Tijdens het zoeken naar info over Litouwen op een Russische link geklikt en onmiddellijk opende zich in dit nieuwe tabblad een nieuw venster met de gekende info, federale politie, resttijd 48 uur en verzoek om te betalen. Kon dit venster enkel wegklikken door het sluiten van firefox.exe service. Ik ondervind eigenlijk geen zichtbaar probleem bij het verder gebruik van de laptop en ook mijn bestanden zijn gewoon toegankelijk (gelukkig).
Toch heb ik even de stappen gevolgd van het HijackThis-forum met die opmerking dat Gmer een BSOD veroorzaakt na een tijdje scannen (tot twee x toe). Dus heb ik enkel Malwarebytes en DDS, ben benieuwd.
Bedankt alvast.

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Databaseversie: v2014.02.04.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
ronne :: RONNE-PC [administrator]

4/02/2014 13:10:03
mbam-log-2014-02-04 (13-10-03).txt

Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 220317
Verstreken tijd: 6 minuut/minuten, 17 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by ronne at 14:05:06 on 2014-02-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3949.2808 [GMT 1:00]
.
AV: avast! Internet Security *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Internet Security *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.e xe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://sphinx.skynet.be/tv-overal/live-tv/268
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://www.google.com
uURLSearchHooks: {87775fdb-6972-41f9-ae51-8326e38cb206} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: AutorunsDisabled - <orphaned>
BHO: Aimersoft Video Converter Ultimate: {54F73992-6549-4369-9A0D-84FD310A464A} - C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRIEPlugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [BrowserPlugInHelper] C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe
mRun: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{80C2A4FB-C299-4860-880B-2D243C3EAB5B} : NameServer = 80.201.237.238 80.201.237.239
TCP: Interfaces\{886256E5-840D-4B73-9533-68F0242D534A} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{D3F9A47B-D02F-4981-9648-D7291E9DE250} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{D3F9A47B-D02F-4981-9648-D7291E9DE250} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D3F9A47B-D02F-4981-9648-D7291E9DE250}\4554C454E4544584F4D4543505F445 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{D3F9A47B-D02F-4981-9648-D7291E9DE250}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141
TCP: Interfaces\{D3F9A47B-D02F-4981-9648-D7291E9DE250}\64F4E4F52454C4741434F4D4 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{D3F9A47B-D02F-4981-9648-D7291E9DE250}\64F4E4F52454C4741434F4D4 : DHCPNameServer = 195.238.2.21 195.238.2.22
TCP: Interfaces\{D3F9A47B-D02F-4981-9648-D7291E9DE250}\C4964747C656F5359637475627D276163747 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{D3F9A47B-D02F-4981-9648-D7291E9DE250}\C4964747C656F5359637475627D276163747 : DHCPNameServer = 195.130.130.130 195.130.131.130
TCP: Interfaces\{D3F9A47B-D02F-4981-9648-D7291E9DE250}\C696E6B6379737 : NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{D3F9A47B-D02F-4981-9648-D7291E9DE250}\C696E6B6379737 : DHCPNameServer = 195.130.130.130 195.130.131.130
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: AutorunsDisabled - <orphaned>
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ronne\AppData\Roaming\Mozilla\Firefox\Pro files\bdpn3sg0.default-1388383681172\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_ 43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-4 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-4 207904]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\System32\drivers\tdrpm273.sys [2011-8-4 1263200]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.s ys [2012-5-17 28184]
R1 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2013-3-4 440672]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.s ys [2012-1-7 1038072]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2012-1-7 421704]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-10-6 283200]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-11-11 202752]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\as wMonFlt.sys [2012-1-7 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-1-26 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-1-26 113704]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-28 2314240]
R2 VmbService;Vodafone Mobile Broadband-service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2010-12-31 9216]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2009-10-15 117760]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-10-28 56344]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\Sys tem32\drivers\ew_jubusenum.sys [2013-11-29 86016]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sy s [2009-11-13 67072]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2013-5-23 77592]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2013-5-23 13080]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2011-9-28 285280]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-8-21 44032]
S3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.s ys [2013-12-18 80184]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-6-21 117248]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2012-6-21 419840]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssflt r.sys [2011-6-21 61792]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\dr ivers\ew_jucdcacm.sys [2013-11-29 98816]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System3 2\drivers\ew_juextctrl.sys [2013-11-29 28672]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\ drivers\ew_juwwanecm.sys [2013-11-29 213504]
S3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\System32\drivers\ewusbfake.sys [2011-7-1 114304]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2010-7-28 29720]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revofl t.sys [2012-9-12 31800]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUs bFlt.sys [2011-6-23 59392]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-21 1255736]
S4 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2010-10-28 379520]
S4 afcdpsrv;Acronis Nonstop Backup-service ;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-9-28 3246040]
S4 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2014-01-15 03:44:53 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 03:44:53 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-15 03:44:53 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-15 03:44:53 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-15 03:44:53 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-15 03:44:53 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 03:44:53 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-15 03:44:38 3156480 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2014-01-26 03:36:23 80184 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-01-26 03:36:23 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-01-26 03:36:23 1038072 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-01-26 03:36:22 43152 ----a-w- C:\Windows\avastSS.scr
2014-01-26 03:36:01 440672 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2014-01-19 22:01:21 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-19 22:01:21 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-06 15:45:22 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2013-12-18 15:27:06 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-19 18:29:53 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 14:05:50,75 ===============

Peenif, kun je me juist vertellen wat er juist stond? Er zijn veel varianten van het politievirus die elk een andere verwijder methode vragen!!!

Neen, helaas, had beter een screenshot gemaakt.

Neen, helaas, had beter een screenshot gemaakt.
Jammer!

Download http://filepony.de/icon/tiny/adwcleaner.png AdwCleaner (http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner) by Xplode naar het bureaublad.
Sluit alle openstaande vensters. Dubbelklik op AdwCleaner om hem te starten. Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren, Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren. Klik vervolgens op Scan. Klik vervolgens op Clean als er items zijn gevonden. Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[S0].txt

# AdwCleaner v3.018 - Report created 05/02/2014 at 04:59:31
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ronne - RONNE-PC
# Running from : C:\Users\ronne\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (nl)

[ File : C:\Users\ronne\AppData\Roaming\Mozilla\Firefox\Pro files\bdpn3sg0.default-1388383681172\prefs.js ]


*************************

AdwCleaner[R0].txt - [2107 octets] - [05/11/2013 15:47:08]
AdwCleaner[R1].txt - [890 octets] - [05/11/2013 16:00:29]
AdwCleaner[R2].txt - [1215 octets] - [04/02/2014 10:57:25]
AdwCleaner[R3].txt - [1143 octets] - [04/02/2014 19:32:25]
AdwCleaner[R4].txt - [1201 octets] - [05/02/2014 04:58:59]
AdwCleaner[S0].txt - [2104 octets] - [05/11/2013 15:48:43]
AdwCleaner[S1].txt - [950 octets] - [05/11/2013 16:01:39]
AdwCleaner[S2].txt - [1281 octets] - [04/02/2014 10:58:43]
AdwCleaner[S3].txt - [1123 octets] - [05/02/2014 04:59:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1183 octets] ##########

Heb Gmer eens laten uitvoeren in de sandbox van Avast Internet Security en dit ging zonder problemen, hier het logje.

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-02-05 05:19:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0003 465,76GB
Running: ivg2eghq.exe; Driver: C:\Users\ronne\AppData\Local\Temp\uglorpog.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLoo kasideList + 528 fffff800035af000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLoo kasideList + 575 fffff800035af02f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text C:\Windows\system32\wininit.exe[764] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\system32\services.exe[824] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\system32\winlogon.exe[868] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1004] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\system32\atiesrxx.exe[716] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[616] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\System32\svchost.exe[1040] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1080] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1108] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\System32\DriverStore\FileRepository\stw rt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.e xe[1176] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\system32\AUDIODG.EXE[1240] C:\Windows\System32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1516] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1680] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe[1708] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe[1736] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Program Files\AVAST Software\Avast\afwServ.exe[1856] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Windows\System32\spoolsv.exe[1992] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1444] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Windows\system32\svchost.exe[2068] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[2100] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Windows\system32\svchost.exe[2180] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\system32\svchost.exe[2208] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[2248] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe[2392] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Windows\system32\taskhost.exe[2628] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Windows\Explorer.EXE[2832] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe[2972] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe[2572] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[2732] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Windows\system32\SearchIndexer.exe[4108] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 00000000773beecd 1 byte [62]
.text C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe[4500] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe[4568] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]
.text C:\Users\ronne\Desktop\ivg2eghq.exe[3536] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 0000000076a9a2ba 1 byte [62]

---- Threads - GMER 2.1 ----

Thread C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2924:3644] 00000000705352c9
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4228:5092] 000007fefb922a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4228:5100] 000007fef0f4d618
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4228:4544] 000007fefa075124
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4228:4972] 000007fef0ee9730
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4228:5008] 000007fef0f4d618

---- EOF - GMER 2.1 ----

Deze zien er beiden goed uit hoor!! Heb je nog problemen?

Neen, heb eigenlijk nooit problemen ervaren. Hoe komt het dat Gmer in normale modus een BSOD veroorzaakt?

Hoe komt het dat Gmer in normale modus een BSOD veroorzaakt?
Wel ik moet zeggen dat ze het aan het onderzoeken zijn!!!