Mededeling

Collapse
No announcement yet.

problemen met Snapdo

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • problemen met Snapdo

    Hoi. Helaas heb ik ook problemen opgelopen met Snapdo. Ik had opeens last van een gare extra toolbar en er was steeds opeens een programma dat mijn computer ging scannen. Ik kreeg het niet weg. Ik had het topic gelezen van Peterde Kok van 29 sep en gezien wat Emphyrio had gezegd dat hij moest doen dat heb ik ook gedaan en hier zijn de resultaten.

    Hier zijn mijn logs, gemaakt in de opgestelde volgorde:

    .•MBAM

    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Databaseversie: 913102109

    Windows 6.2.9200
    Internet Explorer 9.10.9200.16721

    22-10-2013 00:44:42
    mbam-log-2013-10-22 (00-44-41).txt

    Scantype: Volledige scan (C:\|)
    Objecten gescand: 422742
    Verstreken tijd: 1 uur/uren, 10 minuut/minuten, 31 seconde(n)

    Geheugenprocessen geïnfecteerd: 2
    Geheugenmodulen geïnfecteerd: 6
    Registersleutels geïnfecteerd: 46
    Registerwaarden geïnfecteerd: 7
    Registerdata geïnfecteerd: 5
    Mappen geïnfecteerd: 69
    Bestanden geïnfecteerd: 439

    Geheugenprocessen geïnfecteerd:
    c:\program files (x86)\advanced system protector\advancedsystemprotector.exe (PUP.Optional.AdvancedSystemProtector.A) -> 3028 -> Unloaded process successfully.
    c:\Users\Juanmei\AppData\Local\Smartbar\application\SnapDo.exe (PUP.Optional.SmartBar.A) -> 4148 -> Unloaded process successfully.

    Geheugenmodulen geïnfecteerd:
    c:\program files (x86)\advanced system protector\aspsys.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    c:\program files (x86)\advanced system protector\microsoft.win32.taskscheduler.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    c:\program files (x86)\advanced system protector\system.data.sqlite.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    c:\program files (x86)\advanced system protector\xceed.compression.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    c:\program files (x86)\advanced system protector\xceed.filesystem.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    c:\program files (x86)\advanced system protector\xceed.zip.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.

    Registersleutels geïnfecteerd:
    HKEY_CLASSES_ROOT\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\escort.escortIEPane.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\escort.escortIEPane (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\delta.deltaHlpr.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\delta.deltaHlpr (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\esrv.deltaESrvc.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\esrv.deltaESrvc (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\IESmartBar.BHO (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\delta.deltadskBnd (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\delta.deltaappCore.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\delta.deltaappCore (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\d (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Delta\delta\Instl (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.

    Registerwaarden geïnfecteerd:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Value: {82E1477C-B154-48D3-9891-33D83C26BCD3} -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Value: {82E1477C-B154-48D3-9891-33D83C26BCD3} -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Delta\Delta\tlbrSrchUrl (PUP.Optional.Delta.A) -> Value: tlbrSrchUrl -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\bProtector Start Page (PUP.BProtector) -> Value: bProtector Start Page -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\bProtectorDefaultScope (PUP.BProtector) -> Value: bProtectorDefaultScope -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Delta\delta\lastB (PUP.Optional.Delta.A) -> Value: lastB -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Browser Infrastructure Helper (PUP.Optional.SmartBar.A) -> Value: Browser Infrastructure Helper -> Quarantined and deleted successfully.

    Registerdata geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=5641b66e-7a32-a5dc-cbcf-a1e09a2f8183&searchtype=ds&q={searchTerms}&installDate=15/10/2013) Good: (http://www.google.com) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=Sn...ate=15/10/2013) Good: (http://www.google.com) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=5641b66e-7a32-a5dc-cbcf-a1e09a2f8183&searchtype=ds&q={searchTerms}&installDate=15/10/2013) Good: (http://www.google.com) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\Default_Search_URL (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=5641b66e-7a32-a5dc-cbcf-a1e09a2f8183&searchtype=ds&q={searchTerms}&installDate=15/10/2013) Good: (http://www.google.com) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (PUP.Optional.Snapdo) -> Bad: (http://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=5641b66e-7a32-a5dc-cbcf-a1e09a2f8183&searchtype=ds&q={searchTerms}&installDate=15/10/2013) Good: (http://www.google.com) -> Quarantined and deleted successfully.

    Mappen geïnfecteerd:
    c:\Users\JenniferLeung\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365 (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\1 (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\3 (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\35 (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\36 (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\39 (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\4 (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\41 (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\42 (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\components (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\desk_bkg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\icons (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\promote (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\sysicons (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\wp (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Desk 365 (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\player (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\player\images (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\clamunpack (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\troubleshooter (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\firefoxextension (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\babsolution (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\babsolution\CR (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\babsolution\Shared (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Delta\delta\1.8.21.5\bh (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\search results toolbar\Datamngr (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\2.1.1000.10905 (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Systweak\advanced system protector (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Systweak\advanced system protector\2.1.1000.10905 (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Systweak\advanced system protector\Backup (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Systweak\advanced system protector\Logs (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\image (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\image\default (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\Install (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\language (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\language\en_us (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\language\es_es (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\language\pt_br (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\language\tr_tr (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\language\zh_cn (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\language\zh_tw (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\layout (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\layout\default (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\Desk365\eInstall\style (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\common files\337\libcef (PUP.Optional.337Technologies.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\common files\337\libcef\1.1364.1123 (PUP.Optional.337Technologies.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\common files\337\libcef\1.1364.1123\locales (PUP.Optional.337Technologies.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\ct2612669 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Systweak\regclean pro (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Systweak\regclean pro\version 6.1 (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.

    Bestanden geïnfecteerd:
    c:\program files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    c:\program files (x86)\Delta\delta\1.8.21.5\deltasrv.exe (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    c:\program files (x86)\Delta\delta\1.8.21.5\deltatlbr.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Delta\delta\1.8.21.5\deltaApp.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    c:\program files (x86)\Delta\delta\1.8.21.5\deltaEng.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\installer-3-.exe (PUP.Optional.SnapDo.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\0d51d494-bab0-7891-8ab8-5057d2a0b4f3\crxinstaller.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus1B2B\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus237F\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus32A3\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus3BD5\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus46BB\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus4C2\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus4CBD\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus6A4F\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus7610\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus897C\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus8C33\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\bus8C84\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\busAEA\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\busBF16\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\busC0ED\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\busC45A\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\busC9C1\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\busDEBF\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\busE31A\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\busF6E9\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\busF876\crxupdater_d.exe (PUP.Optional.CRX.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\DIQM\setup_151\setup_v.164775295a.exe (Adware.DomaIQ) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\DIQM\setup_151\software\Desk365.exe (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Local\Temp\DIQM\setup_151\software\Setup.exe (Trojan.DomaIQ) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\promote.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\accelerate (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\desk_bkg_list.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\desk_list.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\desk_settings.ini (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\firstrun (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\process_mgr.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\1\angrybirds.db (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\3\BigFarm.db (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\35\Gmail.db (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\35\Gmail.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\36\Outlook.db (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\36\Outlook.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeungi\AppData\Roaming\Desk 365\app\config\39\ESPN.db (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\39\ESPN.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\JenniferLeung\AppData\Roaming\Desk 365\app\config\4\Empire.db (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\app\config\4\Empire.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\app\config\41\gcalendar.db (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\app\config\42\pulse.db (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\app\config\42\pulse.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\barbie_00a67ff4ef657679a6c88553135d62ad_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\bigfarm_de933b0e5218a4db24bebe3d55ed3558_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\chrome_49c27705d2f62a4f6b2c6e949bb0c503.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\chrome_49c27705d2f62a4f6b2c6e949bb0c503_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\empire_22b42f57d1c467841280810e218d5510_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\espn_a7b078f5f5f5b87efcef66ab5783cf9d_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\facebook_aab07bc79cf599b25c0110f32d46a3ef_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\gcalendar_50b3e3c5fc202f0cfcae8032b2465c1b_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\gmail_731b6d011bd9f67463a916a496775935_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\google_60d75cb277f0c452fa60dba8350caf65_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\iexplore_b0211a1547089c358c2806fdfb519300.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\iexplore_b0211a1547089c358c2806fdfb519300_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\mario_52934d81761dc31187a93a3a0be7fecc_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\outlook_6f817b67fa6af1a9c8abfa3813a8595c_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\pulse_b5a242da04cc06eacd02b1ca41e3583c_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\sys_computer_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\sys_control_panel_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\sys_my_documents_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\icons\youtube_bf18fdfc4aefd6417a8bacae4be5b415_48_48.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\337.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\barbie.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\barbie_00a67ff4ef657679a6c88553135d62ad.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\facebook.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\facebook_aab07bc79cf599b25c0110f32d46a3ef.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\gamecenter.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\google.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\google_60d75cb277f0c452fa60dba8350caf65.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\mario.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\mario_52934d81761dc31187a93a3a0be7fecc.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\twitter.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\v9.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\youtube.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\promote\youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\sysicons\imageres.dll_104.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\sysicons\imageres.dll_107.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\sysicons\shell32.dll_21.ico (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\wp\r0.jpg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\wp\r1.jpg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\wp\r2.jpg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\wp\r3.jpg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\wp\r4.jpg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\wp\r5.jpg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\wp\r6.jpg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\wp\r7.jpg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\wp\r8.jpg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Desk 365\wp\r9.jpg (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Desk 365\promote.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Desk 365\desk_bkg_list.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Desk 365\desk_list.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Desk 365\desk_settings.ini (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Desk 365\process_mgr.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Desk 365\recent.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\playlist.vpl (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\config.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_103.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_11.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_120.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_121.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_122.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_123.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_124.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_125.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_126.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_127.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_136.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_137.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_140.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_141.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_149.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_150.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_160.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_165.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_181.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_191.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_193.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_199.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_200.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_201.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_204.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_219.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_221.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_224.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_268.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_28.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_34.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_37.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_49.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_57.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_86.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\player\images\channel_ld_99.png (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Delta\sqlite3.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\loading_withwhitebg.avi (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\advancedsystemprotector.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\advancedsystemprotector.exe.config (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\appresource.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\asp.ico (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\aspmanager.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\aspsys.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\categories.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\chinese_asp_zh-cn.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\communication.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\danish_asp_da.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\dutch_asp_nl.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\eng_asp_en.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\filetypehelper.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\finnish_asp_fi.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\french_asp_fr.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\german_asp_de.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\interop.iwshruntimelibrary.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\italian_asp_it.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\japanese_asp_ja.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\microsoft.win32.taskscheduler.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\norwegian_asp_no.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\portuguese_asp_pt-br.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\russian_asp_ru.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\scandll.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\spanish_asp_es.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\swedish_asp_sv.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\system.core.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\system.data.sqlite.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\unins000.dat (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\unins000.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\unins000.msg (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\unrar.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\xceed.compression.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\xceed.compression.formats.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\xceed.filesystem.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\xceed.zip.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\clamunpack\clamscan.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\clamunpack\libclamav.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\clamunpack\readme.txt (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\troubleshooter\asp-fixer.com (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\troubleshooter\asp-fixer.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\troubleshooter\asp-fixer.pif (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\troubleshooter\asp-fixer.scr (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\troubleshooter\asp-troubleshooter.chm (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.


    Omdat het allemaal teveel is komen der nog een paar berichtjes hierachteraan met de rest van mijn logs.

    Nou dat ik gescand heb is die toolbar van Snapdo weg en word ook mijn startpagina niet meer automatisch door Snapdo vervangen en ik heb ook niet meer dat hij steeds mijn laptop begint te scannen, dus dat is wel fijn. Maar ik vertrouw het niet helemaal en daarom post ik mijn lijsten aan jullie. Kun je er alsjeblieft naar kijken?

    Ontzettend bedankt voor jullie hulp! Volgens mij was ik geinfecteerd met een shitload aan virussen

    Jennifer Leung
    Last edited by Emphyrio; 22-10-13, 19:05.

  • #2
    Hoi, hier komt de rest TWEEDE BERICHT (vervolg van 1)

    c:\program files (x86)\advanced system protector\troubleshooter\firefox.com (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\troubleshooter\iexplore.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\advanced system protector\troubleshooter\iexplore.lnk (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\traditionalcn_rcp_zh-tw.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\chinese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\cleanschedule.exe (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\danish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\dutch_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\eng_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\finnish_rcp_fi.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\french_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\german_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\greek_rcp_el.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\install_left_image.bmp (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\isxdl.dll (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\italian_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\japanese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\korean_rcp_ko.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\norwegian_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\polish_rcp_pl.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\portugese_rcp_pt.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\portuguese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\rcpuninstall.exe (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\regcleanpro.dll (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\regcleanpro.exe (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\russian_rcp_ru.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\spanish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\swedish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\systweakasp.exe (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\turkish_rcp_tr.ini (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\unins000.dat (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\unins000.exe (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\unins000.msg (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\regclean pro\xmllite.dll (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\Windows\Tasks\regclean pro_default.job (PUP.Optional.RegCleanPro.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Smartbar\application\SnapDo.exe (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserdefender.settings (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\firefoxextension\bprotector.js (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\programdata\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\babsolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\babsolution\Shared\BabMaint.exe (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\babsolution\Shared\busolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\babsolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\babsolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\babsolution\Shared\guninstaller.exe (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\babsolution\Shared\setupparams.ini (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\babsolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Delta\delta\1.8.21.5\guninstaller.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Delta\delta\1.8.21.5\uninstall.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\axinterop.wmplib.dll (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\componentfactory.krypton.toolkit.dll (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\filebrowser.dll (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\interop.wmplib.dll (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\libreria.ico (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\newtonsoft.json.dll (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\ultraid3lib.dll (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\uninstall.exe (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\uninstall.ico (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\vafplayer.exe (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\vafplayer.exe.config (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\vafplayer.installstate (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\vafupdate.exe (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\wmp.dll (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Arabic.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Arabic.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\bulgarian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\bulgarian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Catalan.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Catalan.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\chinese (simplified).gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\chinese (simplified).ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\chinese (traditional).gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\chinese (traditional).ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Czech.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Czech.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Danish.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Danish.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Dutch.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Dutch.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\English.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\English.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Estonian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Estonian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Finnish.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Finnish.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\French.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\French.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\German.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\German.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Greek.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Greek.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\haitian creole.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\haitian creole.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Hebrew.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Hebrew.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Hindi.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Hindi.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\hungarian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\hungarian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\indonesian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\indonesian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Italian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Italian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Japanese.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Japanese.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Korean.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Korean.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Latvian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Latvian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\lithuanian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\lithuanian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\norwegian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\norwegian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Polish.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Polish.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\portuguese.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\portuguese.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Romanian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Romanian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Russian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Russian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Slovak.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Slovak.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\slovenian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\slovenian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Spanish.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Spanish.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Swedish.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Swedish.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Thai.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Thai.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Turkish.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\Turkish.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\ukrainian.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\ukrainian.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\vietnamese.gif (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\Tuguu SL\vafplayer\languages\vietnamese.ini (PUP.Optional.VPLMedia.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\search results toolbar\Datamngr\del_dm_ll_nsu5251.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\addonsafelist (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\log.xslt (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures\completedatabase.db (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures\Cookies.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures\DigSign.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures\filepaths.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures\filesignature.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures\Folders.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures\Md5.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures\Registry.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures\setupsign.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\signatures\strsetupsign.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\1538mupdate.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\1539update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\1540update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\1541update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\1542update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\1543update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\1544update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\1545update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\1546completedatabase.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\1547update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\programdata\Systweak\advanced system protector\updates\914completedatabase.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\advanced system protector\aspstartupmanagererrorlog.txt (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\advanced system protector\QDetail.db (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\advanced system protector\Settings.db (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\advanced system protector\Update.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\advanced system protector\2.1.1000.10905\ASPLog.txt (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\advanced system protector\Logs\log_15-10-13_04-08-14.xml (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\advanced system protector\Logs\SMLog.xml (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\eInstall.exe (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\main (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\msvcp100.dll (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\msvcr100.dll (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\segoeui.ttf (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\segoeuib.ttf (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\app_icon.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\change_skin.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\combo_skin.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\edit_skin.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\install_back.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\install_button_skin.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\install_check_checked.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\install_check_intermediate.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\install_check_uncheck.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\install_logo.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\install_resource.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\patch_file_icon.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\pic-error.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\pic-info.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\pic-question.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\pic-warning.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\popup_dialog_bk.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\progressbar_bk.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\progressbar_image.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\radio_normal.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\radio_selected.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\image\default\sys_close.png (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\Install\edesk.inst (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\language\protocol.txt (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\language\en_us\install_lang.ini (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\language\es_es\install_lang.ini (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\language\pt_br\install_lang.ini (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\language\tr_tr\install_lang.ini (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\layout\default\edeskinstall.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\layout\default\install_msgbox.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\layout\default\languageselect.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\Desk365\eInstall\style\install_style.xml (PUP.Optional.Desk365.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\common files\337\libcef\1.1364.1123\icudt.dll (PUP.Optional.337Technologies.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\common files\337\libcef\1.1364.1123\libcef.dll (PUP.Optional.337Technologies.A) -> Quarantined and deleted successfully.
    c:\program files (x86)\common files\337\libcef\1.1364.1123\locales\en-US.pak (PUP.Optional.337Technologies.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\ct2612669\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\ct2612669\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\ct2612669\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\ct2612669\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\ct2612669\statisticsstub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Local\Temp\ct2612669\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\regclean pro\version 6.1\dutch_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\regclean pro\version 6.1\excludelist.rcp (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\regclean pro\version 6.1\log_10-15-2013.log (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\regclean pro\version 6.1\log_10-18-2013.log (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\regclean pro\version 6.1\log_10-21-2013.log (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\regclean pro\version 6.1\rcpupdate.ini (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\regclean pro\version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.
    c:\Users\Juanmei\AppData\Roaming\Systweak\regclean pro\version 6.1\temphllist.rcp (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully.

    Comment


    • #3
      Hoi Jennifer Leung en welkom op Nucia Security Forum,

      Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
      .
      • Log enkel in als beheerder met alle rechten.
      • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
      • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
      • Volg aandachtig de instructies die door mij worden gegeven.
      • Volg enkel het door mij gegeven advies op
      • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
      • Als je iets niet weet of verstaat, vraag het dan even aub.
      • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
      • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
      • Zet je emoticons (Smileys) uit als je logs plaatst aub .
      • De logs niet als bijlage, noch tussen codetags zetten aub.

      .
      Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
      De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

      Stap 1:

      Malware scannen en verwijderen....

      Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links:
      .
      .
      Dubbelklik op mbam-setup.exe om het programma te installeren.

      Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
      Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

      Zorg dat er na de installatie een vinkje is geplaatst bij:
      .
      • Update MalwareBytes' Anti-Malware
      • Start MalwareBytes' Anti-Malware
      • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

      .
      Zodra het programma gestart is, ga je naar het tabblad "Instellingen"
      .
      • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
      • Ga naar het tabblad "Updates" en Update MBAM.
      • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
      • Druk vervolgens op "Scannen" om de scan te starten.
      • Het scannen kan een tijdje duren, dus wees geduldig.
      • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
      • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
        Indien het veel items zijn, kan je in het venster rechtsklikken en "alle items selecteren" kiezen.
      • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

      .
      Indien MBAM vraagt om een herstart, doe dit dan ook.
      Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
      In dat geval post je dus de twee logs.

      De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


      Bij problemen!!!
      .
      .
      ___________________________________________________________

      Stap 2:

      Controle op slechte toolbars...

      Download AdwCleaner by Xplode naar je Bureaublad.
      • Sluit alle openstaande vensters
      • Start AdwCleaner
      • Klik op Scan
      • Klik op Clean
      • KLIK HIER voor een vergroting! 

      Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
      Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

      Enkel de log na de "clean" optie heb ik nodig.

      Vergeet niet om je "smileys" uit te schakelen.

      Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

      ___________________________________________________________

      Stap 3:

      Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


      DDS is een diagnosetool en maakt gebruik van scripts.
      Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


      Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
      Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
      Beide logfiles sla je op je bureaublad.

      Post de inhoud van DDS.txt.

      De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

      ___________________________________________________________

      Stap 4:

      Controle op updates...

      Download Security Check op je bureaublad via hier of hier

      Start Security Check
      Volg de Instructies in het scherm
      Aan het eind verschijnt een log ( checkup.txt )
      Plaats de inhoud ervan in je volgende antwoord.

      In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
      .
      • MBAM
      • AdwCleaner
      • DDS
      • checkup.txt

      .
      Deze logs NIET als bijlage of tussen codetags posten aub.
      (Desnoods in meerdere postingen.)

      Emphyrio
      Last edited by Emphyrio; 22-10-13, 19:12.
      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

      Comment


      • #4
        HIER IS HET DERDE BERICHT (vervolg van 2)

        [U]•AdwCleaner[/U]

        # AdwCleaner v3.010 - Report created 22/10/2013 at 01:13:43
        # Updated 20/10/2013 by Xplode
        # Operating System : Windows 8 (64 bits)
        # Username : Juanmei - HUISKAMER-PC
        # Running from : C:\Users\Juanmei\Desktop\computervirussen\adwcleaner.exe
        # Option : Clean

        ***** [ Services ] *****

        Service Deleted : winzipersvc

        ***** [ Files / Folders ] *****

        Folder Deleted : C:\ProgramData\Ask
        Folder Deleted : C:\ProgramData\Babylon
        Folder Deleted : C:\ProgramData\BrowserDefender
        Folder Deleted : C:\ProgramData\eSafe
        Folder Deleted : C:\ProgramData\Systweak
        Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
        Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
        Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
        Folder Deleted : C:\Program Files (x86)\Ask.com
        Folder Deleted : C:\Program Files (x86)\Delta
        Folder Deleted : C:\Program Files (x86)\Search Results Toolbar
        Folder Deleted : C:\Program Files (x86)\tuguu sl
        Folder Deleted : C:\Program Files (x86)\WinZipper
        Folder Deleted : C:\Program Files (x86)\Common Files\337
        Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
        Folder Deleted : C:\Users\Juanmei\AppData\Local\apn
        Folder Deleted : C:\Users\Juanmei\AppData\Local\Smartbar
        Folder Deleted : C:\Users\Juanmei\AppData\Local\Temp\Desk365
        Folder Deleted : C:\Users\Juanmei\AppData\Local\Temp\Smartbar
        Folder Deleted : C:\Users\Juanmei\AppData\LocalLow\AskToolbar
        Folder Deleted : C:\Users\Juanmei\AppData\LocalLow\Conduit
        Folder Deleted : C:\Users\Juanmei\AppData\LocalLow\Delta
        Folder Deleted : C:\Users\Juanmei\AppData\LocalLow\PriceGong
        Folder Deleted : C:\Users\Juanmei\AppData\LocalLow\searchresultstb
        Folder Deleted : C:\Users\Juanmei\AppData\LocalLow\Smartbar
        Folder Deleted : C:\Users\Juanmei\AppData\Roaming\Systweak
        Folder Deleted : C:\Users\Juanmei\AppData\Roaming\WinZipper
        Folder Deleted : C:\Users\Juanmei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
        Folder Deleted : C:\Users\Juanmei\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
        Folder Deleted : C:\Users\Juanmei\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
        Folder Deleted : C:\Users\Juanmei\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
        File Deleted : C:\END
        File Deleted : C:\Users\Public\Desktop\Advanced System Protector.lnk
        File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
        File Deleted : C:\Windows\System32\roboot64.exe
        File Deleted : C:\Users\Juanmei\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
        File Deleted : C:\Users\Juanmei\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
        File Deleted : C:\Users\Juanmei\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
        File Deleted : C:\Windows\System32\Tasks\Advanced System Protector_startup
        File Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
        File Deleted : C:\Windows\System32\Tasks\EPUpdater
        File Deleted : C:\Windows\System32\Tasks\RegClean Pro
        File Deleted : C:\Windows\Tasks\RegClean Pro_UPDATES.job
        File Deleted : C:\Windows\System32\Tasks\RegClean Pro_UPDATES
        File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

        ***** [ Shortcuts ] *****


        ***** [ Registry ] *****

        Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
        Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
        Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
        Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
        Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
        Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
        Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
        Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
        Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
        Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
        Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
        Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
        Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
        Key Deleted : HKCU\Software\5c57dbdfb23aed10
        Key Deleted : HKLM\SOFTWARE\5c57dbdfb23aed10
        Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2612669
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
        Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
        Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
        Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
        Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
        Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
        Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
        Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
        Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
        Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
        Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
        Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
        Key Deleted : HKCU\Software\APN
        Key Deleted : HKCU\Software\Ask.com
        Key Deleted : HKCU\Software\BabSolution
        Key Deleted : HKCU\Software\Delta
        Key Deleted : HKCU\Software\ilivid
        Key Deleted : HKCU\Software\smartbar
        Key Deleted : HKCU\Software\smartbarbackup
        Key Deleted : HKCU\Software\smartbarlog
        Key Deleted : HKCU\Software\Softonic
        Key Deleted : HKCU\Software\systweak
        Key Deleted : HKCU\Software\V9
        Key Deleted : HKCU\Software\AppDataLow\Toolbar
        Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
        Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
        Key Deleted : HKLM\Software\APN
        Key Deleted : HKLM\Software\AskToolbar
        Key Deleted : HKLM\Software\Babylon
        Key Deleted : HKLM\Software\DataMngr
        Key Deleted : HKLM\Software\Delta
        Key Deleted : HKLM\Software\Desksvc
        Key Deleted : HKLM\Software\eSafeSecControl
        Key Deleted : HKLM\Software\iLividSRTB
        Key Deleted : HKLM\Software\systweak
        Key Deleted : HKLM\Software\V9
        Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EBE677C0-CBCB-4EBF-8098-E27E1B5271CF}
        Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eSafeSecControl
        Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
        Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SEARCH~1\Datamngr\x64\mgrldr.dll
        Key Deleted : HKLM\Software\Classes\Installer\Features\0C776EBEBCBCFBE408892EE7B12517FC
        Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
        Key Deleted : HKLM\Software\Classes\Installer\Products\0C776EBEBCBCFBE408892EE7B12517FC
        Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

        ***** [ Browsers ] *****

        -\\ Internet Explorer v10.0.9200.16537

        Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

        -\\ Google Chrome v30.0.1599.101

        [ File : C:\Users\Juanmei\AppData\Local\Google\Chrome\User Data\Default\preferences ]

        Deleted : icon_url
        Deleted : search_url
        Deleted : keyword
        Deleted : homepage
        Deleted : urls_to_restore_on_startup

        *************************

        AdwCleaner[R0].txt - [14940 octets] - [22/10/2013 01:07:28]
        AdwCleaner[S0].txt - [14153 octets] - [22/10/2013 01:13:43]

        ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14214 octets] ##########


        [B]•DDS[/B]

        DDS (Ver_2012-11-20.01) - NTFS_AMD64
        Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.25.2
        Run by Juanmei at 1:34:55 on 2013-10-22
        Microsoft Windows 8 6.2.9200.0.1252.31.1043.18.6013.4337 [GMT 2:00]
        .
        AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
        AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
        SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
        SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
        FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
        .
        ============== Running Processes ===============
        .
        C:\Windows\system32\svchost.exe -k DcomLaunch
        C:\Windows\system32\svchost.exe -k RPCSS
        C:\Windows\system32\dwm.exe
        C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
        C:\Windows\system32\svchost.exe -k netsvcs
        C:\Windows\system32\svchost.exe -k LocalService
        C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
        C:\Windows\system32\svchost.exe -k NetworkService
        C:\Windows\system32\WLANExt.exe
        C:\Windows\System32\spoolsv.exe
        C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
        C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
        C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
        C:\Program Files\Conexant\SA3\CxUtilSvc.exe
        C:\Program Files\Intel\WiFi\bin\EvtEng.exe
        c:\Program Files\Intel\iCLS Client\HeciServer.exe
        C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
        C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
        C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe
        C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
        C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
        C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
        C:\Windows\system32\svchost.exe -k imgsvc
        C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
        C:\Windows\system32\wbem\unsecapp.exe
        C:\Windows\system32\wbem\wmiprvse.exe
        C:\Windows\system32\wbem\wmiprvse.exe
        C:\Windows\system32\taskhostex.exe
        C:\Windows\Explorer.EXE
        C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
        C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
        C:\Windows\system32\SearchIndexer.exe
        C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
        C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
        C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
        C:\Program Files\Elantech\ETDCtrl.exe
        C:\Program Files\Dell\QuickSet\quickset.exe
        C:\Windows\System32\rundll32.exe
        C:\Windows\System32\igfxtray.exe
        C:\Windows\System32\hkcmd.exe
        C:\Program Files\Elantech\ETDCtrlHelper.exe
        C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
        C:\Program Files\Elantech\ETDGesture.exe
        C:\Windows\System32\igfxpers.exe
        C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
        C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
        C:\Program Files (x86)\Sitecom\Common\RaUI.exe
        C:\Windows\system32\RunDll32.exe
        C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
        C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
        C:\Windows\System32\RuntimeBroker.exe
        C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
        C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
        C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
        C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
        C:\Windows\system32\taskeng.exe
        C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
        C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
        C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
        C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
        C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
        C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
        C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
        C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
        C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
        C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
        C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
        C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
        C:\Windows\system32\taskeng.exe
        C:\Windows\system32\taskeng.exe
        C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        C:\Windows\system32\SearchProtocolHost.exe
        C:\Windows\system32\SearchFilterHost.exe
        C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
        C:\Windows\System32\cscript.exe
        .
        ============== Pseudo HJT Report ===============
        .
        uStart Page = hxxp://www.google.com
        uSearch Bar = hxxp://www.google.com
        uSearch Page = hxxp://www.google.com
        uDefault_Page_URL = hxxp://dell13.msn.com
        uSearchAssistant = hxxp://www.google.com
        mURLSearchHooks: {90b49673-5506-483e-b92b-ca0265bd9ca8} - <orphaned>
        mWinlogon: Userinit = userinit.exe,
        BHO: ThreeShips IE Helper: {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files (x86)\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll
        BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
        BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
        BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
        BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\ipsbho.dll
        BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
        BHO: {90b49673-5506-483e-b92b-ca0265bd9ca8} - <orphaned>
        BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
        BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
        BHO: HP Smart Print Helper: {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.1\Espresso.dll
        TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
        TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
        TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
        uRun: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
        uRun: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3161CGC205WK:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
        mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
        mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
        mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
        mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
        mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
        mRun: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
        mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
        mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
        mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
        mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
        StartupFolder: C:\Users\Juanmei\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INKTWA~1.LNK - C:\Windows\System32\RunDll32.exe
        StartupFolder: C:\Users\Juanmei\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERZEN~1.LNK - C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
        StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SITECO~1.LNK - C:\Program Files (x86)\Sitecom\Common\RaUI.exe
        IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
        IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
        IE: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
        IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe
        IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
        IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
        IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
        DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
        DPF: {D27CDB6E-AE6D-11CF-96B8-444553542500} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
        TCP: NameServer = 192.168.0.1
        TCP: Interfaces\{5000072A-D16E-485B-9B3A-93C9538785B9} : DHCPNameServer = 192.168.0.1
        TCP: Interfaces\{D7B1222A-F1DF-4ED8-ABF2-20A76119D7A0} : DHCPNameServer = 192.168.0.1
        Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
        Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
        Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
        AppInit_DLLs= C:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll
        SSODL: WebCheck - <orphaned>
        mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
        mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
        x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
        x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
        x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe
        x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
        x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0+ /dne /s
        x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
        x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
        x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
        x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
        x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
        x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe
        x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
        x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
        x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
        x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
        x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
        x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
        x64-Notify: igfxcui - igfxdev.dll
        x64-SSODL: WebCheck - <orphaned>
        .
        ============= SERVICES / DRIVERS ===============
        .
        R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-27 651832]
        R0 RapportHades64;RapportHades64;C:\Windows\System32\Drivers\RapportHades64.sys [2013-4-15 266928]
        R0 RapportKE64;RapportKE64;C:\Windows\System32\Drivers\RapportKE64.sys [2013-4-15 295696]
        R0 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NISx64\1404000.028\SymDS64.sys [2013-6-23 493656]
        R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NISx64\1404000.028\SymEFA64.sys [2013-6-23 1139800]
        R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [2013-10-2 1525848]
        R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\Drivers\NISx64\1404000.028\ccSetx64.sys [2013-6-23 169048]
        R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-12 92536]
        R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20131018.001\IDSviA64.sys [2013-10-19 521816]
        R1 RapportCerberus_56758;RapportCerberus_56758;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerber us\baseline\RapportCerberus64_56758.sys [2013-10-10 589872]
        R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-7-25 265872]
        R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-7-25 384144]
        R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\Ironx64.sys [2013-6-23 224416]
        R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symnets.sys [2013-6-23 433752]
        R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-9-13 731688]
        R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]
        R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-11-12 1091520]
        R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-11-12 1112000]
        R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-15 135984]
        R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-11-12 109184]
        R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technologie;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-12 7168]
        R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
        R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-12 165760]
        R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [2013-6-23 144368]
        R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe [2012-11-29 69632]
        R2 Seagate Dashboard Services;Seagate Dashboard Services;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2012-11-8 15552]
        R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2013-7-6 1915480]
        R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\Drivers\TurboB.sys [2012-5-30 16168]
        R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-12 364416]
        R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-9-24 1153840]
        R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-9-13 162344]
        R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]
        R3 BthLEEnum;Bluetooth Low Energy-stuurprogramma;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
        R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2012-11-12 110592]
        R3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2012-11-12 825344]
        R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-8-28 140376]
        R3 ETD;Dell Touchpad;C:\Windows\System32\Drivers\ETD.sys [2013-1-23 209808]
        R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2012-11-12 55848]
        R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-11-12 342528]
        R3 NETwNe64;@oem113.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 8 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2012-9-27 4306472]
        R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUVStor.sys [2012-11-12 315536]
        R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-12 683664]
        S0 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\SymELAM.sys [2013-6-23 23448]
        S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-6-19 173056]
        S2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-7-25 1435928]
        S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-9-13 162344]
        S3 DellRbtn;Airplane Mode Switch;C:\Windows\System32\Drivers\DellRbtn.sys [2012-11-12 10752]
        S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-9-24 272176]
        S3 RapportIaso;RapportIaso;C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64. sys [2013-4-15 218672]
        S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
        .
        =============== File Associations ===============
        .
        ShellExec: DWGSee.exe: open="C:\Program Files (x86)\AutoDWG\DWGSee Pro 2013\DWGSeePro.exe" "%1"
        .
        =============== Created Last 30 ================
        .
        2013-10-21 23:07:19 -------- d-----w- C:\AdwCleaner
        2013-10-21 20:31:57 -------- d-----w- C:\Users\Juanmei\AppData\Local\Programs
        2013-10-21 20:14:04 -------- d-----w- C:\Users\Juanmei\AppData\Roaming\Malwarebytes
        2013-10-21 20:13:56 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
        2013-10-21 20:13:55 -------- d-----w- C:\ProgramData\Malwarebytes
        2013-10-21 20:13:52 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
        2013-10-21 20:13:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
        2013-10-18 03:34:33 290992 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10221.bin
        2013-10-15 18:36:00 -------- d-----w- C:\Users\Juanmei\AppData\Roaming\AutoDWG
        2013-10-15 14:14:37 -------- d-----w- C:\Windows\SysWow64\shxfont
        2013-10-15 14:14:36 -------- d-----w- C:\Windows\SysWow64\ps
        2013-10-15 14:14:34 -------- d-----w- C:\Program Files (x86)\AutoDWG
        2013-10-15 13:51:04 16896 ----a-w- C:\Windows\System32\sasnative64.exe
        2013-10-15 13:47:19 -------- d-----w- C:\Program Files (x86)\IGC
        2013-10-14 18:27:58 448512 ----a-w- C:\Windows\System32\SettingSync.dll
        2013-10-14 18:27:58 2304512 ----a-w- C:\Windows\System32\authui.dll
        2013-10-14 18:27:57 941056 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll
        2013-10-14 18:27:57 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll
        2013-10-14 18:27:57 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll
        2013-10-14 18:27:57 2035712 ----a-w- C:\Windows\SysWow64\authui.dll
        2013-10-14 18:27:57 158208 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll
        2013-10-14 18:27:57 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll
        2013-10-09 20:23:59 915968 ----a-w- C:\Windows\System32\uxtheme.dll
        2013-10-09 20:20:28 99328 ----a-w- C:\Windows\System32\drivers\usbcir.sys
        2013-09-26 18:00:39 208760 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
        .
        ==================== Find3M ====================
        .
        2013-10-02 01:38:13 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
        2013-10-02 01:38:13 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
        2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
        2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
        2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
        2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
        2013-08-23 19:50:57 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
        2013-08-23 19:50:56 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
        2013-08-23 19:50:56 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
        2013-08-23 05:11:57 4040192 ----a-w- C:\Windows\System32\win32k.sys
        2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys
        2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll
        2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe
        2013-08-16 05:22:22 40448 ----a-w- C:\Windows\System32\wuapp.exe
        2013-08-16 05:22:11 4917760 ----a-w- C:\Windows\System32\sppsvc.exe
        2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll
        2013-08-15 22:43:21 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
        2013-08-15 22:43:07 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll
        2013-08-15 22:43:07 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll
        2013-08-15 22:43:03 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
        2013-08-15 22:43:03 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll
        2013-08-15 22:43:02 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll
        2013-08-15 22:43:02 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll
        2013-08-15 22:43:02 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
        2013-08-15 22:43:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
        2013-08-15 22:42:52 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll
        2013-08-15 22:42:47 91648 ----a-w- C:\Windows\SysWow64\sppc.dll
        2013-08-07 05:15:02 144896 ----a-w- C:\Windows\System32\tssdisai.dll
        2013-08-03 06:40:49 462336 ----a-w- C:\Windows\System32\sysmon.ocx
        2013-08-03 06:40:17 566784 ----a-w- C:\Windows\System32\wvc.dll
        2013-08-03 06:40:01 1374208 ----a-w- C:\Windows\System32\wdc.dll
        2013-08-03 05:14:15 399360 ----a-w- C:\Windows\SysWow64\sysmon.ocx
        2013-08-03 05:13:57 437248 ----a-w- C:\Windows\SysWow64\wvc.dll
        2013-08-03 05:13:43 1245696 ----a-w- C:\Windows\SysWow64\wdc.dll
        2013-08-02 06:28:29 10116608 ----a-w- C:\Windows\System32\twinui.dll
        2013-08-02 05:08:18 8858112 ----a-w- C:\Windows\SysWow64\twinui.dll
        2013-08-01 10:41:31 2233688 ----a-w- C:\Windows\System32\drivers\tcpip.sys
        2013-07-27 03:58:39 2207232 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
        2013-07-25 07:46:26 295696 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
        2013-07-25 07:46:26 266928 ----a-w- C:\Windows\System32\drivers\RapportHades64.sys
        .
        ============= FINISH: 1:35:31,07 ===============


        •checkup.txt

        Results of screen317's Security Check version 0.99.74
        x64 (UAC is enabled)
        Internet Explorer 10
        ``````````````Antivirus/Firewall Check:``````````````
        Windows Firewall Enabled!
        Windows Defender
        Norton Internet Security
        WMI entry may not exist for antivirus; attempting automatic update.
        `````````Anti-malware/Other Utilities Check:`````````
        Java 7 Update 25
        Java version out of Date!
        Adobe Flash Player 11.9.900.117
        Adobe Reader XI
        Google Chrome 30.0.1599.101
        Google Chrome 30.0.1599.69
        ````````Process Check: objlist.exe by Laurent````````
        Norton ccSvcHst.exe
        Juanmei Desktop computervirussen SecurityCheck.exe
        `````````````````System Health check`````````````````
        Total Fragmentation on Drive C: %
        ````````````````````End of Log``````````````````````

        Nou, dat was het.
        Last edited by Jennifer Leung; 22-10-13, 19:10. Reden: duidelijkheid

        Comment


        • #5
          Volgende tools mag je verwijderen via Software:
          .
          • Java 7 Update 25
          • Google Chrome 30.0.1599.69

          .


          Download of Update Ccleaner

          Start CCleaner op.
          • Run Ccleaner en klik in de linkse kolom op Opties
          • Selecteer het tabblad Geavanceerd
          • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
          • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
          • Selecteer het tabblad Instellingen
          • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
          • Klik in de linkse kolom op Cleaner.
          • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
          • Klik vervolgens in de linkse kolom op Register
          • Klik op Scan naar problemen.
          • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen
          • Hier kan de vraag verschijnen of je je register wil backuppen.Antwoord met Ja en OK



          Post eveneens een verse DDS log.

          Hoe is het nu?
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            Hoi! Bedankt voor de snelle hulp! Ik heb het gedaan met CCcleaner. Daarna nog een verse DDS. Hier komt hij:

            DDS (Ver_2012-11-20.01) - NTFS_AMD64
            Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.25.2
            Run by Juanmei at 20:30:11 on 2013-10-22
            Microsoft Windows 8 6.2.9200.0.1252.31.1043.18.6013.2503 [GMT 2:00]
            .
            AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
            AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
            SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
            SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
            FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
            .
            ============== Running Processes ===============
            .
            C:\Windows\system32\svchost.exe -k DcomLaunch
            C:\Windows\system32\svchost.exe -k RPCSS
            C:\Windows\system32\dwm.exe
            C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
            C:\Windows\system32\svchost.exe -k netsvcs
            C:\Windows\system32\svchost.exe -k LocalService
            C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
            C:\Windows\system32\svchost.exe -k NetworkService
            C:\Windows\system32\WLANExt.exe
            C:\Windows\System32\spoolsv.exe
            C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
            C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
            C:\Program Files\Conexant\SA3\CxUtilSvc.exe
            C:\Program Files\Intel\WiFi\bin\EvtEng.exe
            c:\Program Files\Intel\iCLS Client\HeciServer.exe
            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
            C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
            C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe
            C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
            C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
            C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
            C:\Windows\system32\svchost.exe -k imgsvc
            C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
            C:\Windows\system32\wbem\unsecapp.exe
            C:\Windows\system32\wbem\wmiprvse.exe
            C:\Windows\system32\wbem\wmiprvse.exe
            C:\Windows\system32\taskhostex.exe
            C:\Windows\Explorer.EXE
            C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
            C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
            C:\Windows\system32\SearchIndexer.exe
            C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
            C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
            C:\Program Files\Elantech\ETDCtrl.exe
            C:\Program Files\Dell\QuickSet\quickset.exe
            C:\Windows\System32\rundll32.exe
            C:\Windows\System32\igfxtray.exe
            C:\Windows\System32\hkcmd.exe
            C:\Program Files\Elantech\ETDCtrlHelper.exe
            C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
            C:\Program Files\Elantech\ETDGesture.exe
            C:\Windows\System32\igfxpers.exe
            C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
            C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
            C:\Program Files (x86)\Sitecom\Common\RaUI.exe
            C:\Windows\system32\RunDll32.exe
            C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
            C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
            C:\Windows\System32\RuntimeBroker.exe
            C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
            C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
            C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
            C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
            C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
            C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
            C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
            C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
            C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
            C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
            C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
            C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
            C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
            C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
            C:\Program Files (x86)\Internet Explorer\IELowutil.exe
            C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
            C:\Program Files\Internet Explorer\iexplore.exe
            C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
            C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
            C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
            C:\Windows\System32\IME\SHARED\imebroker.exe
            C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
            C:\Windows\system32\taskeng.exe
            C:\Windows\system32\SearchProtocolHost.exe
            C:\Windows\system32\SearchFilterHost.exe
            C:\Windows\system32\taskeng.exe
            C:\Windows\System32\cscript.exe
            .
            ============== Pseudo HJT Report ===============
            .
            uStart Page = hxxp://www.google.com
            uSearch Bar = hxxp://www.google.com
            uSearch Page = hxxp://www.google.com
            uDefault_Page_URL = hxxp://dell13.msn.com
            uSearchAssistant = hxxp://www.google.com
            mURLSearchHooks: {90b49673-5506-483e-b92b-ca0265bd9ca8} - <orphaned>
            mWinlogon: Userinit = userinit.exe,
            BHO: ThreeShips IE Helper: {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files (x86)\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll
            BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
            BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
            BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
            BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\ipsbho.dll
            BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
            BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
            BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
            BHO: HP Smart Print Helper: {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.1\Espresso.dll
            TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
            TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
            TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
            uRun: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
            uRun: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3161CGC205WK:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
            mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
            mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
            mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
            mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
            mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
            mRun: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
            mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
            mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
            mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
            mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
            StartupFolder: C:\Users\Juanmei\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INKTWA~1.LNK - C:\Windows\System32\RunDll32.exe
            StartupFolder: C:\Users\Juanmei\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERZEN~1.LNK - C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
            StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SITECO~1.LNK - C:\Program Files (x86)\Sitecom\Common\RaUI.exe
            IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
            IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
            IE: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
            IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe
            IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
            IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
            IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
            DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
            DPF: {D27CDB6E-AE6D-11CF-96B8-444553542500} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
            TCP: NameServer = 192.168.0.1
            TCP: Interfaces\{5000072A-D16E-485B-9B3A-93C9538785B9} : DHCPNameServer = 192.168.0.1
            TCP: Interfaces\{D7B1222A-F1DF-4ED8-ABF2-20A76119D7A0} : DHCPNameServer = 192.168.0.1
            Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - <orphaned>
            Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
            Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
            AppInit_DLLs= C:\PROGRA~2\SEARCH~1\Datamngr\mgrldr.dll
            SSODL: WebCheck - <orphaned>
            mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
            mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
            x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
            x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
            x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
            x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe
            x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
            x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0+ /dne /s
            x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
            x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
            x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
            x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
            x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
            x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.1\LaunchEspresso.exe
            x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
            x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
            x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
            x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
            x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
            x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
            x64-Notify: igfxcui - igfxdev.dll
            x64-SSODL: WebCheck - <orphaned>
            .
            ============= SERVICES / DRIVERS ===============
            .
            R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-27 651832]
            R0 RapportHades64;RapportHades64;C:\Windows\System32\Drivers\RapportHades64.sys [2013-4-15 266928]
            R0 RapportKE64;RapportKE64;C:\Windows\System32\Drivers\RapportKE64.sys [2013-4-15 295696]
            R0 SymDS;Symantec Data Store;C:\Windows\System32\Drivers\NISx64\1404000.028\SymDS64.sys [2013-6-23 493656]
            R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\Drivers\NISx64\1404000.028\SymEFA64.sys [2013-6-23 1139800]
            R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [2013-10-2 1525848]
            R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\Drivers\NISx64\1404000.028\ccSetx64.sys [2013-6-23 169048]
            R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-12 92536]
            R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20131018.001\IDSviA64.sys [2013-10-19 521816]
            R1 RapportCerberus_56758;RapportCerberus_56758;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerber us\baseline\RapportCerberus64_56758.sys [2013-10-10 589872]
            R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-7-25 265872]
            R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-7-25 384144]
            R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\Ironx64.sys [2013-6-23 224416]
            R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\symnets.sys [2013-6-23 433752]
            R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-9-13 731688]
            R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-11-12 1091520]
            R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-11-12 1112000]
            R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-8-15 135984]
            R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-11-12 109184]
            R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technologie;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-12 7168]
            R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
            R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-12 165760]
            R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [2013-6-23 144368]
            R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Sitecom\Common\RegistryWriter.exe [2012-11-29 69632]
            R2 Seagate Dashboard Services;Seagate Dashboard Services;C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2012-11-8 15552]
            R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2013-7-6 1915480]
            R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\Drivers\TurboB.sys [2012-5-30 16168]
            R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-12 364416]
            R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-9-24 1153840]
            R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-9-13 162344]
            R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]
            R3 BthLEEnum;Bluetooth Low Energy-stuurprogramma;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
            R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2012-11-12 110592]
            R3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2012-11-12 825344]
            R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-8-28 140376]
            R3 ETD;Dell Touchpad;C:\Windows\System32\Drivers\ETD.sys [2013-1-23 209808]
            R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2012-11-12 55848]
            R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-11-12 342528]
            R3 NETwNe64;@oem113.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 8 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2012-9-27 4306472]
            R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUVStor.sys [2012-11-12 315536]
            R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-12 683664]
            S0 SymELAM;Symantec ELAM Driver;C:\Windows\System32\Drivers\NISx64\1404000.028\SymELAM.sys [2013-6-23 23448]
            S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]
            S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-6-19 173056]
            S2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-7-25 1435928]
            S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-9-13 162344]
            S3 DellRbtn;Airplane Mode Switch;C:\Windows\System32\Drivers\DellRbtn.sys [2012-11-12 10752]
            S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-9-24 272176]
            S3 RapportIaso;RapportIaso;C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64. sys [2013-4-15 218672]
            S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
            .
            =============== File Associations ===============
            .
            ShellExec: DWGSee.exe: open="C:\Program Files (x86)\AutoDWG\DWGSee Pro 2013\DWGSeePro.exe" "%1"
            .
            =============== Created Last 30 ================
            .
            2013-10-22 18:20:26 -------- d-----w- C:\Program Files\CCleaner
            2013-10-22 11:01:14 315568 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10222.bin
            2013-10-21 23:07:19 -------- d-----w- C:\AdwCleaner
            2013-10-21 20:31:57 -------- d-----w- C:\Users\Juanmei\AppData\Local\Programs
            2013-10-21 20:14:04 -------- d-----w- C:\Users\Juanmei\AppData\Roaming\Malwarebytes
            2013-10-21 20:13:56 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
            2013-10-21 20:13:55 -------- d-----w- C:\ProgramData\Malwarebytes
            2013-10-21 20:13:52 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
            2013-10-21 20:13:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
            2013-10-15 18:36:00 -------- d-----w- C:\Users\Juanmei\AppData\Roaming\AutoDWG
            2013-10-15 14:14:37 -------- d-----w- C:\Windows\SysWow64\shxfont
            2013-10-15 14:14:36 -------- d-----w- C:\Windows\SysWow64\ps
            2013-10-15 14:14:34 -------- d-----w- C:\Program Files (x86)\AutoDWG
            2013-10-15 13:51:04 16896 ----a-w- C:\Windows\System32\sasnative64.exe
            2013-10-15 13:47:19 -------- d-----w- C:\Program Files (x86)\IGC
            2013-10-14 18:27:58 448512 ----a-w- C:\Windows\System32\SettingSync.dll
            2013-10-14 18:27:58 2304512 ----a-w- C:\Windows\System32\authui.dll
            2013-10-14 18:27:57 941056 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll
            2013-10-14 18:27:57 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll
            2013-10-14 18:27:57 225280 ----a-w- C:\Windows\System32\mbsmsapi.dll
            2013-10-14 18:27:57 2035712 ----a-w- C:\Windows\SysWow64\authui.dll
            2013-10-14 18:27:57 158208 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll
            2013-10-14 18:27:57 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll
            2013-10-09 20:23:59 915968 ----a-w- C:\Windows\System32\uxtheme.dll
            2013-10-09 20:20:28 99328 ----a-w- C:\Windows\System32\drivers\usbcir.sys
            2013-09-26 18:00:39 208760 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
            .
            ==================== Find3M ====================
            .
            2013-10-02 01:38:13 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
            2013-10-02 01:38:13 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
            2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
            2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
            2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
            2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
            2013-08-23 19:50:57 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
            2013-08-23 19:50:56 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
            2013-08-23 19:50:56 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
            2013-08-23 05:11:57 4040192 ----a-w- C:\Windows\System32\win32k.sys
            2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys
            2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll
            2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe
            2013-08-16 05:22:22 40448 ----a-w- C:\Windows\System32\wuapp.exe
            2013-08-16 05:22:11 4917760 ----a-w- C:\Windows\System32\sppsvc.exe
            2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll
            2013-08-15 22:43:21 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
            2013-08-15 22:43:07 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll
            2013-08-15 22:43:07 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll
            2013-08-15 22:43:03 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
            2013-08-15 22:43:03 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll
            2013-08-15 22:43:02 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll
            2013-08-15 22:43:02 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll
            2013-08-15 22:43:02 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
            2013-08-15 22:43:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
            2013-08-15 22:42:52 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll
            2013-08-15 22:42:47 91648 ----a-w- C:\Windows\SysWow64\sppc.dll
            2013-08-07 05:15:02 144896 ----a-w- C:\Windows\System32\tssdisai.dll
            2013-08-03 06:40:49 462336 ----a-w- C:\Windows\System32\sysmon.ocx
            2013-08-03 06:40:17 566784 ----a-w- C:\Windows\System32\wvc.dll
            2013-08-03 06:40:01 1374208 ----a-w- C:\Windows\System32\wdc.dll
            2013-08-03 05:14:15 399360 ----a-w- C:\Windows\SysWow64\sysmon.ocx
            2013-08-03 05:13:57 437248 ----a-w- C:\Windows\SysWow64\wvc.dll
            2013-08-03 05:13:43 1245696 ----a-w- C:\Windows\SysWow64\wdc.dll
            2013-08-02 06:28:29 10116608 ----a-w- C:\Windows\System32\twinui.dll
            2013-08-02 05:08:18 8858112 ----a-w- C:\Windows\SysWow64\twinui.dll
            2013-08-01 10:41:31 2233688 ----a-w- C:\Windows\System32\drivers\tcpip.sys
            2013-07-27 03:58:39 2207232 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
            2013-07-25 07:46:26 295696 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
            2013-07-25 07:46:26 266928 ----a-w- C:\Windows\System32\drivers\RapportHades64.sys
            .
            ============= FINISH: 20:30:43,02 ===============

            En nog de Attach:

            .
            UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
            IF REQUESTED, ZIP IT UP & ATTACH IT
            .
            DDS (Ver_2012-11-20.01)
            .
            Microsoft Windows 8
            Boot Device: \Device\HarddiskVolume1
            Install Date: 20-11-2012 23:16:18
            System Uptime: 22-10-2013 01:14:59 (19 hours ago)
            .
            Motherboard: Dell Inc. | | 04G65K
            Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz | U3E1 | 1200/100mhz
            .
            ==== Disk Partitions =========================
            .
            C: is FIXED (NTFS) - 919 GiB total, 848,357 GiB free.
            D: is CDROM ()
            Y: is FIXED (NTFS) - 0 GiB total, 0,209 GiB free.
            .
            ==== Disabled Device Manager Items =============
            .
            ==== System Restore Points ===================
            .
            RP57: 6-10-2013 12:10:27 - Gepland controlepunt
            RP58: 10-10-2013 16:02:38 - Windows Update
            RP59: 14-10-2013 20:53:43 - Windows Update
            RP60: 21-10-2013 20:58:58 - Gepland controlepunt
            .
            ==== Installed Programs ======================
            .
            ?????? 2012 ?????? (KB2723161)
            Aangifte inkomstenbelasting 2012
            Adobe Flash Player 11 Plugin
            Adobe Reader XI (11.0.05) - Nederlands
            Apple Application Support
            Apple Software Update
            Bing Bar
            CCleaner
            Cisco EAP-FAST Module
            Cisco LEAP Module
            Cisco PEAP Module
            Conexant SmartAudio HD
            CyberLink LabelPrint 2.5
            CyberLink Media Suite 10
            CyberLink Media Suite Essentials
            CyberLink Power2Go 8
            CyberLink PowerDirector 10
            CyberLink PowerDVD 10
            D3DX10
            Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition
            Dell Backup and Recovery
            Dell Backup and Recovery - Support Software
            Dell Digital Delivery
            Dell Touchpad
            DWGSee Pro 2013
            Free DWG Viewer 7.1
            Google Chrome
            Google Update Helper
            HP Deskjet 3050A J611 series Basissoftware van het apparaat
            HP Deskjet 3050A J611 series Haelp
            HP Deskjet 3050A J611 series Productverbeteringsonderzoek
            HP Photo Creations
            HP Smart Print 2.1
            HP Update
            HPDiagnosticAlert
            IMVU Avatar Chat Software
            Intel PROSet Wireless
            Intel(R) Control Center
            Intel(R) Management Engine Components
            Intel(R) Processor Graphics
            Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
            Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
            Intel(R) Rapid Storage Technology
            Intel® PROSet/Wireless WiFi Software
            Intel® Trusted Connect Service Client
            Intel® Turbo Boost Technologie monitor 2.6
            Java 7 Update 25
            Java Auto Updater
            Malwarebytes' Anti-Malware versie 1.51.1.1800
            Microsoft Access MUI (Dutch) 2013
            Microsoft Application Error Reporting
            Microsoft DCF MUI (Dutch) 2013
            Microsoft Excel MUI (Dutch) 2013
            Microsoft Groove MUI (Dutch) 2013
            Microsoft InfoPath MUI (Dutch) 2013
            Microsoft Lync MUI (Dutch) 2013
            Microsoft Office
            Microsoft Office 64-bit Components 2013
            Microsoft Office Access MUI (Dutch) 2010
            Microsoft Office Excel MUI (Dutch) 2010
            Microsoft Office Korrekturhilfen 2013 - Deutsch
            Microsoft Office Office 64-bit Components 2010
            Microsoft Office OneNote MUI (Dutch) 2010
            Microsoft Office OSM MUI (Dutch) 2013
            Microsoft Office OSM UX MUI (Dutch) 2013
            Microsoft Office Outlook MUI (Dutch) 2010
            Microsoft Office PowerPoint MUI (Dutch) 2010
            Microsoft Office Professional Plus 2013
            Microsoft Office Proof (Dutch) 2010
            Microsoft Office Proof (English) 2010
            Microsoft Office Proof (French) 2010
            Microsoft Office Proof (German) 2010
            Microsoft Office Proofing (Dutch) 2010
            Microsoft Office Proofing (Dutch) 2013
            Microsoft Office Proofing Tools 2013 - English
            Microsoft Office Proofing Tools 2013 - Nederlands
            Microsoft Office Publisher MUI (Dutch) 2010
            Microsoft Office Shared 64-bit MUI (Dutch) 2010
            Microsoft Office Shared 64-bit MUI (Dutch) 2013
            Microsoft Office Shared MUI (Dutch) 2010
            Microsoft Office Shared MUI (Dutch) 2013
            Microsoft Office Word MUI (Dutch) 2010
            Microsoft OneNote MUI (Dutch) 2013
            Microsoft Outlook MUI (Dutch) 2013
            Microsoft PowerPoint MUI (Dutch) 2013
            Microsoft Publisher MUI (Dutch) 2013
            Microsoft Silverlight
            Microsoft SQL Server 2005 Compact Edition [ENU]
            Microsoft Visual C++ 2005 Redistributable
            Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
            Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
            Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
            Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
            Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
            Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
            Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
            Microsoft Word MUI (Dutch) 2013
            Movie Maker
            MSVCRT
            MSVCRT110
            MSVCRT110_amd64
            My Dell
            Norton Internet Security
            Outils de vérification linguistique 2013 de Microsoft Office*- Français
            Photo Common
            Photo Gallery
            Quickset64
            QuickTime
            Rapport
            Realtek USB 2.0 Card Reader
            Seagate Dashboard 2.0
            Secure Download Manager
            Security Update for Microsoft Excel 2013 (KB2827238) 32-Bit Edition
            Security Update for Microsoft Office 2013 (KB2810009) 32-Bit Edition
            Security Update for Microsoft Office 2013 (KB2817623) 32-Bit Edition
            Shared C Run-time for x64
            Sitecom Wireless Network 300N Adapter
            Snap.Do
            Three Ships Browser Plugin
            Trusteer Eindpuntbeveiliging
            Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition
            Update for Microsoft InfoPath 2013 (KB2752078) 32-Bit Edition
            Update for Microsoft Lync 2013 (KB2817621) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2737954) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2760257) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2817309) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2817311) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2817493) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2817640) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2827228) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition
            Update for Microsoft Office 2013 (KB2827235) 32-Bit Edition
            Update for Microsoft OneNote 2013 (KB2810016) 32-Bit Edition
            Update for Microsoft Outlook 2013 (KB2825632) 32-Bit Edition
            Update for Microsoft PowerPoint 2013 (KB2726947) 32-Bit Edition
            Update for Microsoft PowerPoint 2013 (KB2817625) 32-Bit Edition
            Update for Microsoft Project 2013 (KB2767859) 32-Bit Edition
            Update for Microsoft Publisher 2013 (KB2752097) 32-Bit Edition
            Update for Microsoft SkyDrive Pro (KB2825633) 32-Bit Edition
            Update for Microsoft Visio 2013 (KB2752018) 32-Bit Edition
            Update for Microsoft Visio Viewer 2013 (KB2768338) 32-Bit Edition
            Update for Microsoft Word 2013 (KB2817631) 32-Bit Edition
            Update for Microsoft Word 2013 (KB2827218) 32-Bit Edition
            Verzoek of wijziging voorlopige aanslag 2013
            Watchtower Library 2011 - Nederlands
            Windows Live Communications Platform
            Windows Live Essentials
            Windows Live Installer
            Windows Live Photo Common
            Windows Live PIMT Platform
            Windows Live SOXE
            Windows Live SOXE Definitions
            Windows Live UX Platform
            Windows Live UX Platform Language Pack
            WinRAR 4.20 (64-bit)
            World of Tanks
            .
            ==== End Of File ===========================

            Ja, en het is nu goed. Geen problemen volgens mij meer. Maar i laat het je toch graag nog ff zien.
            Last edited by Jennifer Leung; 22-10-13, 19:35. Reden: antwoord op vraag

            Comment


            • #7
              De attach had ik niet om gevraagd.

              Zijn er nog problemen?
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                Sorry, Emphyrio... Ik wilde het juist zo goed mogelijk doen.

                Nee ik heb geen problemen meer. Maar ik heb wel een vraag. Toen ik die MBAM-scan had gedaan zag ik dat der heel veel virussen in mijn laptop zaten. Hoe kunnen die nou zo door NORTON glippen vraag ik me af...?

                Comment


                • #9
                  Oorspronkelijk geplaatst door Jennifer Leung Bekijk Berichten
                  Toen ik die MBAM-scan had gedaan zag ik dat der heel veel virussen in mijn laptop zaten. Hoe kunnen die nou zo door NORTON glippen vraag ik me af...?
                  Omdat ieder anti-malware tool zijn specialisatie heeft.
                  Het ultieme tool bestaat (nog) niet.

                  In het geval van MBAM waren dit PUP (ongewilde bestanden).


                  Download of Update Ccleaner

                  Start CCleaner op.
                  • Run Ccleaner en klik in de linkse kolom op Opties
                  • Selecteer het tabblad Geavanceerd
                  • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                  • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
                  • Selecteer het tabblad Instellingen
                  • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                  • Klik in de linkse kolom op Cleaner.
                  • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                  • Klik vervolgens in de linkse kolom op Register
                  • Klik op Scan naar problemen.
                  • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen
                  • Hier kan de vraag verschijnen of je je register wil backuppen.Antwoord met Ja en OK



                  1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                  2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                  Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                  3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                  4) Allerlei tips en hints kan je hier raadplegen.


                  Ik zet het topic op opgelost.

                  Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden
                  naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                  Dit is gedaan om het forum netjes en overzichtelijk te houden.

                  Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                  Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                  Emphyrio
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment

                  Sorry, you are not authorized to view this page
                  Working...
                  X