Mededeling

Collapse
No announcement yet.

Infectie

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Juisterr
    replied
    Gaat helemaal goed dus, inderdaad je wachtwoorden wijzigen, heel goed. ( dat kan nooit kwaad)

    Download Delfix by Xplode naar het bureaublad.

    Dubbelklik op Delfix.exe om de tool te starten.
    Zet nu vinkjes voor de volgende items:
    • Activate UAC
    • Remove disinfection tools
    • Create registry backup
    • Purge System Restore
    • Reset system settings

    Klik nu op "Run" en wacht geduldig tot de tool gereed is.
    Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

    Leave a comment:


  • sfens
    replied
    Hoi Juisterr,

    Ja, de pc start normaal op, er is weer een gangbare snelheid op het internet en ik heb geen blauw scherm meer gekregen.

    Maar toen ik probeerde in te loggen op mijn windows live account via internet explorer, lukte dit niet (meerdere malen) en kreeg ik keer op keer een melding dat mijn e-mailadres niet bestond, maar toen ik probeerde in te loggen via chrome lukte het wel. Voor de zekerheid heb ik meteen mijn wachtwoord veranderd.

    Wel heeft de pc nu service pack 2 kunnen installeren en nog andere updates van microsoft.

    groetjes,
    Sjors

    Leave a comment:


  • Juisterr
    replied
    Gaat het al beter nu?

    Leave a comment:


  • sfens
    replied
    Hoi Juister,

    Bedankt voor je reactie.
    Hier het log-bestandje van zoek.exe:


    Zoek.exe Version 4.0.0.4 Updated 26-07-2013
    Tool run by Liesbeth on ma 29-07-2013 at 19:34:43,34.
    Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
    Running in: Normal Mode No Internet Access Detected
    Launched: C:\Users\Liesbeth\Downloads\zoek.exe [Script inserted]

    ==== System Restore Info ======================

    29-7-2013 19:39:46 Zoek.exe System Restore Point Created Succesfully.

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully
    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully
    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully
    HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
    HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090} deleted successfully
    HKEY_CLASSES_ROOT\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0696f815-a3a9-490a-bb14-9ec3350b1276} deleted successfully

    ==== Deleting CLSID Registry Values ======================

    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{0696f815-a3a9-490a-bb14-9ec3350b1276} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\ {E54729E8-BB3D-4270-9D49-7389EA579090} deleted successfully

    ==== Deleting Services ======================

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater deleted successfully
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Yontoo Desktop Updater deleted successfully
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\televisionfanaticservice deleted successfully
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\televisionfanaticservice deleted successfully

    ==== Deleting Files \ Folders ======================

    "C:\Users\Liesbeth\Downloads\iLividSetupV1.exe" deleted
    "C:\windows\SysNative\Tasks\GoforFilesUpdate" deleted
    "C:\windows\SysNative\Tasks\EPUpdater" deleted
    "C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\datamngrUI.exe" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\MACTrackBarLib.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Exceptio nHandling.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Logging. dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\QuickShare.exe" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.d ll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.Base.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlu gin.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.DefaultBrowser .dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPl ugin.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplor erLocalPlugin.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ShareManagerLo calPlugin.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessEntities. dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll " deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.UserSettings Manager.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper. dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettings.dll " deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettingsAutoUpda ter.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resourc es.dll" deleted
    "C:\Programdata\Windows" deleted
    "C:\Program Files (x86)\Babylon" deleted
    "C:\Program Files (x86)\iMesh Applications" not deleted
    "C:\Program Files (x86)\GoforFiles" deleted
    "C:\Program Files (x86)\Yontoo" deleted
    "C:\found.000" deleted
    "C:\Users\Liesbeth\AppData\Roaming\GoforFiles" deleted
    "C:\Users\Liesbeth\AppData\Roaming\BabSolution" deleted
    "C:\Users\Liesbeth\AppData\Roaming\Babylon" deleted
    "C:\Users\Liesbeth\AppData\Roaming\Yontoo" deleted
    "C:\ProgramData\BrowserProtect" deleted
    "C:\ProgramData\Ask" deleted
    "C:\ProgramData\boost_interprocess" deleted
    "C:\ProgramData\Tarma Installer" deleted
    "C:\ProgramData\Babylon" deleted
    "C:\Users\Liesbeth\AppData\Local\iMesh" deleted
    "C:\Users\Liesbeth\AppData\Local\PackageAware" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar" deleted
    "C:\Users\Liesbeth\AppData\Local\Babylon" deleted
    "C:\Users\Liesbeth\AppData\LocalLow\Delta" deleted
    "C:\Users\Liesbeth\AppData\LocalLow\Smartbar" deleted
    "C:\Users\Liesbeth\AppData\LocalLow\DataMngr" deleted
    "C:\Users\Liesbeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc" deleted
    "C:\Windows\SysWow64\searchplugins" deleted
    "C:\Windows\SysWow64\Extensions" deleted
    "C:\Program Files (x86)\iMesh Applications\Mediabar" not deleted
    "C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr" not deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application" deleted
    "C:\Users\Liesbeth\AppData\Local\Smartbar\Application\nl" deleted

    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Liesbeth\AppData\Roaming\BabSolution\CR\Delta.crx
    niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx

    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
    amfclgbdpgndipgoegfpkkgobahigbcl - C:\Users\Liesbeth\AppData\Local\Smartbar/Application\1Extension.crx

    QuickShare Widget - Liesbeth - Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
    YouTube - Liesbeth - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
    Google Search - Liesbeth - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
    Delta Toolbar - Liesbeth - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
    Gmail - Liesbeth - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

    ==== Chrome Fix ======================

    C:\Users\Liesbeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
    C:\Users\Liesbeth\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully
    C:\Users\Liesbeth\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage deleted successfully
    C:\Users\Liesbeth\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niapdbllcanepiiimjjndipklodoedlc_0.localstorage-journal deleted successfully
    C:\Users\Liesbeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully
    C:\Users\Liesbeth\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage deleted successfully
    C:\Users\Liesbeth\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage-journal deleted successfully

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=NL&userid=61385c87-2b7b-43f0-ba93-89558a1190d1&searchtype=hp&installDate=16/03/2013"
    "Search Page"="http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=NL&userid=61385c87-2b7b-43f0-ba93-89558a1190d1&searchtype=ds&q={searchTerms}&installDate=16/03/2013"
    "Search Bar"="http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=NL&userid=61385c87-2b7b-43f0-ba93-89558a1190d1&searchtype=ds&q={searchTerms}&installDate=16/03/2013"
    "Use Search Asst"="yes"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    "Default"="http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=NL&userid=61385c87-2b7b-43f0-ba93-89558a1190d1&searchtype=ds&q={searchTerms}&installDate=16/03/2013"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
    "Default_Search_URL"="http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=NL&userid=61385c87-2b7b-43f0-ba93-89558a1190d1&searchtype=ds&q={searchTerms}&installDate=16/03/2013"
    "SearchAssistant"="http://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=NL&userid=61385c87-2b7b-43f0-ba93-89558a1190d1&searchtype=ds&q={searchTerms}&installDate=16/03/2013"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    "DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}] not found

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://www.google.com"
    "Use Search Asst"="no"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    "(Default)"="http://search.msn.com/results.asp?q=%s"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{bff6b2ca-366c-4a90-b685-d87776deb0d2} deleted successfully
    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{bff6b2ca-366c-4a90-b685-d87776deb0d2} deleted successfully
    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
    HKEY_USERS\S-1-5-21-3158966452-1858351506-1955348124-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{bff6b2ca-366c-4a90-b685-d87776deb0d2} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bff6b2ca-366c-4a90-b685-d87776deb0d2} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

    ==== Deleting CLSID Registry Values ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{bff6b2ca-366c-4a90-b685-d87776deb0d2} deleted successfully

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully
    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully

    ==== Empty IE Cache ======================

    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Liesbeth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Users\Liesbeth\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Liesbeth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    ==== Empty FireFox Cache ======================

    No FireFox Profiles found

    ==== Empty Chrome Cache ======================

    C:\users\Liesbeth\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied
    C:\Users\Liesbeth\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== Deleting Files / Folders ======================

    "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
    "C:\Users\Liesbeth\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
    "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
    "C:\Program Files (x86)\iMesh Applications" not found

    ==== EOF on ma 29-07-2013 at 19:47:33,50 ======================


    Groetjes,
    Sjors

    Leave a comment:


  • Juisterr
    replied
    Probeer dit eens.

    Download zoek.exe naar het bureaublad.
    • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
      (hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
    • Dubbelklik op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
      Code:
      emptyclsid;
      firefoxlook; 
      Chromelook; 
      autoclean; 
      iedefaults;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

    Leave a comment:


  • sfens
    started a topic Infectie

    Infectie

    Beste Nucia,

    Ik heb op een laptop van een kennis enkele opschoon werkzaamheden verricht, oa. verwijderen van toolbars, opschonen met Ccleaner, omdat de laptop vanwege allerlei software erg traag was geworden.
    Na enkele scans van microsoft security essentials en malwarebytes, heb ik wat malware kunnen verwijderen, maar ik bleef hits krijgen met malwarebytes en leek het mij verstandig om enkele logbestandjes te maken met DSS en GMER. Nadat ik de logbestandjes had opgeslagen, startte ik het internet via google chrome, maar ik kreeg direct een blauw scherm. Via veilige modus heb ik de logbestandjes van de laptop weten te halen.
    De laptop start wel weer in normale modus op, maar internet is erg traag (nauwelijks de nucia forum site geopend +/- 30 min).
    Hopelijk kunnen jullie mij helpen.
    Alvast bedankt.

    Groetjes,
    Sjors

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 10.17.2
    Run by Liesbeth at 20:33:49 on 2013-07-22
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3894.2170 [GMT 2:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\SysWOW64\ezSharedSvcHost.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\datamngrUI.exe
    C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
    C:\Windows\system32\taskhost.exe
    C:\Users\Liesbeth\AppData\Local\Smartbar\Application\QuickShare.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
    C:\Windows\splwow64.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=NL&userid=61385c87-2b7b-43f0-ba93-89558a1190d1&searchtype=hp&installDate=16/03/2013
    uSearch Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=NL&userid=61385c87-2b7b-43f0-ba93-89558a1190d1&searchtype=ds&q={searchTerms}&installDate=16/03/2013
    uSearch Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=NL&userid=61385c87-2b7b-43f0-ba93-89558a1190d1&searchtype=ds&q={searchTerms}&installDate=16/03/2013
    uSearchAssistant = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=NL&userid=61385c87-2b7b-43f0-ba93-89558a1190d1&searchtype=ds&q={searchTerms}&installDate=16/03/2013
    uURLSearchHooks: <No Name>: {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
    mWinlogon: Userinit = userinit.exe,
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
    BHO: Search Assistant BHO: {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: DataMngr: {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\BrowserConnection.dll
    BHO: Search-Results Toolbar: {bff6b2ca-366c-4a90-b685-d87776deb0d2} - C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll
    BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
    BHO: Toolbar BHO: {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
    TB: TelevisionFanatic: {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
    TB: Search-Results Toolbar: {bff6b2ca-366c-4a90-b685-d87776deb0d2} - C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll
    TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll
    TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
    TB: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
    uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Yontoo Desktop] "C:\Users\Liesbeth\AppData\Roaming\Yontoo\YontooDesktop.exe"
    uRun: [Browser Infrastructure Helper] C:\Users\Liesbeth\AppData\Local\Smartbar\Application\QuickShare.exe startup
    uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe -update activex
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
    mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [DATAMNGR] C:\PROGRA~2\IMESHA~1\Mediabar\Datamngr\DATAMN~1.EXE
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [TelevisionFanatic Search Scope Monitor] "C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
    mRun: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
    dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
    StartupFolder: C:\Users\Liesbeth\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-Explorer: EnableShellExecuteHooks = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: HideFastUserSwitching = dword:0
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 192.168.2.254
    TCP: Interfaces\{7AF6C06F-1CF0-4CD7-BF3D-418201E2D78E} : DHCPNameServer = 192.168.2.254
    TCP: Interfaces\{7AF6C06F-1CF0-4CD7-BF3D-418201E2D78E}\14256573531393544363838333 : DHCPNameServer = 192.168.2.254
    TCP: Interfaces\{7AF6C06F-1CF0-4CD7-BF3D-418201E2D78E}\350756564645F6573686733463934444 : DHCPNameServer = 192.168.1.254
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: DataMngr: {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\Program Files (x86)\iMesh Applications\Mediabar\Datamngr\x64\BrowserConnection.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
    x64-Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    x64-Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
    x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-7-16 98208]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-3-3 202752]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-4-5 103992]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]
    R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-10 418376]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-10 701512]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 130008]
    R2 TelevisionFanaticService;TelevisionFanaticService;C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe [2013-3-16 42504]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-16 2320920]
    R2 Yontoo Desktop Updater;Yontoo Desktop Updater;C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [2013-3-16 23552]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
    R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-11 158720]
    R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-3-3 7843040]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-6-10 25928]
    R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-16 225280]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-16 295424]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-12 1255736]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
    .
    =============== Created Last 30 ================
    .
    2013-07-22 18:27:13 941720 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6CD0603C-BF45-421E-A022-0B0ECEA0B25E}\gapaengine.dll
    2013-07-22 18:26:00 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0C576B5F-5FC1-4726-97D6-7AC3729497D7}\mpengine.dll
    2013-07-13 09:26:54 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9280BA49-0FD7-47A9-BCC1-CB10A815A26B}\gapaengine.dll
    2013-07-13 09:23:12 9552976 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-07-13 09:16:03 -------- d-----w- C:\Users\Liesbeth\AppData\Local\{6983D9AA-4C29-4110-8F35-351BF8EDB871}
    .
    ==================== Find3M ====================
    .
    2013-07-13 10:58:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-07-13 10:58:25 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-06-10 19:18:33 175104 ----a-w- C:\Windows\System32\msclmd.dll
    2013-06-10 19:18:33 152064 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
    .
    ============= FINISH: 20:35:10,00 ===============
Sorry, you are not authorized to view this page
Working...
X