Mededeling

Collapse
No announcement yet.

trovigo en avg my search verwijderen

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • trovigo en avg my search verwijderen

    hallo

    ik heb sinds een paar dagen last van trovigo en avg my search
    heb windows opnieuw geinstalleerd dat heeft niet gewerkt.
    ik heb het bij chrome en explore

    hierbij de logs

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 22-12-2014
    Scan Time: 16:02:28
    Logfile: guus.txt
    Administrator: Yes

    Version: 2.00.4.1028
    Malware Database: v2014.12.22.03
    Rootkit Database: v2014.12.14.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 8
    CPU: x64
    File System: NTFS
    User: guus

    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 573394
    Time Elapsed: 5 hr, 44 min, 29 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    GMER LOG


    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-12-22 22:19:22
    Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000034 ST500LT012-9WS142 rev.0001YAM1 465,76GB
    Running: o7q7dpy7.exe; Driver: C:\Users\guus\AppData\Local\Temp\fgroqpoc.sys


    ---- Kernel code sections - GMER 2.1 ----

    .text C:\WINDOWS\system32\ntoskrnl.exe!KiCpuId + 988 fffff800d30dc41c 1 byte [31]
    .text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff960000e0c00 7 bytes [40, A3, 82, 01, 00, 52, F2]
    .text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 8 fffff960000e0c08 7 bytes [01, 04, C2, FF, 00, A4, DC]

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1104] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f9aee71532 4 bytes [E7, AE, F9, 07]
    .text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1104] C:\WINDOWS\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f9aee7153a 4 bytes [E7, AE, F9, 07]
    .text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[1104] C:\WINDOWS\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f9aee7165a 4 bytes [E7, AE, F9, 07]
    .text C:\WINDOWS\Explorer.EXE[3900] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007f9b68c177a 4 bytes [8C, B6, F9, 07]
    .text C:\WINDOWS\Explorer.EXE[3900] C:\WINDOWS\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007f9b68c1782 4 bytes [8C, B6, F9, 07]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[3728] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 306 000007f9b68c177a 4 bytes [8C, B6, F9, 07]
    .text C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe[3728] C:\WINDOWS\system32\psapi.dll!GetProcessImageFileNameA + 314 000007f9b68c1782 4 bytes [8C, B6, F9, 07]

    ---- Threads - GMER 2.1 ----

    Thread System [4:364] fffff880053498d4
    Thread C:\WINDOWS\system32\csrss.exe [556:572] fffff9600098c5e8
    ---- Processes - GMER 2.1 ----

    Library C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130113.001\IDSxpx86.dll (*** suspicious ***) @ C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe [3780] (FILE NOT FOUND) 000000006e970000
    Library C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20141219.001\IDSxpx86.dll (*** suspicious ***) @ C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe [3780] (FILE NOT FOUND) 0000000067ce0000
    Library C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20141209.001\BHEngine.dll (*** suspicious ***) @ C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe [3780] (FILE NOT FOUND) 00000000666b0000
    Library C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20141221.020\ecmsvr32.dll (*** suspicious ***) @ C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe [3780] (FILE NOT FOUND) 0000000067fb0000
    Library C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20141221.020\NAVEX32a.DLL (*** suspicious ***) @ C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe [3780] (FILE NOT FOUND) 0000000065ef0000
    Library C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20141221.020\NAVENG32.DLL (*** suspicious ***) @ C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe [3780] (FILE NOT FOUND) 0000000067f80000
    Library C:\Users\guus\AppData\Local\Temp\nsx50A1.tmp\System.dll (*** suspicious ***) @ C:\Users\guus\Downloads\dds.com [7164](2014-12-22 21:13:21) 0000000010000000

    ---- Disk sectors - GMER 2.1 ----

    Disk \Device\Harddisk0\DR0 unknown MBR code

    ---- EOF - GMER 2.1 ----


    DDS LOG

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16537
    Run by guus at 22:14:56 on 2014-12-22
    Microsoft Windows 8 6.2.9200.0.1252.31.1043.18.7962.4297 [GMT 1:00]
    .
    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\svchost.exe -k RPCSS
    C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\WINDOWS\system32\dwm.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\WINDOWS\system32\Hpservice.exe
    C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\System32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
    C:\WINDOWS\system32\svchost.exe -k apphost
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
    C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
    C:\WINDOWS\system32\dashost.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\WINDOWS\system32\taskhost.exe
    C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    C:\WINDOWS\system32\WLANExt.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Users\guus\Downloads\adwcleaner_4.106.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
    C:\Windows\System32\RuntimeBroker.exe
    C:\WINDOWS\system32\taskhost.exe
    C:\Users\guus\Downloads\sp62596.exe
    C:\swsetup\SP62596\setup.exe
    C:\SWSETUP\SP62596\WinWDF\x64\DPInst.exe
    C:\WINDOWS\system32\taskhostex.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchFilterHost.exe
    C:\Users\guus\Downloads\o7q7dpy7.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com
    mWinlogon: Userinit = userinit.exe
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\CoIEPlg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\IPS\IPSBHO.dll
    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\CoIEPlg.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\CoIEPlg.dll
    mRun: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
    mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
    mRun: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
    mPolicies-System: PromptOnSecureDesktop = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    TCP: NameServer = 212.54.44.54 212.54.40.25
    TCP: Interfaces\{D09A0081-D110-4DC8-92C2-E479E41D8B2E} : DHCPNameServer = 212.54.44.54 212.54.40.25
    TCP: Interfaces\{D622A2EF-1016-4832-A577-C83CDE5E1A32} : DHCPNameServer = 212.54.44.54 212.54.40.25
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
    x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
    x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
    x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-mPolicies-System: PromptOnSecureDesktop = dword:0
    x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iaStorA;iaStorA;C:\WINDOWS\System32\Drivers\iaStorA.sys [2013-4-30 677360]
    R0 SymDS;Symantec Data Store;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\symds64.sys [2014-12-22 493656]
    R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\symefa64.sys [2014-12-22 1139800]
    R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\ccsetx64.sys [2014-12-22 169048]
    R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\Drivers\CLVirtualDrive.sys [2013-11-10 91712]
    R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\ironx64.sys [2014-12-22 224416]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-11-10 98208]
    R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-11-10 77576]
    R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-11-10 294664]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-6-7 92160]
    R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2013-3-1 43320]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-5-3 1039160]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-30 15344]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-2-13 731648]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-11-10 131544]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-11-10 169432]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-12-22 1871160]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-12-22 969016]
    R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe [2014-12-22 144368]
    R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE [2013-11-10 245832]
    R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2014-1-9 1025408]
    R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [2014-12-9 1587416]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\WINDOWS\System32\Drivers\clwvd.sys [2013-11-10 41408]
    R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20141219.001\IDSviA64.sys [2014-12-19 637656]
    R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2014-12-22 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [2014-12-22 129752]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\Drivers\mwac.sys [2014-12-22 64216]
    R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\Drivers\Rt630x64.sys [2013-11-10 801864]
    R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\Drivers\rtwlane.sys [2013-7-12 3029208]
    R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\Drivers\Smb_driver_Intel.sys [2013-4-24 33008]
    R3 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\Drivers\NISx64\1403000.024\symnets.sys [2013-11-10 432800]
    R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\WINDOWS\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]
    S?2 EsgScanner;EsgScanner;C:\WINDOWS\System32\Drivers\EsgScanner.sys [2014-12-22 22704]
    S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\Drivers\NISx64\1404000.028\symelam.sys [2014-12-22 23448]
    S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\Drivers\IntcDAud.sys [2013-5-22 452088]
    S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-2-13 820184]
    S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\Drivers\Smb_driver_AMDASF.sys [2013-4-24 29424]
    SUnknown EraserUtilDrv11220;EraserUtilDrv11220; [x]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2014-12-22 19:27:21 796760 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1404000.028\srtsp64.sys
    2014-12-22 19:27:21 493656 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1404000.028\symds64.sys
    2014-12-22 19:27:21 433752 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1404000.028\symnets.sys
    2014-12-22 19:27:21 36952 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1404000.028\srtspx64.sys
    2014-12-22 19:27:21 23448 ----a-r- C:\WINDOWS\System32\drivers\NISx64\1404000.028\symelam.sys
    2014-12-22 19:27:21 224416 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1404000.028\ironx64.sys
    2014-12-22 19:27:21 169048 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1404000.028\ccsetx64.sys
    2014-12-22 19:27:21 1139800 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1404000.028\symefa64.sys
    2014-12-22 19:27:00 -------- d-----w- C:\WINDOWS\System32\drivers\NISx64\1404000.028
    2014-12-22 19:00:01 -------- d-----w- C:\WINDOWS\System32\MRT
    2014-12-22 18:59:37 -------- d-----w- C:\87000d652c054a8779936bcebf114944
    2014-12-22 14:58:48 -------- d-----w- C:\AdwCleaner
    2014-12-22 14:52:14 129752 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
    2014-12-22 14:51:43 93400 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
    2014-12-22 14:51:43 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
    2014-12-22 14:51:43 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
    2014-12-22 14:51:43 -------- d-----w- C:\ProgramData\Malwarebytes
    2014-12-22 14:51:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-12-22 14:51:07 -------- d-----w- C:\Users\guus\AppData\Local\Programs
    2014-12-22 14:31:09 22704 ----a-w- C:\WINDOWS\System32\drivers\EsgScanner.sys
    2014-12-22 14:31:05 110080 ----a-r- C:\Users\guus\AppData\Roaming\Microsoft\Installer\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}\IconF7A21AF7.exe
    2014-12-22 14:31:05 110080 ----a-r- C:\Users\guus\AppData\Roaming\Microsoft\Installer\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}\IconD7F16134.exe
    2014-12-22 14:31:05 110080 ----a-r- C:\Users\guus\AppData\Roaming\Microsoft\Installer\{1F7E4FF9-D2E5-4258-9AE1-E16E6CB3252A}\Icon1226A4C5.exe
    2014-12-22 14:31:05 -------- d-----w- C:\sh4ldr
    2014-12-22 14:31:05 -------- d-----w- C:\Program Files\Enigma Software Group
    2014-12-22 14:30:38 -------- d-----w- C:\WINDOWS\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
    2014-12-22 14:30:29 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2014-12-22 14:09:18 -------- d-----w- C:\Users\guus\AppData\Roaming\hpqlog
    2014-12-22 13:54:04 -------- d-----w- C:\Users\guus\AppData\Local\Google
    2014-12-22 13:53:48 -------- d-----w- C:\Users\guus\AppData\Local\Deployment
    2014-12-22 13:53:48 -------- d-----w- C:\Users\guus\AppData\Local\Apps
    2014-12-22 13:52:18 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
    2014-12-22 13:44:52 -------- d-----w- C:\Users\guus\AppData\Local\CyberLink
    2014-12-22 13:44:14 -------- d-----w- C:\Users\guus\AppData\Roaming\Synaptics
    2014-12-22 13:43:44 -------- d-----r- C:\Users\guus\Searches
    2014-12-22 13:43:44 -------- d-----r- C:\Users\guus\Contacts
    2014-12-22 12:25:38 -------- d-----w- C:\Users\guus\AppData\Local\Hewlett-Packard
    2014-12-22 12:25:37 -------- d-----w- C:\Users\guus\AppData\Local\Power2Go8
    2014-12-22 12:16:05 -------- d-sh--we C:\ProgramData\Sjablonen
    2014-12-22 12:16:05 -------- d-sh--we C:\ProgramData\Menu Start
    2014-12-22 12:16:05 -------- d-sh--we C:\ProgramData\Documenten
    2014-12-22 12:16:05 -------- d-sh--we C:\ProgramData\Bureaublad
    .
    ==================== Find3M ====================
    .
    2014-12-22 19:29:29 177312 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS
    .
    ============= FINISH: 22:16:15,90 ===============


    ATTACH LOG

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 8
    Boot Device: \Device\HarddiskVolume2
    Install Date: 22-12-2014 13:24:13
    System Uptime: 22-12-2014 15:01:34 (7 hours ago)
    .
    Motherboard: Hewlett-Packard | | 2163
    Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz | U3E1 | 1600/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 445 GiB total, 399,071 GiB free.
    D: is FIXED (NTFS) - 19 GiB total, 1,921 GiB free.
    E: is CDROM (UDF)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP3: 22-12-2014 14:55:58 - Windows Update
    .
    ==== Installed Programs ======================
    .
    7-Zip 9.20 (x64 edition)
    Adobe Shockwave Player 12.0
    Bonjour
    CyberLink LabelPrint
    CyberLink Media Suite 10
    Cyberlink PhotoDirector
    CyberLink Power2Go 8
    CyberLink PowerDirector 10
    CyberLink PowerDVD 12
    CyberLink YouCam
    D3DX10
    DisableMSDefender
    Energy Star
    Google Chrome
    Google Update Helper
    Hewlett-Packard ACLM.NET v1.2.2.1
    HP 3D DriveGuard
    HP Connected Music (Meridian - installer)
    HP CoolSense
    HP Customer Experience Enhancements
    HP Documentation
    HP Postscript Converter
    HP Recovery Manager
    HP Registration Service
    HP Support Assistant
    HP System Event Utility
    HP Utility Center
    HP Wireless Button Driver
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    Intel(R) SDK for OpenCL - CPU Only Runtime Package
    Intel® Trusted Connect Service Client
    Malwarebytes Anti-Malware versie 2.0.4.1028
    Microsoft Application Error Reporting
    Microsoft Office
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
    Movie Maker
    MSVCRT
    MSVCRT110
    MSVCRT110_amd64
    Norton Internet Security
    Photo Common
    Photo Gallery
    Realtek Card Reader
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    REALTEK Wireless LAN Driver
    SpyHunter
    swMSM
    Synaptics Pointing Device Driver
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    .
    ==== End Of File ===========================

    alvast bedankt

  • #2
    Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
    (hier en hier) kan je lezen hoe je dat doet.

    Download Zoek.exe naar het bureaublad (klik hier voor meer informatie over hoe zoek.exe te gebruiken)
    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
      Code:
      emptyclsid;
      shortcutfix;
      emptyfolderscheck;
      firefoxlook; 
      Chromelook; 
      CHRdefaults;
      autoclean; 
      iedefaults; 
      filesrcm;  
      startupall;
      resetieproxy;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      hierbij het logje
      Bijgevoegde Bestanden

      Comment


      • #4
        Gaat het al beter nu ?

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          nee nog steeds last van

          Comment


          • #6
            Waar worden ze gevonden ?

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              eigenlijk alleen bij chrome als je dat bedoelt

              Comment


              • #8
                Bedoel ik ja, verwijder Chrome via software en start opnieuw op.

                Windows 10 opstarten in Veilige Modus

                Comment


                • #9
                  Ga naar Start > Configuratiescherm > Software "Programma's en Onderdelen".
                  Selecteer Google Chrome en verwijder deze geheel van de computer.

                  Download vervolgens Old Chrome Remover naar bijvoorbeeld het bureaublad.
                  • Klik met de rechtermuisknop op OldChromeRemover-0.5 en kies voor de optie uitvoeren als administrator.
                  • Er verschijnt nu een zwart commandprompt scherm, wacht vervolgens tot de onderstaande melding verschijnt.



                  • Druk vervolgens op de toets Y om de verouderde versie(s) van Google Chrome te verwijderen.
                  • Wanneer dit gereed is klikt u op een willekeurige toets, b.v. de spatiebalk om het programma te sluiten.
                  • Herstart de computer en download Google Chrome en installeer deze opnieuw.

                  Windows 10 opstarten in Veilige Modus

                  Comment


                  • #10
                    bedankt het is verholpen

                    Comment


                    • #11
                      Heel fijn.

                      Windows 10 opstarten in Veilige Modus

                      Comment

                      Sorry, you are not authorized to view this page
                      Working...
                      X