x86)\avg\avg2014\avgwdsvc.exe;c:\program files (x86)\avg\avg2014\avgwdsvc.exe [x]
    s3 atihdaudioservice;amd function driver for hd audio service;c:\windows\system32\drivers\atihdw76.sys;c:\windows\sysnative\drivers\atihdw76.sys [x]
    s3 rtl8167;realtek 8167 nt driver;c:\windows\system32\drivers\rt64win7.sys;c:\windows\sysnative\drivers\rt64win7.sys [x]
    s3 saik0cfa;saik0cfa;c:\windows\system32\drivers\saik0cfa.sys;c:\windows\sysnative\drivers\saik0cfa.sys [x]
    s3 saiu0cfa;saiu0cfa;c:\windows\system32\drivers\saiu0cfa.sys;c:\windows\sysnative\drivers\saiu0cfa.sys [x]
    s3 usbfilter;amd usb filter driver;c:\windows\system32\drivers\usbfilter.sys;c:\windows\sysnative\drivers\usbfilter.sys [x]
    s3 valfltr;roccat valo keyboard;c:\windows\system32\drivers\valofltr.sys;c:\windows\sysnative\drivers\valofltr.sys [x]
    .
    .
    [hkey_local_machine\software\wow6432node\microsoft\active setup\installed components\{8a69d345-d564-463c-aff1-a69d9e530f96}]
    2014-04-11 13:42 1077576 ----a-w- c:\program files (x86)\google\chrome\application\34.0.1847.116\installer\chrmstp.exe
    .
    inhoud van de 'gedeelde taken' map
    .
    2014-04-12 c:\windows\tasks\adobe flash player updater.job
    - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe [2014-03-18 11:35]
    .
    2014-04-12 c:\windows\tasks\googleupdatetaskmachinecore.job
    - c:\program files (x86)\google\update\googleupdate.exe [2014-04-11 13:41]
    .
    2014-04-12 c:\windows\tasks\googleupdatetaskmachineua.job
    - c:\program files (x86)\google\update\googleupdate.exe [2014-04-11 13:41]
    .
    .
    --------- x64 entries -----------
    .
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\run]
    "rthdvcpl"=c:\program files\realtek\audio\hda\rtkngui64.exe [2012-05-08 6470760]
    "profileru"=c:\program files\smarttechnology\software\profileru.exe [2013-04-16 454144]
    "saimfd"=c:\program files\smarttechnology\software\saimfd.exe [2013-04-16 158208]
    .
    ------- bijkomende scan -------
    .
    ulocal page = c:\windows\system32\blank.htm
    ustart page = hxxp://www.google.com
    udefault_search_url = hxxp://www.qone8.com/web/?type=ds&ts=1397215390&from=ild&uid=st31000524as_9vpgjp5axxxx9vpgjp5a&q={searchterms}
    mdefault_search_url = hxxp://www.qone8.com/web/?type=ds&ts=1397215390&from=ild&uid=st31000524as_9vpgjp5axxxx9vpgjp5a&q={searchterms}
    mdefault_page_url = hxxp://www.google.com
    mstart page = hxxp://www.google.com
    mlocal page = c:\windows\syswow64\blank.htm
    msearch page = hxxp://www.qone8.com/web/?type=ds&ts=1397215390&from=ild&uid=st31000524as_9vpgjp5axxxx9vpgjp5a&q={searchterms}
    tcp: dhcpnameserver = 212.54.40.25 212.54.35.25
    .
    - - - - orphans verwijderd - - - -
    .
    toolbar-locked - (no file)
    addremove-{35a2fe53-cc80-4d17-941f-3a7c82824fc7} - c:\program files (x86)\common files\eainstaller\command and conquer 3 tw and kw\cleanup.exe
    .
    .
    .
    --------------------- vergrendelde register sleutels ---------------------
    .
    [hkey_local_machine\software\classes\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}]
    @denied: (a 2) (everyone)
    @="flashbroker"
    "localizedstring"="@c:\\windows\\system32\\macromed\\flash\\flashutil64_13_0_0_182_activex.exe,-101"
    .
    [hkey_local_machine\software\classes\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\elevation]
    "enabled"=dword:00000001
    .
    [hkey_local_machine\software\classes\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\localserver32]
    @=c:\\windows\\system32\\macromed\\flash\\flashutil64_13_0_0_182_activex.exe
    .
    [hkey_local_machine\software\classes\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\typelib]
    @="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
    .
    [hkey_local_machine\software\classes\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}]
    @denied: (a 2) (everyone)
    @="iflashbroker5"
    .
    [hkey_local_machine\software\classes\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}\proxystubclsid32]
    @="{00020424-0000-0000-c000-000000000046}"
    .
    [hkey_local_machine\software\classes\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}\typelib]
    @="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
    "version"="1.0"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}]
    @denied: (a 2) (everyone)
    @="flashbroker"
    "localizedstring"="@c:\\windows\\syswow64\\macromed\\flash\\flashutil32_13_0_0_182_activex.exe,-101"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\elevation]
    "enabled"=dword:00000001
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\localserver32]
    @=c:\\windows\\syswow64\\macromed\\flash\\flashutil32_13_0_0_182_activex.exe
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{73c9dfa0-750d-11e1-b0c4-0800200c9a66}\typelib]
    @="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}]
    @denied: (a 2) (everyone)
    @="shockwave flash object"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\inprocserver32]
    @=c:\\windows\\syswow64\\macromed\\flash\\flash32_13_0_0_182.ocx
    "threadingmodel"="apartment"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\miscstatus]
    @="0"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\progid]
    @="shockwaveflash.shockwaveflash.13"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
    @=c:\\windows\\syswow64\\macromed\\flash\\flash32_13_0_0_182.ocx, 1"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\typelib]
    @="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\version]
    @="1.0"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
    @="shockwaveflash.shockwaveflash"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}]
    @denied: (a 2) (everyone)
    @="macromedia flash factory object"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\inprocserver32]
    @=c:\\windows\\syswow64\\macromed\\flash\\flash32_13_0_0_182.ocx
    "threadingmodel"="apartment"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\progid]
    @="flashfactory.flashfactory.1"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
    @=c:\\windows\\syswow64\\macromed\\flash\\flash32_13_0_0_182.ocx, 1"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\typelib]
    @="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\version]
    @="1.0"
    .
    [hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
    @="flashfactory.flashfactory"
    .
    [hkey_local_machine\software\classes\wow6432node\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}]
    @denied: (a 2) (everyone)
    @="iflashbroker5"
    .
    [hkey_local_machine\software\classes\wow6432node\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}\proxystubclsid32]
    @="{00020424-0000-0000-c000-000000000046}"
    .
    [hkey_local_machine\software\classes\wow6432node\interface\{6ae38ae0-750c-11e1-b0c4-0800200c9a66}\typelib]
    @="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
    "version"="1.0"
    .
    [hkey_local_machine\system\controlset002\control\pcw\security]
    @denied: (full) (everyone)
    .
    voltooingstijd: 2014-04-12 17:01:21
    combofix-quarantined-files.txt 2014-04-12 15:01
    combofix2.txt 2014-04-11 17:32
    .
    pre-run: 840.838.311.936 bytes beschikbaar
    post-run: 840.758.038.528 bytes beschikbaar
    .
    - - end of file - - cbdb13be599d6b18e2e5aa444b0401dd
    a36c5e4f47e84449ff07ed3517b43a31

    [/hjt]
     
  11. Abraham54

    Abraham54 Administrator

    Gaat het inmiddels beter?
     
  12. Python99

    Python99 Gevestigd lid

    iki heb het nog steeds, al heb ik nu wel een truc gevonden of het (tijdelijk) te verhelpen: Ik start Steam op, en dan Skyrim. Daarna sluit ik Skyrim weer af, en hij doet het weer, soms voor 5 min, soms voor een paar uur. Maar het is nog steeds niet weg
     
Topicstatus:
Niet open voor verdere reacties.

Deel Deze Pagina