Mededeling

Collapse
No announcement yet.

Safefinder

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Safefinder

    Hey,

    Wou paar bestanden op een CD zetten dus downloade ik imgburn en sindsdien heb ik een toolbar genaamd SafeFinder toolbar dus ben ik gaan opzoeken waarom mijn google search steeds veranderd naar Safefinder search dus stond er overal dat het een virus is dus heb ik met malwarebytes een scan uitgevoert heeft hij alle infecties gewist maar nu kan ik bij mijn programmas SafeFinder smartbar niet wissen om dat het uninstall bestand erniet is


    Dankje, skwer

  • #2
    Hoi skwer en welkom op Nucia Security Forum,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub . ( INFO )
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Heb je deze richtlijnen gelezen en begrepen, mag je verder gaan.....



    Stap 1:

    Malware scannen en verwijderen....

    Heb je MBAM reeds op je pc staan, moet je niet downloaden uiteraard.

    Download Malwarebytes Anti-Malware 1.75 naar je bureaublad .

    Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    KLIK HIER voor een vergroting! 
    Klik op de foto voor een vergroting...

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    .
    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs. Dus een tweede "snelle scan" log enkel indien de VOLLEDIGE scan "iets" gevonden heeft.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    .___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scannen
    • Klik op Verwijderen
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent een logfile (C:\ AdwCleaner\AdwCleaner[xx].txt
    Post deze inhoud hier op het Forum.

    Enkel de log na de "Verwijderen" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in.
    Deze word standaard door AdwCleaner terug gezet naar Google.com
    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.


    ___________________________________________________________

    Stap 4:

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.


    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Checkup.txt
      Results of screen317's Security Check version 0.99.85
      x64 (UAC is enabled)
      Internet Explorer 11
      ``````````````Antivirus/Firewall Check:``````````````
      Windows Firewall Enabled!
      Windows Defender
      Norton Internet Security
      WMI entry may not exist for antivirus; attempting automatic update.
      `````````Anti-malware/Other Utilities Check:`````````
      Java 7 Update 60
      Google Chrome 35.0.1916.153
      ````````Process Check: objlist.exe by Laurent````````
      Norton ccSvcHst.exe
      Malwarebytes Anti-Malware mbamservice.exe
      Malwarebytes Anti-Malware mbam.exe
      Malwarebytes Anti-Malware mbamscheduler.exe
      `````````````````System Health check`````````````````
      Total Fragmentation on Drive C: %
      ````````````````````End of Log``````````````````````

      MBAM log
      Malwarebytes Anti-Malware
      www.malwarebytes.org

      Scan Date: 7/16/2014
      Scan Time: 6:44:42 PM
      Logfile:
      Administrator: Yes

      Version: 2.00.2.1012
      Malware Database: v2014.07.16.06
      Rootkit Database: v2014.07.14.01
      License: Premium
      Malware Protection: Enabled
      Malicious Website Protection: Enabled
      Self-protection: Disabled

      OS: Windows 8.1
      CPU: x64
      File System: NTFS
      User: skwer

      Scan Type: Threat Scan
      Result: Completed
      Objects Scanned: 287340
      Time Elapsed: 8 min, 15 sec

      Memory: Enabled
      Startup: Enabled
      Filesystem: Enabled
      Archives: Enabled
      Rootkits: Disabled
      Heuristics: Enabled
      PUP: Enabled
      PUM: Enabled

      Processes: 0
      (No malicious items detected)

      Modules: 0
      (No malicious items detected)

      Registry Keys: 0
      (No malicious items detected)

      Registry Values: 0
      (No malicious items detected)

      Registry Data: 0
      (No malicious items detected)

      Folders: 0
      (No malicious items detected)

      Files: 0
      (No malicious items detected)

      Physical Sectors: 0
      (No malicious items detected)


      (end)
      Last edited by skwer; 16-07-14, 18:53.

      Comment


      • #4
        Kan je de volgorde respecteren zoals gevraagd aub?
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Oorspronkelijk geplaatst door Emphyrio Bekijk Berichten
          Kan je de volgorde respecteren zoals gevraagd aub?
          oke, geen probleem en ik kan het dds programma niet uitvoeren het zegt DDS is not meant to run in 'compatibility mode'. the program shall now exit.
          Last edited by skwer; 16-07-14, 18:57.

          Comment


          • #6
            MBAM log
            Malwarebytes Anti-Malware
            www.malwarebytes.org

            Scan Date: 7/16/2014
            Scan Time: 6:44:42 PM
            Logfile:
            Administrator: Yes

            Version: 2.00.2.1012
            Malware Database: v2014.07.16.06
            Rootkit Database: v2014.07.14.01
            License: Premium
            Malware Protection: Enabled
            Malicious Website Protection: Enabled
            Self-protection: Disabled

            OS: Windows 8.1
            CPU: x64
            File System: NTFS
            User: skwer

            Scan Type: Threat Scan
            Result: Completed
            Objects Scanned: 287340
            Time Elapsed: 8 min, 15 sec

            Memory: Enabled
            Startup: Enabled
            Filesystem: Enabled
            Archives: Enabled
            Rootkits: Disabled
            Heuristics: Enabled
            PUP: Enabled
            PUM: Enabled

            Processes: 0
            (No malicious items detected)

            Modules: 0
            (No malicious items detected)

            Registry Keys: 0
            (No malicious items detected)

            Registry Values: 0
            (No malicious items detected)

            Registry Data: 0
            (No malicious items detected)

            Folders: 0
            (No malicious items detected)

            Files: 0
            (No malicious items detected)

            Physical Sectors: 0
            (No malicious items detected)


            (end)


            Adwcleaner logfile

            # AdwCleaner v3.215 - Rapport aangemaakt 16/07/2014 op 19:00:09
            # Laatste Update 09/07/2014 door Xplode
            # Besturingssysteem : Windows 8.1 (64 bits)
            # Gebruikersnaam : skwer - GS
            # Gestart vanuit : C:\Users\skwer\Downloads\adwcleaner_3.215.exe
            # Optie : Scannen

            ***** [ Services ] *****


            ***** [ Bestanden / Mappen ] *****


            ***** [ Snelkoppelingen ] *****


            ***** [ Register ] *****


            ***** [ Browsers ] *****

            -\\ Internet Explorer v11.0.9600.17126


            -\\ Google Chrome v35.0.1916.153

            [ Bestand : C:\Users\skwer\AppData\Local\Google\Chrome\User Data\Default\preferences ]


            *************************

            AdwCleaner[R0].txt - [2941 octets] - [15/07/2014 19:06:32]
            AdwCleaner[R1].txt - [2212 octets] - [16/07/2014 17:26:03]
            AdwCleaner[R2].txt - [756 octets] - [16/07/2014 19:00:09]
            AdwCleaner[S0].txt - [2261 octets] - [16/07/2014 17:26:48]

            ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [875 octets] ##########

            DDS Logfiles
            Kon niet uitvoeren.


            Checkup.txt
            Results of screen317's Security Check version 0.99.85
            x64 (UAC is enabled)
            Internet Explorer 11
            ``````````````Antivirus/Firewall Check:``````````````
            Windows Firewall Enabled!
            Windows Defender
            Norton Internet Security
            WMI entry may not exist for antivirus; attempting automatic update.
            `````````Anti-malware/Other Utilities Check:`````````
            Java 7 Update 60
            Google Chrome 35.0.1916.153
            ````````Process Check: objlist.exe by Laurent````````
            Norton ccSvcHst.exe
            Malwarebytes Anti-Malware mbamservice.exe
            Malwarebytes Anti-Malware mbam.exe
            Malwarebytes Anti-Malware mbamscheduler.exe
            `````````````````System Health check`````````````````
            Total Fragmentation on Drive C: %
            ````````````````````End of Log``````````````````````

            Comment


            • #7
              Oorspronkelijk geplaatst door skwer Bekijk Berichten
              oke, geen probleem en ik kan het dds programma niet uitvoeren het zegt DDS is not meant to run in 'compatibility mode'. the program shall now exit.
              Dat komt omdat je Windows 8.1 hebt. Je profile staat Windows 8. Even aanpassen dus.


              Verwijder Java 7 Update 60 van je pc.
              PC herstarten hierna.


              Doe een Custom scan met MBAM (aangepaste scan).
              Vink alle partities en HDD's aan.
              Post de log.

              • Download PC Info naar je bureaublad.
              • Unzip en klik op SetupPC Info.
              • Doorloop het installatieproces.

              .
              Dubbelklik op PC Info.
              De scanning wordt nu ingezet...
              Na de scanning selecteer je de tab: Logs
              Vervolgens check je uitsluitend deze items:
              .
              • Software
              • Hardware
              • Software Installed List
              • Startup List
              • Running Processes
              • Expert Mode
              • Registry Scan

              .
              Klik nu op 'Create a log' kopieer en plak deze in je volgende posting.
              Last edited by Emphyrio; 16-07-14, 19:24.
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                PC Info vs 2.2.0.0 © 2011-2014 Onsia Patrick (Emphyrio)
                16/7/2014 19:31:52
                Boot Status: Normal boot
                ==================== OS INFO ====================================

                OS version : Windows 8.1
                Edition :
                Service Pack :
                Build version : 6.3.9600.0
                Windows OS Bits : 64 *

                Update detected : 2014-07-15 21:24:54
                Update downloaded : 2014-07-16 04:01:10
                Update installed : 2014-07-12 22:53:53
                ==================== GENERAL INFO ===============================

                Windows Directory : C:\WINDOWS
                User Profile : C:\Users\skwer
                Java Version : 1.7.0_60
                Antivirus : Norton Internet Security [Updated - Running ]
                Anti Spam : Windows Defender [Updated - Not Running ]
                Firewall : Norton Internet Security [Updated - Running ]
                ==================== HARDWARE ===================================

                GenuineIntel Intel64 Family 6 Model 60 Stepping 3
                Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz

                Mainboard : Micro-Star International Co., Ltd.

                Model : GE70 2OC\2OE

                Bios Version : E1757IMS.509 (American Megatrends Inc.)

                RAM Present : 8112 MB / 7.9 GB
                RAM Free : 5031 Mb ( 62 % Free )

                Videocard : Intel(R) HD Graphics 4600
                Memory : 2080Mb
                Driver version : 10.18.10.3540
                ==================== APP LIST ===================================

                C:\ Fixed - OS_Install - NTFS - 468 Gb (Free : 417640 Mb / 407 Gb )
                D:\ Fixed - Data - NTFS - 209 Gb (Free : 210525 Mb / 205 Gb )
                ==================== INSTALLED SOFTWARE LIST ====================


                „Windows Live Essentials“ 16.4.3505.0912
                Apple Application Support 3.0.5
                Apple Mobile Device Support 7.1.2.6
                Apple Software Update 2.1.3.127
                Battery Calibration 1.0.1208.0301
                Bonjour 3.0.0.10
                BurnRecovery 4.0.1304.1501
                CCleaner 4.15
                Cisco EAP-FAST Module 2.2.14
                Cisco LEAP Module 1.0.19
                Cisco PEAP Module 1.1.6
                Counter-Strike: Global Offensive
                CyberLink PowerDVD 10 10.0.4126.52
                D3DX10 15.4.2368.0902
                ETDWare PS/2-X64 11.13.2.4_WHQL 11.13.2.4
                Foto-galerija 16.4.3505.0912
                Fotoattēlu galerija 16.4.3505.0912
                Fotogaléria 16.4.3505.0912
                Fotogalerie 16.4.3505.0912
                Fotogalerii 16.4.3505.0912
                Fotogalerija 16.4.3505.0912
                Fotogalleri 16.4.3505.0912
                Fotogalleriet 16.4.3505.0912
                Fotoğraf Galerisi 16.4.3505.0912
                Fotótár 16.4.3505.0912
                Galeria de Fotografias 16.4.3505.0912
                Galeria de Fotos 16.4.3505.0912
                Galería de fotos 16.4.3505.0912
                Galeria fotografii 16.4.3505.0912
                Galerie de photos 16.4.3505.0912
                Galerie foto 16.4.3505.0912
                Galerija fotografija 16.4.3505.0912
                Google Chrome 35.0.1916.153
                Google Update Helper 1.3.24.15
                ImgBurn 2.5.8.0
                Intel(R) Manageability Engine Firmware Recovery Agent 1.1.0.36960
                Intel(R) Management Engine Components 9.5.23.1766
                Intel(R) Processor Graphics 10.18.10.3540
                Intel(R) Rapid Storage Technology 12.5.0.1066
                Intel(R) SDK for OpenCL - CPU Only Runtime Package 3.0.0.63463
                Intel® Trusted Connect Service Client 1.31.8.1
                iTunes 11.3.0.54
                Java 7 Update 60 7.0.600
                Java Auto Updater 2.1.60.19
                KB9X Radio Switch Driver 1.1.0.0
                Malwarebytes Anti-Malware versie 2.0.2.1012 2.0.2.1012
                Microsoft Application Error Reporting 12.0.6015.5000
                Microsoft Office 15.0.4454.1510
                Microsoft Silverlight 5.1.30214.0
                Microsoft SQL Server 2005 Compact Edition [ENU] 3.1.0000
                Microsoft Visual C++ 2005 Redistributable 8.0.61001
                Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 9.0.30729.4148
                Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 9.0.30729.6161
                Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729
                Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 9.0.30729.4148
                Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 9.0.30729.6161
                Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 10.0.40219
                Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 10.0.40219
                Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 11.0.50727.1
                Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 11.0.50727
                Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 11.0.50727
                Movie Maker 16.4.3505.0912
                MSI Remind Manager 2.12.1003
                MSI Social Media Collection 1.13.0123
                MSVCRT 15.4.2862.0708
                MSVCRT110 16.4.1108.0727
                MSVCRT110_amd64 16.4.1109.0912
                MTA:SA v1.3.5 v1.3.5
                MTA:SA v1.4.0 v1.4.0
                Norton Anti-Theft 1.10.0.9
                Norton Internet Security 20.5.0.28
                Norton Online Backup 2.7.0.24
                Norton Online Backup ARA 4.3.0.14
                Norton PC Checkup 2.0.18.16
                NVIDIA-configuratiescherm 337.88 337.88
                NVIDIA GeForce Experience 2.0.1 2.0.1
                NVIDIA Grafisch stuurprogramma 337.88 337.88
                NVIDIA Install Application 2.1002.151.1091
                NVIDIA LED Visualizer 1.0 1.0
                NVIDIA Network Service 1.0
                NVIDIA Optimus Update 12.4.67 12.4.67
                NVIDIA PhysX 9.13.1220
                NVIDIA PhysX systeemsoftware 9.13.1220 9.13.1220
                NVIDIA ShadowPlay 12.4.67 12.4.67
                NVIDIA Update 12.4.67 12.4.67
                NVIDIA Update Core 12.4.67
                NVIDIA Virtual Audio 1.2.23 1.2.23
                PC Info 2.2.0
                Photo Common 16.4.3505.0912
                Photo Gallery 16.4.3505.0912
                Podstawowe programy Windows Live 16.4.3505.0912
                Qualcomm Atheros Killer Network Manager 6.1.0.550
                Qualcomm Atheros Killer Network Manager 6.1.0.550
                Raccolta foto 16.4.3505.0912
                REALTEK Bluetooth Driver 3.9691.663.020613
                Realtek High Definition Audio Driver 6.0.1.7183
                Realtek PCIE Card Reader 6.2.9200.21219
                REALTEK Wireless LAN Driver 1.00.0212
                Revo Uninstaller Pro 3.0.8 3.0.8
                SafeFinder Smartbar 11.75.72.18057
                SCM 13.013.04234
                SHIELD Streaming 2.1.108
                Skype™ 6.18 6.18.105
                SlimDrivers 2.2.32705
                Sound Blaster Cinema 1.00.01
                Steam
                Super-Charger 1.2.017
                System Requirements Lab for Intel 4.5.24.0
                tools-windows 9.6.2.1895310
                Valokuvavalikoima 16.4.3505.0912
                VMware Player 6.0.3
                VMware Player 6.0.3
                Vuze 5.3.0.0
                Windows Live 16.4.3505.0912
                Windows Live Communications Platform 16.4.3505.0912
                Windows Live Essentials 16.4.3505.0912
                Windows Live Installer 16.4.3505.0912
                Windows Live Photo Common 16.4.3505.0912
                Windows Live PIMT Platform 16.4.3505.0912
                Windows Live SOXE 16.4.3505.0912
                Windows Live SOXE Definitions 16.4.3505.0912
                Windows Live Temel Parçalar 16.4.3505.0912
                Windows Live UX Platform 16.4.3505.0912
                Windows Live UX Platform Language Pack 16.4.3505.0912
                Windows Liven peruspaketti 16.4.3505.0912
                WinRAR 5.10 (64-bit) 5.10.0
                Συλλογή φωτογραφιών 16.4.3505.0912
                Основи Windows Live 16.4.3505.0912
                Основные компоненты Windows Live 16.4.3505.0912
                Фотоальбом 16.4.3505.0912
                Фотогалерия 16.4.3505.0912
                Фотографии (общедоступная версия) 16.4.3505.0912
                Фотоколекція 16.4.3505.0912
                גלריית התמונות 16.4.3505.0912
                ==================== STARTUP LIST Enabled========================

                ------- Local 32/64 HKLM skwer------------

                Sound Blaster Cinema : "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
                UpdReg : C:\Windows\UpdReg.EXE
                Super-Charger : C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
                RemoteControl10 : "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
                SunJavaUpdateSched : "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
                iTunesHelper : "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

                ------- Local [HKLM] skwer------------

                RTHDVCPL : "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
                ETDCtrl : C:\Program Files\Elantech\ETDCtrl.exe
                IAStorIcon : "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
                BtServer : "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
                Radio Manager : C:\Program Files (x86)\SCM\Radio Manager.exe
                SCM : C:\Program Files (x86)\SCM\SCM.exe
                MBCfg64 : C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
                NvBackend : "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
                ShadowPlay : C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

                ------- Current User [HKCU] skwer------------

                CCleaner Monitoring : "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
                Skype : "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

                ==================== RUNNING PROCESSES ==========================

                CCleaner64 ID = 7088 Path: C:\Program Files\CCleaner\CCleaner64.exe
                chrome ID = 980 Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                nvvsvc ID = 388 Path: C:\WINDOWS\system32\nvvsvc.exe
                mbam ID = 3932 Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
                conhost ID = 4916 Path: C:\WINDOWS\system32\conhost.exe
                Radio Manager ID = 4000 Path: C:\Program Files (x86)\SCM\Radio Manager.exe
                conhost ID = 4764 Path: C:\WINDOWS\system32\conhost.exe
                nvtray ID = 5300 Path: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
                explorer ID = 3920 Path: C:\WINDOWS\Explorer.EXE
                BTServer ID = 3520 Path: C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
                PC Info ID = 2136 Path: C:\Program Files (x86)\E Dev\PC Info\PC Info.exe
                SrTasks ID = 7008 Path: C:\WINDOWS\system32\srtasks.exe
                Super-Charger ID = 6856 Path: C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
                SCM ID = 5308 Path: C:\Program Files (x86)\SCM\SCM.exe
                SBCinema ID = 7048 Path: C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
                chrome ID = 5532 Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                Skype ID = 7012 Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
                nvxdsync ID = 532 Path: C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                nvstreamsvc ID = 4524 Path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
                SkyDrive ID = 6044 Path: C:\Windows\System32\skydrive.exe
                conhost ID = 8036 Path: C:\WINDOWS\system32\conhost.exe
                unsecapp ID = 6808 Path: C:\WINDOWS\system32\wbem\unsecapp.exe
                chrome ID = 4236 Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                rundll32 ID = 5652 Path: C:\Windows\System32\rundll32.exe
                chrome ID = 2084 Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                ETDCtrlHelper ID = 6020 Path: C:\Program Files\Elantech\ETDCtrlHelper.exe
                ccSvcHst ID = 4044 Path: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
                SrTasks ID = 6032 Path: C:\WINDOWS\system32\srtasks.exe
                ccsvchst ID = 4948 Path: C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe
                ==================== REG SCAN ===================================

                Empthy keys and/or values aren't logged !

                ==================== SESSION MANAGER ============================

                HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\
                BootExecute = autocheck autochk *
                \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cleanup.old
                \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
                \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.old
                ==================== WINLOGON ===================================

                HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

                Userinit = C:\Windows\system32\userinit.exe,
                Shell = explorer.exe

                ==================== ShellServiceObjectDelayLoad ================

                HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

                WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
                File in HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InProcServer32\

                ==================== Shell Extensions\Approved ==================

                HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

                {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = WebCheck
                {08165EA0-E946-11CF-9C87-00AA005127ED} = WebCheckWebCrawler
                File in HKCR\CLSID\{08165EA0-E946-11CF-9C87-00AA005127ED}\InProcServer32\ = C:\Windows\System32\webcheck.dll

                ==================== Shell Extensions\Approved WOW 6432 =========

                HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
                {08165EA0-E946-11CF-9C87-00AA005127ED} = WebCheckWebCrawler
                {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = WebCheck

                ==================== SharedTaskScheduler ========================

                HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\



                File in HKCR\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32\ = C:\WINDOWS\system32\explorerframe.dll

                ==================== RUN KEYS====================================

                HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
                HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
                HKCU\Software\Microsoft\Windows\CurrentVersion\Run

                CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
                Skype = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
                HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
                HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
                HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
                HKLM\Software\Microsoft\Windows\CurrentVersion\Run

                BtServer = "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
                ETDCtrl = C:\Program Files\Elantech\ETDCtrl.exe
                IAStorIcon = "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
                MBCfg64 = C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
                NvBackend = "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
                Radio Manager = C:\Program Files (x86)\SCM\Radio Manager.exe
                RTHDVCPL = "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
                SCM = C:\Program Files (x86)\SCM\SCM.exe
                ShadowPlay = C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

                HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

                iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
                RemoteControl10 = "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
                Sound Blaster Cinema = "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
                Super-Charger = C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
                UpdReg = C:\Windows\UpdReg.EXEHKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
                HKCU\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce

                ==================== vVv Krepper Trojan Pointers vVv ============

                HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run

                ==================== RUN SERVICES ===============================

                HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
                HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
                HKU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
                HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
                HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
                HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

                ==================== Shell Folder ===============================

                HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
                Startup = C:\Users\skwer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

                HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

                ==================== DLL Loaded =================================

                HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows


                ( 0x0 – Load any DLLs. 0x1 – Load only code-signed DLLs.)



                HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load


                ==================== ShellExecuteHooks ==========================

                HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks

                ==================== Command Processor ==========================

                HKLM\Software\Microsoft\Command Processor
                HKCU\Software\Microsoft\Command Processor

                ==================== BROWSER HELPER OBJECTS =====================

                HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

                # Not exist #

                ==================== BHO - CLSID Wow6432Node ====================

                HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects

                {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} = Norton Identity Protection
                File in HKCR\Wow6432Node\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\InProcServer32\
                = C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll

                --------------------------------------------------------------------
                {6D53EC84-6AAE-4787-AEEE-F4628F01010C} = Norton Vulnerability Protection
                File in HKCR\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\InProcServer32\
                = C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL

                --------------------------------------------------------------------
                ==================== TOOLBAR ====================================

                HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar

                # Not exist #

                ==================== TOOLBAR - Wow6432Node ======================

                HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar

                # Not exist #

                ==================== URL SEARCH HOOKS ===========================

                HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks

                HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks

                HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks

                ==================== SAFE BOOT ==================================

                HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

                AlternateShell = cmd.exe
                HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

                {533C5B84-EC70-11D2-9505-00C04F79DEAF}
                = Volume shadow copy{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
                = IEEE 1394 Bus host controllers{D48179BE-EC20-11D1-B6B8-00C04FA372A7}
                = SBP2 IEEE 1394 Devices{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}
                = SecurityDevices

                HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

                {50DD5230-BA8A-11D1-BF5D-0000F805F530}
                = Smart card readers{533C5B84-EC70-11D2-9505-00C04F79DEAF}
                = Volume shadow copy{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
                = IEEE 1394 Bus host controllers{D48179BE-EC20-11D1-B6B8-00C04FA372A7}
                = SBP2 IEEE 1394 Devices{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}
                = SecurityDevicesDnsCache
                = ServiceWudfPf
                = DriverWudfRd
                = DriverWudfSvc
                = ServiceWudfUsbccidDriver
                = Driver
                ==================== DESKTOP ====================================

                HKCU\Control Panel\Desktop

                ScreenSaveActive = 1
                HKCU\Software\Policies\Microsoft\Windows\Control Panel\Desktop\SCRNSAVE.EXE
                ==================== SECURITYPROVIDERS ==========================

                HKLM\system\currentcontrolset\control\securityproviders

                SecurityProviders = credssp.dll
                File in C:\WINDOWS\System32\credssp.dll 21504 bytes [ 8/22/2013 11:01:38 AM ]
                ==================== SVCHOST (White Listed) ==================

                HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost

                All ok
                ==================== WOW-SVCHOST ================================

                HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost

                All ok==================== INTERFACES =================================

                HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces

                {377193D9-20CA-4DFE-BEB7-473AF2522D15}
                {4A18BEB6-0FCE-403A-8F0D-AD991703917A}
                {5084318E-5CB8-4588-A5CE-9E8B4FC92A76}
                {7e43b212-0886-11e4-824e-806e6f6e6963}
                {864B0E7E-D229-47A6-9C06-92CDA8AE4E89}
                {8718928D-CBEB-45EA-A621-800A9249001D}
                {DB167F47-10A4-4B35-87F2-2BCEA1FE4290}
                {E322AB28-821E-47A0-8B8D-AC8D4BD4544B}

                ==================== SEARCHSCOPES ===============================

                HKCU\Software\Microsoft\Internet Explorer\SearchScopes

                DefaultScope :

                {140933CD-4278-4450-99AF-09287DDCC2E0}
                URL :


                HKLM\Software\Microsoft\Internet Explorer\SearchScopes

                DefaultScope : {140933CD-4278-4450-99AF-09287DDCC2E0}

                {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
                URL : http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


                {140933CD-4278-4450-99AF-09287DDCC2E0}
                URL : http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;


                ==================== Job files ==================================

                There are no .job files found.
                =================================================================

                Log finished at 7/16/2014 7:31:52 PM
                Thanks for using PC Info...
                ==================== END ========================================
                Last edited by skwer; 16-07-14, 19:32.

                Comment


                • #9
                  Kan je de richtlijnen aandachtig lezen en uitvoeren aub?

                  Ik heb tevens nog een bijkomende vraag: Waarom is Windows Live en Fotogalerie in het Russisch?
                  Er is zelfs in het Hebreeuws geinstalleerd.

                  Dat is vragen om moeilijkheden.
                  Last edited by Emphyrio; 16-07-14, 19:52.
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    weetniet?, heb nooit die programmas geinstalleerd naar mijn weten ?

                    Comment


                    • #11
                      mbam

                      Malwarebytes Anti-Malware
                      www.malwarebytes.org

                      Scan Date: 7/16/2014
                      Scan Time: 7:44:00 PM
                      Logfile:
                      Administrator: Yes

                      Version: 2.00.2.1012
                      Malware Database: v2014.07.16.06
                      Rootkit Database: v2014.07.14.01
                      License: Premium
                      Malware Protection: Enabled
                      Malicious Website Protection: Enabled
                      Self-protection: Disabled

                      OS: Windows 8.1
                      CPU: x64
                      File System: NTFS
                      User: skwer

                      Scan Type: Custom Scan
                      Result: Completed
                      Objects Scanned: 437921
                      Time Elapsed: 1 hr, 11 min, 14 sec

                      Memory: Enabled
                      Startup: Enabled
                      Filesystem: Enabled
                      Archives: Enabled
                      Rootkits: Enabled
                      Heuristics: Enabled
                      PUP: Enabled
                      PUM: Enabled

                      Processes: 0
                      (No malicious items detected)

                      Modules: 0
                      (No malicious items detected)

                      Registry Keys: 0
                      (No malicious items detected)

                      Registry Values: 0
                      (No malicious items detected)

                      Registry Data: 0
                      (No malicious items detected)

                      Folders: 0
                      (No malicious items detected)

                      Files: 1
                      Hacktool.Agent, C:\Users\skwer\Documents\Vuze Downloads\Windows Vista Ultimate SP2 (32 Bit)\Windows Vista ACTIVATION.zip, Quarantined, [2252aff01a61e353aeae94bd52afe41c],

                      Physical Sectors: 0
                      (No malicious items detected)


                      (end)


                      pc info:


                      PC Info vs 2.2.0.0 © 2011-2014 Onsia Patrick (Emphyrio)
                      16/7/2014 21:26:47
                      Boot Status: Normal boot
                      ==================== OS INFO ====================================

                      OS version : Windows 8.1
                      Edition :
                      Service Pack :
                      Build version : 6.3.9600.0
                      Windows OS Bits : 64 *

                      Update detected : 2014-07-16 19:34:42
                      Update downloaded : 2014-07-16 04:01:10
                      Update installed : 2014-07-12 22:53:53
                      ==================== GENERAL INFO ===============================

                      Windows Directory : C:\WINDOWS
                      User Profile : C:\Users\skwer
                      Java Version : N/A
                      Antivirus : Norton Internet Security [Updated - Running ]
                      Anti Spam : Windows Defender [Updated - Not Running ]
                      Firewall : Norton Internet Security [Updated - Running ]
                      ==================== HARDWARE ===================================

                      GenuineIntel Intel64 Family 6 Model 60 Stepping 3
                      Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz

                      Mainboard : Micro-Star International Co., Ltd.

                      Model : GE70 2OC\2OE

                      Bios Version : E1757IMS.509 (American Megatrends Inc.)

                      RAM Present : 8112 MB / 7.9 GB
                      RAM Free : 4870 Mb ( 60 % Free )

                      Videocard : Intel(R) HD Graphics 4600
                      Memory : 2080Mb
                      Driver version : 10.18.10.3540
                      ==================== APP LIST ===================================

                      C:\ Fixed - OS_Install - NTFS - 468 Gb (Free : 417293 Mb / 407 Gb )
                      D:\ Fixed - Data - NTFS - 209 Gb (Free : 210525 Mb / 205 Gb )
                      ==================== INSTALLED SOFTWARE LIST ====================


                      „Windows Live Essentials“ 16.4.3505.0912
                      Apple Application Support 3.0.5
                      Apple Mobile Device Support 7.1.2.6
                      Apple Software Update 2.1.3.127
                      Battery Calibration 1.0.1208.0301
                      Bonjour 3.0.0.10
                      BurnRecovery 4.0.1304.1501
                      CCleaner 4.15
                      Cisco EAP-FAST Module 2.2.14
                      Cisco LEAP Module 1.0.19
                      Cisco PEAP Module 1.1.6
                      Counter-Strike: Global Offensive
                      CyberLink PowerDVD 10 10.0.4126.52
                      D3DX10 15.4.2368.0902
                      ETDWare PS/2-X64 11.13.2.4_WHQL 11.13.2.4
                      Foto-galerija 16.4.3505.0912
                      Fotoattēlu galerija 16.4.3505.0912
                      Fotogaléria 16.4.3505.0912
                      Fotogalerie 16.4.3505.0912
                      Fotogalerii 16.4.3505.0912
                      Fotogalerija 16.4.3505.0912
                      Fotogalleri 16.4.3505.0912
                      Fotogalleriet 16.4.3505.0912
                      Fotoğraf Galerisi 16.4.3505.0912
                      Fotótár 16.4.3505.0912
                      Galeria de Fotografias 16.4.3505.0912
                      Galeria de Fotos 16.4.3505.0912
                      Galería de fotos 16.4.3505.0912
                      Galeria fotografii 16.4.3505.0912
                      Galerie de photos 16.4.3505.0912
                      Galerie foto 16.4.3505.0912
                      Galerija fotografija 16.4.3505.0912
                      Google Chrome 35.0.1916.153
                      Google Update Helper 1.3.24.15
                      ImgBurn 2.5.8.0
                      Intel(R) Manageability Engine Firmware Recovery Agent 1.1.0.36960
                      Intel(R) Management Engine Components 9.5.23.1766
                      Intel(R) Processor Graphics 10.18.10.3540
                      Intel(R) Rapid Storage Technology 12.5.0.1066
                      Intel(R) SDK for OpenCL - CPU Only Runtime Package 3.0.0.63463
                      Intel® Trusted Connect Service Client 1.31.8.1
                      iTunes 11.3.0.54
                      KB9X Radio Switch Driver 1.1.0.0
                      Malwarebytes Anti-Malware versie 2.0.2.1012 2.0.2.1012
                      Microsoft Application Error Reporting 12.0.6015.5000
                      Microsoft Office 15.0.4454.1510
                      Microsoft Silverlight 5.1.30214.0
                      Microsoft SQL Server 2005 Compact Edition [ENU] 3.1.0000
                      Microsoft Visual C++ 2005 Redistributable 8.0.61001
                      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 9.0.30729.4148
                      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 9.0.30729.6161
                      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 9.0.30729
                      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 9.0.30729.4148
                      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 9.0.30729.6161
                      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 10.0.40219
                      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 10.0.40219
                      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 11.0.50727.1
                      Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 11.0.50727
                      Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 11.0.50727
                      Movie Maker 16.4.3505.0912
                      MSI Remind Manager 2.12.1003
                      MSI Social Media Collection 1.13.0123
                      MSVCRT 15.4.2862.0708
                      MSVCRT110 16.4.1108.0727
                      MSVCRT110_amd64 16.4.1109.0912
                      MTA:SA v1.3.5 v1.3.5
                      MTA:SA v1.4.0 v1.4.0
                      Norton Anti-Theft 1.10.0.9
                      Norton Internet Security 20.5.0.28
                      Norton Online Backup 2.7.0.24
                      Norton Online Backup ARA 4.3.0.14
                      Norton PC Checkup 2.0.18.16
                      NVIDIA-configuratiescherm 337.88 337.88
                      NVIDIA GeForce Experience 2.0.1 2.0.1
                      NVIDIA Grafisch stuurprogramma 337.88 337.88
                      NVIDIA Install Application 2.1002.151.1091
                      NVIDIA LED Visualizer 1.0 1.0
                      NVIDIA Network Service 1.0
                      NVIDIA Optimus Update 12.4.67 12.4.67
                      NVIDIA PhysX 9.13.1220
                      NVIDIA PhysX systeemsoftware 9.13.1220 9.13.1220
                      NVIDIA ShadowPlay 12.4.67 12.4.67
                      NVIDIA Update 12.4.67 12.4.67
                      NVIDIA Update Core 12.4.67
                      NVIDIA Virtual Audio 1.2.23 1.2.23
                      PC Info 2.2.0
                      Photo Common 16.4.3505.0912
                      Photo Gallery 16.4.3505.0912
                      Podstawowe programy Windows Live 16.4.3505.0912
                      Qualcomm Atheros Killer Network Manager 6.1.0.550
                      Qualcomm Atheros Killer Network Manager 6.1.0.550
                      Raccolta foto 16.4.3505.0912
                      REALTEK Bluetooth Driver 3.9691.663.020613
                      Realtek High Definition Audio Driver 6.0.1.7183
                      Realtek PCIE Card Reader 6.2.9200.21219
                      REALTEK Wireless LAN Driver 1.00.0212
                      Revo Uninstaller Pro 3.0.8 3.0.8
                      SafeFinder Smartbar 11.75.72.18057
                      SCM 13.013.04234
                      SHIELD Streaming 2.1.108
                      Skype™ 6.18 6.18.105
                      SlimDrivers 2.2.32705
                      Sound Blaster Cinema 1.00.01
                      Steam
                      Super-Charger 1.2.017
                      System Requirements Lab for Intel 4.5.24.0
                      tools-windows 9.6.2.1895310
                      Valokuvavalikoima 16.4.3505.0912
                      VMware Player 6.0.3
                      VMware Player 6.0.3
                      Vuze 5.3.0.0
                      Windows Live 16.4.3505.0912
                      Windows Live Communications Platform 16.4.3505.0912
                      Windows Live Essentials 16.4.3505.0912
                      Windows Live Installer 16.4.3505.0912
                      Windows Live Photo Common 16.4.3505.0912
                      Windows Live PIMT Platform 16.4.3505.0912
                      Windows Live SOXE 16.4.3505.0912
                      Windows Live SOXE Definitions 16.4.3505.0912
                      Windows Live Temel Parçalar 16.4.3505.0912
                      Windows Live UX Platform 16.4.3505.0912
                      Windows Live UX Platform Language Pack 16.4.3505.0912
                      Windows Liven peruspaketti 16.4.3505.0912
                      WinRAR 5.10 (64-bit) 5.10.0
                      Συλλογή φωτογραφιών 16.4.3505.0912
                      Основи Windows Live 16.4.3505.0912
                      Основные компоненты Windows Live 16.4.3505.0912
                      Фотоальбом 16.4.3505.0912
                      Фотогалерия 16.4.3505.0912
                      Фотографии (общедоступная версия) 16.4.3505.0912
                      Фотоколекція 16.4.3505.0912
                      גלריית התמונות 16.4.3505.0912
                      ==================== STARTUP LIST Enabled========================

                      ------- Local 32/64 HKLM skwer------------

                      Sound Blaster Cinema : "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
                      UpdReg : C:\Windows\UpdReg.EXE
                      Super-Charger : C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
                      RemoteControl10 : "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
                      iTunesHelper : "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

                      ------- Local [HKLM] skwer------------

                      RTHDVCPL : "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
                      ETDCtrl : C:\Program Files\Elantech\ETDCtrl.exe
                      IAStorIcon : "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
                      BtServer : "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
                      Radio Manager : C:\Program Files (x86)\SCM\Radio Manager.exe
                      SCM : C:\Program Files (x86)\SCM\SCM.exe
                      MBCfg64 : C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
                      NvBackend : "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
                      ShadowPlay : C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

                      ------- Current User [HKCU] skwer------------

                      CCleaner Monitoring : "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
                      Skype : "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

                      ==================== RUNNING PROCESSES ==========================

                      winlogon ID = 776 Path: C:\WINDOWS\system32\winlogon.exe
                      updateui ID = 5904 Path: C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
                      Taskmgr ID = 7176 Path: C:\WINDOWS\system32\taskmgr.exe
                      ismagent ID = 6280 Path: C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
                      CCleaner64 ID = 6476 Path: C:\Program Files\CCleaner\CCleaner64.exe
                      SCM ID = 6812 Path: C:\Program Files (x86)\SCM\SCM.exe
                      proxy_sa ID = 4104 Path: C:\Program Files (x86)\Rockstar\GTA - San Andreas\proxy_sa.exe
                      explorer ID = 2912 Path: C:\WINDOWS\Explorer.EXE
                      NvBackend ID = 1332 Path: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
                      igfxEM ID = 3876 Path: C:\WINDOWS\system32\igfxEM.exe
                      BTServer ID = 3284 Path: C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
                      dllhost ID = 4068 Path: C:\WINDOWS\system32\DllHost.exe
                      nvtray ID = 5248 Path: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
                      SettingSyncHost ID = 7808 Path: C:\Windows\System32\SettingSyncHost.exe
                      RAVCpl64 ID = 5704 Path: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
                      IAStorIcon ID = 976 Path: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                      chrome ID = 7752 Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                      taskeng ID = 4252 Path: C:\WINDOWS\system32\taskeng.exe
                      nvxdsync ID = 900 Path: C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                      chrome ID = 5624 Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                      chrome ID = 1872 Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                      SkyDrive ID = 5220 Path: C:\Windows\System32\skydrive.exe
                      unsecapp ID = 6988 Path: C:\WINDOWS\system32\wbem\unsecapp.exe
                      nvstreamsvc ID = 4480 Path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
                      chrome ID = 4040 Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                      NAT ID = 4224 Path: C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
                      chrome ID = 1064 Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
                      ==================== REG SCAN ===================================

                      Empthy keys and/or values aren't logged !

                      ==================== SESSION MANAGER ============================

                      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\
                      BootExecute = autocheck autochk *
                      ==================== WINLOGON ===================================

                      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

                      Userinit = C:\Windows\system32\userinit.exe,
                      Shell = explorer.exe

                      ==================== ShellServiceObjectDelayLoad ================

                      HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

                      WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
                      File in HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InProcServer32\

                      ==================== Shell Extensions\Approved ==================

                      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

                      {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = WebCheck
                      {08165EA0-E946-11CF-9C87-00AA005127ED} = WebCheckWebCrawler
                      File in HKCR\CLSID\{08165EA0-E946-11CF-9C87-00AA005127ED}\InProcServer32\ = C:\Windows\System32\webcheck.dll

                      ==================== Shell Extensions\Approved WOW 6432 =========

                      HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
                      {08165EA0-E946-11CF-9C87-00AA005127ED} = WebCheckWebCrawler
                      {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = WebCheck

                      ==================== SharedTaskScheduler ========================

                      HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\



                      File in HKCR\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32\ = C:\WINDOWS\system32\explorerframe.dll

                      ==================== RUN KEYS====================================

                      HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
                      HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
                      HKCU\Software\Microsoft\Windows\CurrentVersion\Run

                      CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
                      Skype = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
                      HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
                      HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
                      HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
                      HKLM\Software\Microsoft\Windows\CurrentVersion\Run

                      BtServer = "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
                      ETDCtrl = C:\Program Files\Elantech\ETDCtrl.exe
                      IAStorIcon = "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
                      MBCfg64 = C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
                      NvBackend = "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
                      Radio Manager = C:\Program Files (x86)\SCM\Radio Manager.exe
                      RTHDVCPL = "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
                      SCM = C:\Program Files (x86)\SCM\SCM.exe
                      ShadowPlay = C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

                      HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

                      iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
                      RemoteControl10 = "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
                      Sound Blaster Cinema = "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
                      Super-Charger = C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
                      UpdReg = C:\Windows\UpdReg.EXEHKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
                      HKCU\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce

                      ==================== vVv Krepper Trojan Pointers vVv ============

                      HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run

                      ==================== RUN SERVICES ===============================

                      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
                      HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
                      HKU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
                      HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
                      HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
                      HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

                      ==================== Shell Folder ===============================

                      HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
                      Startup = C:\Users\skwer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

                      HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

                      ==================== DLL Loaded =================================

                      HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows


                      ( 0x0 – Load any DLLs. 0x1 – Load only code-signed DLLs.)



                      HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load


                      ==================== ShellExecuteHooks ==========================

                      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks

                      ==================== Command Processor ==========================

                      HKLM\Software\Microsoft\Command Processor
                      HKCU\Software\Microsoft\Command Processor

                      ==================== BROWSER HELPER OBJECTS =====================

                      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

                      # Not exist #

                      ==================== BHO - CLSID Wow6432Node ====================

                      HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects

                      {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} = Norton Identity Protection
                      File in HKCR\Wow6432Node\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\InProcServer32\
                      = C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll

                      --------------------------------------------------------------------
                      {6D53EC84-6AAE-4787-AEEE-F4628F01010C} = Norton Vulnerability Protection
                      File in HKCR\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\InProcServer32\
                      = C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL

                      --------------------------------------------------------------------
                      ==================== TOOLBAR ====================================

                      HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar

                      # Not exist #

                      ==================== TOOLBAR - Wow6432Node ======================

                      HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar

                      # Not exist #

                      ==================== URL SEARCH HOOKS ===========================

                      HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks

                      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks

                      HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks

                      ==================== SAFE BOOT ==================================

                      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

                      AlternateShell = cmd.exe
                      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

                      {533C5B84-EC70-11D2-9505-00C04F79DEAF}
                      = Volume shadow copy{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
                      = IEEE 1394 Bus host controllers{D48179BE-EC20-11D1-B6B8-00C04FA372A7}
                      = SBP2 IEEE 1394 Devices{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}
                      = SecurityDevices

                      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

                      {50DD5230-BA8A-11D1-BF5D-0000F805F530}
                      = Smart card readers{533C5B84-EC70-11D2-9505-00C04F79DEAF}
                      = Volume shadow copy{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
                      = IEEE 1394 Bus host controllers{D48179BE-EC20-11D1-B6B8-00C04FA372A7}
                      = SBP2 IEEE 1394 Devices{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}
                      = SecurityDevicesDnsCache
                      = ServiceWudfPf
                      = DriverWudfRd
                      = DriverWudfSvc
                      = ServiceWudfUsbccidDriver
                      = Driver
                      ==================== DESKTOP ====================================

                      HKCU\Control Panel\Desktop

                      ScreenSaveActive = 1
                      HKCU\Software\Policies\Microsoft\Windows\Control Panel\Desktop\SCRNSAVE.EXE
                      ==================== SECURITYPROVIDERS ==========================

                      HKLM\system\currentcontrolset\control\securityproviders

                      SecurityProviders = credssp.dll
                      File in C:\WINDOWS\System32\credssp.dll 21504 bytes [ 8/22/2013 11:01:38 AM ]
                      ==================== SVCHOST (White Listed) ==================

                      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost

                      All ok
                      ==================== WOW-SVCHOST ================================

                      HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost

                      All ok==================== INTERFACES =================================

                      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces

                      {377193D9-20CA-4DFE-BEB7-473AF2522D15}
                      {4A18BEB6-0FCE-403A-8F0D-AD991703917A}
                      {5084318E-5CB8-4588-A5CE-9E8B4FC92A76}
                      {7e43b212-0886-11e4-824e-806e6f6e6963}
                      {864B0E7E-D229-47A6-9C06-92CDA8AE4E89}
                      {8718928D-CBEB-45EA-A621-800A9249001D}
                      {DB167F47-10A4-4B35-87F2-2BCEA1FE4290}
                      {E322AB28-821E-47A0-8B8D-AC8D4BD4544B}

                      ==================== SEARCHSCOPES ===============================

                      HKCU\Software\Microsoft\Internet Explorer\SearchScopes

                      DefaultScope :

                      {140933CD-4278-4450-99AF-09287DDCC2E0}
                      URL :


                      HKLM\Software\Microsoft\Internet Explorer\SearchScopes

                      DefaultScope : {140933CD-4278-4450-99AF-09287DDCC2E0}

                      {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
                      URL : http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


                      {140933CD-4278-4450-99AF-09287DDCC2E0}
                      URL : http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;


                      ==================== Job files ==================================

                      There are no .job files found.
                      =================================================================

                      Log finished at 7/16/2014 9:26:47 PM
                      Thanks for using PC Info...
                      ==================== END ========================================

                      Comment


                      • #12
                        Click image for larger version

Name:	Screenshot_1.png
Views:	1
Size:	168,3 KB
ID:	1067783
                        ik zie alleen 1 windows Live essentials, ik denk dat de anderen gewoon taalpakketten zijn?

                        safefinder:
                        Click image for larger version

Name:	Screenshot_2.png
Views:	1
Size:	53,6 KB
ID:	1067785

                        Comment


                        • #13
                          Download SystemLook.exe x64 en plaats het bestand op het Bureaublad.
                          Dubbelklik SystemLook.exe om het programma te starten.
                          In het venster dat opent kopieer je onderstaande code:

                          Code:
                          :filefind
                          SafeFinder*.*
                          :folderfind
                          SafeFinder
                          :regfind
                          SafeFinder
                          Klik op de knop "Look" om de scan te activeren.

                          Als de scan klaar is opent een tekstbestand (SystemLook.txt).
                          Post de inhoud van dit bestand.
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            SystemLook 30.07.11 by jpshortstuff
                            Log created at 19:52 on 17/07/2014 by skwer
                            Administrator - Elevation successful

                            ========== filefind ==========

                            Searching for "SafeFinder*.*"
                            C:\Users\skwer\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\SafeFinder.exe.log --a---- 1856 bytes [17:12 15/07/2014] [17:12 15/07/2014] B523ADBB5C9B1FCCEE5D33675A2570A8

                            ========== folderfind ==========

                            Searching for "SafeFinder"
                            No folders found.

                            ========== regfind ==========

                            Searching for "SafeFinder"
                            [HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\95E0D778DBC66C3469F6F1B43A34EACE]
                            "ProductName"="SafeFinder Smartbar"
                            [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
                            "Search Page"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
                            "Search Bar"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
                            "Default_Search_URL"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
                            "SearchAssistant"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
                            "Default"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
                            "45"="C:\Users\skwer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://feed.safefinder.com/?publisher=ONSF&dpid=ONSF&co=BE&userid=2a0c5d97-57da-2e9d-fbbd-d3d7360a21e7&searchtype=sc&installDate=15/07/2014&barcodeid=144394&um=0&type=YHS_SF_200"
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-4198493009-2866509684-3810770006-1002\Products\95E0D778DBC66C3469F6F1B43A34EACE\InstallProperties]
                            "URLInfoAbout"="http://www.linkury.com/faq/s/faq.aspx?company=SafeFinder"
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-4198493009-2866509684-3810770006-1002\Products\95E0D778DBC66C3469F6F1B43A34EACE\InstallProperties]
                            "DisplayName"="SafeFinder Smartbar"
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
                            "Default"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SafeFinder_RASAPI32]
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SafeFinder_RASMANCS]
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{877D0E59-6CBD-43C6-966F-1F4BA343AEEC}]
                            "URLInfoAbout"="http://www.linkury.com/faq/s/faq.aspx?company=SafeFinder"
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{877D0E59-6CBD-43C6-966F-1F4BA343AEEC}]
                            "DisplayName"="SafeFinder Smartbar"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002\Software\Microsoft\Installer\Products\95E0D778DBC66C3469F6F1B43A34EACE]
                            "ProductName"="SafeFinder Smartbar"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002\Software\Microsoft\Internet Explorer\Main]
                            "Search Page"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002\Software\Microsoft\Internet Explorer\Main]
                            "Search Bar"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002\Software\Microsoft\Internet Explorer\Search]
                            "Default_Search_URL"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002\Software\Microsoft\Internet Explorer\Search]
                            "SearchAssistant"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002\Software\Microsoft\Internet Explorer\SearchUrl]
                            "Default"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
                            "45"="C:\Users\skwer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://feed.safefinder.com/?publisher=ONSF&dpid=ONSF&co=BE&userid=2a0c5d97-57da-2e9d-fbbd-d3d7360a21e7&searchtype=sc&installDate=15/07/2014&barcodeid=144394&um=0&type=YHS_SF_200"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Installer\Products\95E0D778DBC66C3469F6F1B43A34EACE]
                            "ProductName"="SafeFinder Smartbar"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main]
                            "Search Page"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main]
                            "Search Bar"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Search]
                            "Default_Search_URL"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Search]
                            "SearchAssistant"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchUrl]
                            "Default"="http://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPluFW8ZL2LcBnHFHxkOIDn127c3-Y4A1n4tFjurFH1YRU2P7ZfSArJMOGvF4kBVNWqwidq6DyVj-F1dNqsMejC3uTTAqfOODF5qTeO_93t0-bF5p-pw41aKL7zoIw-RiJhjgg87zPE3KG3KQtNLmnQBxN4,&q={searchTerms}"
                            [HKEY_USERS\S-1-5-21-4198493009-2866509684-3810770006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
                            "45"="C:\Users\skwer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://feed.safefinder.com/?publisher=ONSF&dpid=ONSF&co=BE&userid=2a0c5d97-57da-2e9d-fbbd-d3d7360a21e7&searchtype=sc&installDate=15/07/2014&barcodeid=144394&um=0&type=YHS_SF_200"

                            -= EOF =-

                            Comment


                            • #15
                              Doe eens deze stappen met RIES om je IE settings te herstellen.


                              Download of Update Ccleaner

                              Start CCleaner op.
                              • Run Ccleaner en klik in de linkse kolom op Opties
                              • Selecteer het tabblad Geavanceerd
                              • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                              • Selecteer het tabblad Instellingen
                              • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                              • Klik in de linkse kolom op Cleaner.
                              • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                              • Klik vervolgens in de linkse kolom op Register
                              • Klik op Scan naar problemen.
                              • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                              • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK



                              Daarna voer je terug de procedure met SystemLooks uit.
                              Post de log.
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X