reclame en traag internet

[niels123]

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300

Malwarebytes : Free Anti-Malware

Databaseversie: v2014.02.18.07

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16518

Gebruiker :: JFKPC [administrator]

Bescherming: Ingeschakeld

18/02/2014 20:59:49

mbam-log-2014-02-18 (20-59-49).txt

Scan type: Volledige scan (C:\|)

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 406405

Verstreken tijd: 26 minuut/minuten, 24 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 1

HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 3

C:\Users\Gebruiker\Downloads\Quad_POLARIS_BIG_BOSS_LuxFarm_Ls_2013.zip.exe (PUP.Optional.Tarma) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\zoek_backup\C_ProgramData_YoutubeAdblocker\aYz2U.exe (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\zoek_backup\C_ProgramData_YoutubeAdblocker\bKj77xy.exe (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

- - - Updated - - -

~ Verslag van ZHPDiag v2014.2.17.15 - Nicolas Coolman (17/02/2014)

~ Gelanceerd door Gebruiker (18/02/2014 21:35:02)

~ Het adres van de website : http://nicolascoolman.webs.com

~ Gratis supportforum voor desinfectie : http://nicolascoolman.webs.com/apps/links/

~ Vertaald door de gebruiker

~ Staat van de versie :

~ Lijst wit : Ingeschakeld door het programma

~ Tot misbruik van bevoegdheden : OK

~ Gebruikersaccountbeheer (UAC) : Deactivate by program

---\\ Internet-browsers

MSIE: Internet Explorer v11.0.9600.16518

MFIE: Mozilla Firefox 27.0.1 (Defaut)

GCIE: Google Chrome v32.0.1700.107

---\\ Windows productinformatie

~ Langage: Néerlandais

Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ Software om het systeem te beveiligen

Malwarebytes Anti-Malware versie 1.75.0.1300

Microsoft Security Client v4.4.0304.0

Windows Defender W7

---\\ Systeem optimalisatie software

CCleaner v4.05 =>Piriform Ltd

---\\ Delen van software PeerToPeer

---\\ Software die extra aandacht behoeft

Adobe Flash Player 12 Plugin

Adobe Reader XI

Java 7 Update 40

Java 7 Update 40

---\\ Informatie over het systeem

~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 8099 MB (66% free)

System Restore: Activé (Enable)

System drive C: has 152 GB (65%) free of 233 GB

---\\ Verbinding met het systeem-modus

~ Computer Name: JFKPC

~ User Name: Gebruiker

~ All Users Names: UpdatusUser, HomeGroupUser$, Gebruiker, Gast, Administrator,

~ Unselected Option: None

Logged in as Administrator

---\\ Omgevingsvariabelen

~ System Unit : C:\

~ %AppZHP% : C:\Users\Gebruiker\AppData\Roaming\ZHP\

~ %AppData% : C:\Users\Gebruiker\AppData\Roaming\

~ %Desktop% : C:\Users\Gebruiker\Desktop\

~ %Favorites% : C:\Users\Gebruiker\Favorites\

~ %LocalAppData% : C:\Users\Gebruiker\AppData\Local\

~ %StartMenu% : C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

---\\ Overzicht vaste en verwisselbare stations

C: Hard drive, Flash drive, Thumb drive (Free 152 Go of 233 Go)

D: CD-ROM drive (Not Inserted)

---\\ Staat van het Windows Beveiligingscentrum

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

~ Security Center: 46 Legitimates Filtered in 00mn 00s

---\\ Zoeken naar bepaalde algemene bestanden

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Verkenner.) (.25/02/2011 - 7:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Toepassing Opstarten.) (.14/07/2009 - 2:39:52.) -- C:\Windows\System32\Wininit.exe [129024]

[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Internetuitbreidingen voor Win32.) (.6/02/2014 - 10:24:52.) -- C:\Windows\System32\wininet.dll [2334208]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Toepassing Windows-aanmelden.) (.21/11/2010 - 4:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing-bibliotheek.) (.21/11/2010 - 4:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]

[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 2:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 2:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 0:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 4:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 4:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 4:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.14/07/2009 - 0:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 1:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 3:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 4:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]

[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - NT-bestandssysteemstuurprogramma.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.14/07/2009 - 1:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 4:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 1:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 4:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.21/11/2010 - 4:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]

~ Generic Processes: Scanned in 00mn 00s

---\\ Status van de verborgen bestanden (verborgen/totaal)

~ Mes images (My Pictures) : 1/7

~ Mes musiques (My Musics) : 18/170

~ Mes Favoris (My Favorites) : 1/27

~ Mes Documents (My Documents) : 1/11857

~ Mon Bureau (My Desktop) : 1/18

~ Menu demarrer (Programs) : 1/37

~ Hidden Files: Scanned in 00mn 02s

---\\ Gestarte processen

[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2248]

[MD5.1775BDBEF28FD1B0F0AC43F10F483E08] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896] [PID.3428]

[MD5.10E89F598469C60D8C87A8218089A87D] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe [4489472] [PID.3864]

[MD5.A5166249C8EA1ED70ECD684F6D2E2DE8] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe [1824000] [PID.4000]

[MD5.01990FBC83F023A9159A60F0A05B0E43] - (.No owner - Auto Club Revolution Race App Launcher.) -- C:\Program Files (x86)\ACR\AutoClubRev\web\acrlauncher.exe [2880840] [PID.4092]

[MD5.58FC1B36032F03342E4C02813F80DAC1] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe [30714328] [PID.4332]

[MD5.4A73AB8412D3AA6CFAD24051FF9DBFA7] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160] [PID.4448]

[MD5.193B1D98DCD8FF8D1FCD0F990DC5EDA5] - (.Creative Technology Ltd - THXAudio.) -- C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1374720] [PID.4600]

[MD5.9D51EA92A612B37E76E5E4621650C50A] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288] [PID.4736]

[MD5.50689B640B59DDFE4F768C77FC4E3B3A] - (.Spotify Ltd - Spotify.) -- C:\Users\Gebruiker\AppData\Roaming\Spotify\Spotify.exe [6137912] [PID.4036]

[MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.5344]

[MD5.AB44884BC129FC04D75A4649E0710203] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8338432] [PID.4708]

[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1908]

[MD5.3817558D8D5BBC8B0F190CF0D7C4720F] - (.Autodesk, Inc. - Content Service.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288] [PID.1080]

[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2104]

[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2140]

[MD5.005E474630A7AA05A617C574B702FEED] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2155296] [PID.2228]

[MD5.C98ACDE22458C8F46FD0503CB9E2D01F] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe [223112] [PID.3024]

[MD5.5FFDA96330357A914A69D79BE1988A38] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [571816] [PID.4856]

[MD5.8FFF9083252C16FE3960173722605E9E] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.4868]

[MD5.50C7CE53EF461870410355F1F2E7D515] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [326168] [PID.6092]

[MD5.374EBDA379A8F38E0CFC2211611E7167] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2656280] [PID.2260]

~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, start, zoeken, extensies (G0, G1, G2)

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences

G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Winkel v.0.2 (Activé)

G2 - GCE: Preference [user Data\Default] [akpelnjfckgfiplcikojhomllgombffc] Theme Creator v.2.5 (Activé)

G2 - GCE: Preference [user Data\Default] [dcilimldmomiaihcfkmaldanopfejefg] WGT Golf Challenge v.45.0.0 (Activé)

G2 - GCE: Preference [user Data\Default] [hcddigdgleeplimnncapfcfmmfndfbbg] WeBsave v.3.7 (Activé)

G2 - GCE: Preference [user Data\Default] [ikimcdcgajipgcoehakmgloecbaacmoj] Digital Clock Widget [ANTP] v.1.1.3, (Activé)

G2 - GCE: Preference [user Data\Default] [jemlklgaibiijojffihnhieihhagocma] Best Flash Save v.148 (Activé)

G2 - GCE: Preference [user Data\Default] [jgoncnaabanepilgbggijndebemabhhf] Valuta omzetter v.1.0 (Activé)

G2 - GCE: Preference [user Data\Default] [jjelhjjeiplbdlimhklicdkffchjcldo] Smartschool v.1.7.4, (Activé)

G2 - GCE: Preference [user Data\Default] [kidknbkmfcapkiepmhchinffchkjglog] Booktrack Studio v.1.4.5.6 (Activé)

G2 - GCE: Preference [user Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

~ Google Browser: 33 Legitimates Filtered in 00mn 05s

---\\ Mozilla Firefox, Plugins, start, zoeken, extensies (P2, M0, M1, M2, M3)

M2 - MFEP: prefs.js [Gebruiker - uj8d4v3m.default\weidunewtab@gmail.com] [] New Tab Plus v (..)

M2 - MFEP: prefs.js [Gebruiker - uj8d4v3m.default\{0545b830-f0aa-4d7e-8820-50a4629a56fe}] [] ColorfulTabs v (..)

~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, start, zoeken, URLSearchHook, Phishing (R0, R1, R3, R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.jfk.be

~ IE Browser: 17 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, proxybeheer (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Proxy management: Scanned in 00mn 00s

---\\ Analyse van lijnen F0, F1, F2, F3 - IniFiles, Autoloading programma's

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Keys: Scanned in 00mn 00s

---\\ Hosts-bestand omleiding (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Hosts File: Scanned in 00mn 00s

~ Nombre de lignes (Lines number): 21

---\\ Andere Verwijzigingen gebruikers (O4)

O4 - GS\Desktop [Public]: ACR Launcher.lnk . (...) -- C:\Program Files (x86)\ACR\AutoClubRev\web\acrlauncher.exe

O4 - GS\Desktop [Public]: Autodesk 360.lnk . (...) -- C:\Program Files (x86)\Autodesk\Autodesk Sync\AdSync.exe (.not file.)

O4 - GS\Desktop [Public]: Autodesk ReCap.lnk . (...) -- C:\Program Files (x86)\Autodesk\Autodesk ReCap\recap.exe (.not file.)

O4 - GS\Desktop [Public]: eID Viewer.lnk . (.FedICT - eID Viewer.) -- C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe

O4 - GS\Desktop [Public]: Free YouTube to MP3 Converter.lnk . (.DVDVideoSoft Ltd. - FreeYouTubeToMP3Converter.) -- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe

O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O4 - GS\Desktop [Public]: LayOut 2013.lnk . (.Trimble Navigation Limited - LayOut.) -- C:\Program Files (x86)\SketchUp\SketchUp 2013\LayOut\LayOut.exe

O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O4 - GS\Desktop [Public]: SketchUp 2013.lnk . (.Trimble Navigation Limited - SketchUp Application.) -- C:\Program Files (x86)\SketchUp\SketchUp 2013\SketchUp.exe

O4 - GS\Desktop [Public]: Style Builder 2013.lnk . (.Trimble Navigation Limited - Style Builder.) -- C:\Program Files (x86)\SketchUp\SketchUp 2013\Style Builder\Style Builder.exe

O4 - GS\Desktop [Public]: Uninstall ACR.lnk . (...) -- C:\Program Files (x86)\ACR\unins000.exe

O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O4 - GS\QuickLaunch [Gebruiker]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O4 - GS\QuickLaunch [Gebruiker]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - GS\TaskBar [Gebruiker]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O4 - GS\Program [Gebruiker]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - GS\SystemTools [Gebruiker]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - GS\SendTo [Gebruiker]: Bestandsoverdracht via Bluetooth.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe

O4 - GS\Desktop [Gebruiker]: Farming Simulator 2013 .lnk . (.GIANTS Software GmbH - GIANTS Launcher.) -- C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe

O4 - GS\Desktop [Gebruiker]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - GS\Desktop [Gebruiker]: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\Gebruiker\AppData\Roaming\Spotify\spotify.exe

~ Global Startup: 91 Legitimates Filtered in 00mn 00s

---\\ Toepassingen gestart door register & bestand (O4)

O4 - GS\Startup [Gebruiker]: ACR Launcher.lnk . (...) -- C:\Program Files (x86)\ACR\AutoClubRev\web\acrlauncher.exe

O4 - GS\Startup [Gebruiker]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio configuratie.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

O4 - HKLM\..\Run: [THXCfg64] . (.Creative Technology Ltd. - No Comment.) -- C:\Windows\system32\THXCfg64.dll

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)

O4 - HKLM\..\Run: [intelWireless] . (.Intel® Corporation - Intel® PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe

O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKCU\..\Run: [spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Gebruiker\AppData\Roaming\Spotify\Spotify.exe

O4 - HKCU\..\Run: [spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe

O4 - HKCU\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

O4 - HKCU\..\Run: [steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe

O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe

O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Wow6432Node\Run: [THX Audio Control Panel] . (.Creative Technology Ltd - THXAudio.) -- C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe

O4 - HKLM\..\Wow6432Node\Run: [NUSB3MON] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Windows-bureaubladgadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Windows-bureaubladgadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation

O4 - HKUS\S-1-5-21-52792044-1074444535-1282596425-1000\..\Run: [spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Gebruiker\AppData\Roaming\Spotify\Spotify.exe

O4 - HKUS\S-1-5-21-52792044-1074444535-1282596425-1000\..\Run: [spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

O4 - HKUS\S-1-5-21-52792044-1074444535-1282596425-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe

O4 - HKUS\S-1-5-21-52792044-1074444535-1282596425-1000\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

O4 - HKUS\S-1-5-21-52792044-1074444535-1282596425-1000\..\Run: [steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe

O4 - HKUS\S-1-5-21-52792044-1074444535-1282596425-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe

~ Application: Scanned in 00mn 00s

---\\ Domeinadres van de DNS (O17) wijzigen

O17 - HKLM\System\CCS\Services\Tcpip\..\{493E6856-F761-4875-9BA9-F57B13446670}: DhcpNameServer = 195.130.131.133 195.130.130.5

O17 - HKLM\System\CS1\Services\Tcpip\..\{493E6856-F761-4875-9BA9-F57B13446670}: DhcpNameServer = 195.130.131.133 195.130.130.5

O17 - HKLM\System\CS2\Services\Tcpip\..\{493E6856-F761-4875-9BA9-F57B13446670}: DhcpNameServer = 195.130.131.133 195.130.130.5

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.133 195.130.130.5

~ Domain: Scanned in 00mn 00s

---\\ Aanvullend Protocol (O18)

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML-viewer.) -- C:\Windows\System32\mshtml.dll

O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation

~ Protocole Additionnel: Scanned in 00mn 00s

---\\ AppInit_DLLs waarde en subsleutels Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

~ Winlogon: Scanned in 00mn 00s

---\\ AppInit_DLLs waarde en subsleutels Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 327.) - C:\Windows\system32\nvinitx.dll

~ AppInit DLL: Scanned in 00mn 00s

---\\ Geïnstalleerde software (O42)

O42 - Logiciel: ACR version 0.001 - (.Eutechnyx, Ltd.) [HKLM][64Bits] -- {D3D02004-0977-4BB1-8FE8-8BC4230DCEEC}}_is1

O42 - Logiciel: Simplo Video Camera - (.Simplo CO.,LTD.) [HKLM][64Bits] -- {82D571B5-ED0C-49BC-AABC-DB8E05BCFA8D}

O42 - Logiciel: Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) - (.Fedict.) [HKLM][64Bits] -- 3FE3642036A0F4AEC17772437CE14BB1E67006AA

~ Logic: 27 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys

[HKCU\Software\MLSync]

[HKLM\Software\Wow6432Node\Simplo CO.,LTD]

~ Key Software: 258 Legitimates Filtered in 00mn 00s

---\\ 'Inhoud van mappen programma's, ProgramFiles, ProgramData, AppData (O43)

O43 - CFD: 11/10/2013 - 9:54:01 - [0,496] ----D C:\Program Files (x86)\Simplo Video Camera

O43 - CFD: 21/11/2013 - 20:14:58 - [0] ----D C:\ProgramData\FARO

~ Program Folder: 152 Legitimates Filtered in 00mn 03s

---\\ Meest recente bestanden gewijzigd of gemaakt op Windows en System32 (O44)

O44 - LFC:[MD5.02940D6C7722E91342A32CFF5C60F4E4] - 17/02/2014 - 18:19:54 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]

O44 - LFC:[MD5.6B9A2AC8A2E0F5A305FCF9A3792E8F11] - 17/02/2014 - 18:33:16 ---A- . (...) -- C:\zoek-results.log [35562]

~ Files: 50 Legitimates Filtered in 00mn 01s

---\\ Opsomming van het register sleutels PoliciesSystem (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ MWPS: 16 Legitimates Filtered in 00mn 00s

---\\ Opsomming van de registersleutel PoliciesExplorer (CÖKVI) (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s

---\\ Overzicht van de drivers (SDL) (O58)

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 2:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 2:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]

O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 5/10/2010 - 0:59:32 ---A- . (...) -- C:\Windows\SysWOW64\StarOpen.sys [5632]

~ Drivers: 16 Legitimates Filtered in 00mn 03s

---\\ Meest recente bestanden gewijzigd of gemaakt (gebruiker) (O61)

O61 - LFC: 15/02/2014 - 21:35:41 ---A- . (...) -- C:\Users\Gebruiker\Downloads\BALE_Kuhn_LSB1290iD.exe [5845848]

O61 - LFC: 16/02/2014 - 21:35:41 ---A- . (...) -- C:\Users\Gebruiker\Downloads\zoek(1).exe [1283584]

O61 - LFC: 16/02/2014 - 21:35:41 ---A- . (...) -- C:\Users\Gebruiker\Downloads\zoek.exe [1283584]

O61 - LFC: 17/02/2014 - 21:35:33 ---A- . (...) -- C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268173]

O61 - LFC: 17/02/2014 - 21:35:33 ---A- . (...) -- C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]

O61 - LFC: 17/02/2014 - 21:35:36 ---A- . (...) -- C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Local State [119139]

O61 - LFC: 17/02/2014 - 21:35:41 ---A- . (...) -- C:\Users\Gebruiker\Downloads\AdwCleaner.exe [1241834]

O61 - LFC: 17/02/2014 - 21:35:41 ---A- . (...) -- C:\Users\Gebruiker\Downloads\zoek-results.txt [35562]

O61 - LFC: 18/02/2014 - 21:35:39 ---A- . (...) -- C:\Users\Gebruiker\AppData\Roaming\ZHP\Log.txt [16343] =>.Nicolas Coolman

O61 - LFC: 18/02/2014 - 21:35:39 ---A- . (...) -- C:\Users\Gebruiker\AppData\Roaming\ZHP\TestsZHPDiag.txt [2956] =>.Nicolas Coolman

O61 - LFC: 18/02/2014 - 21:35:41 ---A- . (...) -- C:\Users\Gebruiker\Documents\school\6de jaar\algemene vakken\dialoog engels.docx [13998]

~ 8 Fichiers temporaires (Temporary files)

~ 2 Fichiers cookies (Cookies files)

~ Files: 701 Legitimates Filtered in 00mn 09s

---\\ Lijst van cleaning tools (CLAB) (O63)

O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman

~ ADS: Scanned in 00mn 00s

---\\ Overzicht met LEGACY services (LALS) (O64)

O64 - Services: CurCS - 4/04/2013 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR

O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

~ Legacy: 106 Legitimates Filtered in 00mn 00s

---\\ Startmenu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Keys: Scanned in 00mn 00s

---\\ Zoek "infecties in internetbrowsers (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com

~ Keys: Scanned in 00mn 00s

---\\ Lijst van uitzonderingen in de firewall (FirewallRules) (O87)

O87 - FAEL: "TCP Query User{428ED246-AA8E-4745-9729-A50F4A44BC01}C:\program files (x86)\acr\autoclubrev\bin\acr.exe" | In - Public - P6 - TRUE | .(.Eutechnyx Ltd. - Auto Club Revolution Race App.) -- C:\program files (x86)\acr\autoclubrev\bin\acr.exe

O87 - FAEL: "UDP Query User{0615F7BC-9435-4F90-8466-EE92FC9A3929}C:\program files (x86)\acr\autoclubrev\bin\acr.exe" | In - Public - P17 - TRUE | .(.Eutechnyx Ltd. - Auto Club Revolution Race App.) -- C:\program files (x86)\acr\autoclubrev\bin\acr.exe

O87 - FAEL: "TCP Query User{CB4EA360-EAE6-4168-876A-2714BF86E042}C:\program files (x86)\acr\autoclubrev\bin\acr.exe" | In - Private - P6 - TRUE | .(.Eutechnyx Ltd. - Auto Club Revolution Race App.) -- C:\program files (x86)\acr\autoclubrev\bin\acr.exe

O87 - FAEL: "UDP Query User{A7C1FAAE-AE04-44CA-B00D-2CA8C86D4FF3}C:\program files (x86)\acr\autoclubrev\bin\acr.exe" | In - Private - P17 - TRUE | .(.Eutechnyx Ltd. - Auto Club Revolution Race App.) -- C:\program files (x86)\acr\autoclubrev\bin\acr.exe

~ Firewall: 252 Legitimates Filtered in 00mn 00s

---\\ Overzicht van de productcodes van software (PUC) (O90)

O90 - PUC: "B10CB57B68548F3439942D05BD892FF6" . (.SketchUp 2013.) -- C:\Windows\Installer\{B75BC01B-4586-43F8-9349-D250DB98F26F}\SketchUpARPIcon

~ Update Products: 58 Legitimates Filtered in 00mn 00s

---\\ Microsoft Installer-bestanden (WIS) (NTFS) (O93)

[MD5.659306B0BB1459394DE1834EDCAD6FB1] [WIS][25/01/2013] (.AutoCAD Apps - This plug-in can be used with AutoCAD to simplify the process o.) -- C:\Windows\Installer\69e205.msi [3691520]

[MD5.4CC41D22639EB702BC7C02CBAD1BE33E] [WIS][25/01/2013] (.AutoCAD Apps - A plug-in to see the apps featuerd on the Autodesk Exchange web.) -- C:\Windows\Installer\69e20a.msi [3034112]

~ WIS: 63 Legitimates Filtered in 00mn 09s

---\\ Algemene toestand van niet-Microsoft services (GSR) (SR = Running, SS = gestopt)

SS - | Demand 5/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

SS - | Demand 7/11/2013 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe

SS - | Demand 11/10/2013 1045256 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SS - | Demand 21/11/2013 1471352 | (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

SS - | Auto 12/10/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 12/10/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 13/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

SS - | Demand 5/01/2011 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 5/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SR - | Auto 13/12/2012 12288 | (Autodesk Content Service) . (.Autodesk, Inc..) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

SR - | Auto 5/01/2011 1515792 | (EvtEng) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

SR - | Auto 5/11/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

SR - | Auto 1/02/2011 326168 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

SR - | Auto 4/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

SR - | Auto 4/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

SR - | Auto 23/10/2013 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe

SR - | Auto 27/08/2013 14997280 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

SR - | Auto 12/09/2013 920864 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 27/08/2013 2155296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

SR - | Auto 5/01/2011 836880 | (RegSrvc) . (.Intel® Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

SR - | Demand 27/01/2014 571816 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

SR - | Auto 1/02/2011 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 09s

---\\ Onderzoek gelijktijdige op de Master Boot Record (MBR) (O80)

Run by Gebruiker at 18/02/2014 21:36:01

~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s

---\\ Onderzoek de Master Boot Record op Infecties (MBRCheck) (O80)

Written by ad13, http://ad13.geekstog

Run by Gebruiker at 18/02/2014 21:36:03

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s

---\\ Extra scan (O88)

Database Version : 13031 - (17/02/2014)

Clés trouvées (Keys found) : 0

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 305863 Items scanned in 00mn 15s

~ 1781 Legitimates filtered by white list

End of the scan (470 lines in 01mn 17s)(0)

[Mako]

Hallo,

Nog een paar restanten...

Kopieer onderstaande code volledig:

Script ZHPFix 
G2 - GCE: Preference [user Data\Default] [hcddigdgleeplimnncapfcfmmfndfbbg] WeBsave v.3.7 (Activé)
G2 - GCE: Preference [user Data\Default] [jemlklgaibiijojffihnhieihhagocma] Best Flash Save v.148 (Activé)
M2 - MFEP: prefs.js [Gebruiker - uj8d4v3m.default\weidunewtab@gmail.com] [] New Tab Plus v (..)
M2 - MFEP: prefs.js [Gebruiker - uj8d4v3m.default\{0545b830-f0aa-4d7e-8820-50a4629a56fe}] [] ColorfulTabs v (..)
shortcutfix 
emptytemp 
emptyflash 

Antivirussoftware uitschakelen

Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met ZHPFix.

• 
  
• Antivirus software uitschakelen
  
• Antispy & malware software uitschakelen

ZHPFix uitvoeren

Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

• Dubbelklik de snelkoppeling ZHPFix op het bureaublad.
  
• Druk op de knop "Import"
  
• Druk daarna onderaan op de knop "Go".
  
• Wacht nu geduldig af tot er een logje opent en post de inhoud ervan in je volgende bericht aub

[niels123]

Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014

Fichier d'export Registre :

Run by Gebruiker at 19/02/2014 13:37:37

High Elevated Privileges : OK

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Papierkorb geleert (00mn 01s)

Reparatur von Browser-Verknüpfungen

========== Ordner ==========

ENTFERNT: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\uj8d4v3m.default\extensions\weidunewtab@gmail.com

ENTFERNT: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\uj8d4v3m.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}

Löscht temporäre Windows (14)

Flash-Cookies entfernt (0)

========== Dateien ==========

ENTFERNT: c:\users\gebruiker\appdata\local\google\chrome\user data\default\preferences

Löscht temporäre Windows (16) (909.423 octets)

Flash-Cookies entfernt (0) (0 octets)

========== Zusammenfassung ==========

4 : Ordner

3 : Dateien

End of clean in 00mn 01s

========== Pfad zu Datei-Bericht ==========

C:\Users\Gebruiker\AppData\Roaming\ZHP\ZHPFix[R1].txt - 19/02/2014 13:37:39 [1016]

[Mako]

Hoi niels123,

Ziet er goed uit!

Indien je nu geen klachten of vragen meer hebt kunnen we wel afsluiten denk ik. Indien alles binnen enkele dagen nog naar wens verloopt kan je onderstaande tool gebruiken om alle gebruikte programma's en log bestanden opnieuw van je computer te verwijderen.

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• 
  
• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

De map C:\Zoek_backup zal je echter handmatig moeten verwijderen.

Mochten er nog vragen zijn dan hoor ik dat graag

Met vriendelijke groeten en een fijne namiddag,

Mako

[niels123]

hoi

ik heb geen last meer van reclame en het werkt allemaal ook een stuk sneller

en de pc is terwijl ook eens opgekuist

heel veel dank voor alles, jullie hebben me echt geholpen

ik vind het fantastisch dat jullie dit doen

groeten niels

[Mako]

Hallo Niels,

Super dat alles opgelost is! Graag gedaan

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Veel computerplezier!