Mededeling

Collapse
No announcement yet.

Traag en rare opstartpagina

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Traag en rare opstartpagina

    Deze laptop is traag waarschijnlijk door malware .
    Heb een scan dmv malwarebytes uitgevoerd maar blijft traag.
    Hier alvast een dds logfile die ik heb gemaakt.
    alvast bedankt....

    DDS (Ver_2012-11-05.02) - NTFS_x86
    Internet Explorer: 9.0.8112.16563 BrowserJavaVersion: 10.13.2
    Run by Denise at 15:05:02 on 2014-08-21
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2936.1572 [GMT 2:00]
    .
    AV: ESET NOD32 Antivirus 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: ESET NOD32 Antivirus 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Windows\system32\dlbkcoms.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\Program Files\veiligheidspakket\fshoster32.exe
    C:\Windows\system32\FsUsbExService.Exe
    C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
    C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
    C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
    C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Program Files\TOSHIBA\TECO\TecoService.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe
    C:\Program Files\TOSHIBA\TECO\TEco.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Toshiba TEMPRO\TemproTray.exe
    C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
    C:\Program Files\FTS\LASER MOUSE\1.0\GTGMouse.exe
    C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files\CyberLink\Shared Files\brs.exe
    C:\Program Files\Mobogenie\DaemonProcess.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
    C:\Program Files\WinZip\WZQKPICK32.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
    C:\Windows\ehome\ehsched.exe
    C:\Windows\system32\igfxext.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\ehome\ehRecvr.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Sony\Sony PC Companion\PCCService.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.nl/
    uSearch Bar = hxxp://www.google.com/ie
    uDefault_Page_URL = www.google.com
    mDefault_Page_URL = www.google.com
    uProxyServer = alc-proxy:8080
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: {d00f20d3-6e9f-40ff-860b-e5bb7c5a0b1a} - <orphaned>
    uURLSearchHooks: {46735dee-f862-49d1-876d-6382794dc625} - <orphaned>
    uURLSearchHooks: {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - <orphaned>
    mURLSearchHooks: {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - <orphaned>
    dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
    BHO: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: <No Name>: - LocalServer32 - <no file>
    uRun: [TOSHIBA Online Product Information] c:\program files\toshiba\toshiba online product information\topi.exe
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
    uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
    uRun: [Smart Driver Updater] c:\program files\smart driver updater\SDULauncher.exe
    uRun: [Sony PC Companion] "c:\program files\sony\sony pc companion\PCCompanion.exe" /Background
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
    mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
    mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP
    mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
    mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
    mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosSENotify.exe
    mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
    mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe
    mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
    mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [SmartFaceVWatcher] c:\program files\toshiba\smartfacev\SmartFaceVWatcher.exe
    mRun: [Teco] "c:\program files\toshiba\teco\Teco.exe" /r
    mRun: [TPCHWMsg] c:\program files\toshiba\tphm\TPCHWMsg.exe
    mRun: [NDSTray.exe] "c:\program files\toshiba\configfree\NDSTray.exe"
    mRun: [cfFncEnabler.exe] "c:\program files\toshiba\configfree\cfFncEnabler.exe"
    mRun: [Toshiba TEMPRO] c:\program files\toshiba tempro\TemproTray.exe
    mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaReminder.exe
    mRun: [GTGMOUSE] "c:\program files\fts\laser mouse\1.0\GTGMouse.exe"
    mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"
    mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"
    mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
    mRun: [TWebCamera] "c:\program files\toshiba\toshiba web camera application\TWebCamera.exe" autorun
    mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
    mRun: [mobilegeni daemon] c:\program files\mobogenie\DaemonProcess.exe
    mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
    mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBGAFIARQBFAC0AVgA2AFoASgBBAC0AQgBOADIAWQBRAC0ARgAzAFYAUwBSAC0AVgBXAFMAUgA0AC0AVgBZADcATQBa AA"&"inst=NwA3AC0AMQA4ADEAOQA0ADEAMgA4ADMALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWA BPADMANgArADEALQBGADkATQA3AEMAKwA1AC0AWABPADkAKwAxAC0ARgA5AE0AMwArADEALQBEAEQAVAArADUANwA2ADMALQBEAE QAOQAwAEYAKwAxAC0AUwBUADkAMABGAEEAUABQACsAMQAtAEYAOQAwAE0AMQAyAEUAVAArADEALQBUAEIAKwAxAC0AVQA5ADUAKw AxAC0ARgBVAEkAKwAyAC0ARgA5ADAAVABCACsAMgAtAEYAOQAwAE0AMQAyAFIAKwAxAC0AVgBJAFAAMQAyACsAMQAtAFQATAArAD EA"&"prod=90"&"ver=9.0.894
    dRun: [TOSHIBA Online Product Information] c:\program files\toshiba\toshiba online product information\topi.exe
    StartupFolder: c:\users\denise\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
    IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1346-71494-26233-2/4
    IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
    IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/...k-21&site=home
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    TCP: NameServer = 192.168.2.1
    TCP: Interfaces\{CFF7E900-5BDF-42FA-A940-38244D371F75} : DHCPNameServer = 192.168.2.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    Notify: igfxcui - igfxdev.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2013-9-17 188808]
    R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2013-9-17 134248]
    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/01 14:33:04];c:\program files\cyberlink\powerdvd9\000.fcl [2009-2-28 87536]
    R2 camsvc;TOSHIBA Web Camera Service;c:\program files\toshiba\toshiba web camera application\TWebCameraSrv.exe [2009-7-30 20544]
    R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
    R2 dlbk_device;dlbk_device;c:\windows\system32\dlbkcoms.exe -service --> c:\windows\system32\dlbkcoms.exe -service [?]
    R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2013-9-12 1337752]
    R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2013-9-17 122376]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
    R2 fshoster;F-Secure Dll Hoster;c:\program files\veiligheidspakket\fshoster32.exe [2012-11-26 183864]
    R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-2-24 233472]
    R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-8-19 1809720]
    R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup 3.0\SymcPCCULaunchSvc.exe [2013-6-23 132504]
    R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-10-9 5095264]
    R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\toshiba tempro\TemproSvc.exe [2009-3-23 116104]
    R2 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-7-30 62776]
    R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-4-24 176128]
    R2 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD/SSD-waarschuwingsservice;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-3-17 73728]
    R2 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-4-15 656752]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2013\TuneUpUtilitiesService32.exe [2012-10-8 1699168]
    R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-3-20 12920]
    R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-2-24 36608]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-9-22 112128]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-10-19 23256]
    R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
    R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-7-30 22272]
    R3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2013-4-13 155824]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2013\TuneUpUtilitiesDriver32.sys [2012-9-19 10088]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-8-19 860472]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
    S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-1 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
    S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-6-15 30192]
    S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-8-19 51928]
    S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-2-24 90112]
    S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-2-24 14976]
    S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-2-24 121856]
    S3 WPFFontCache_v0400;Windows Presentation Foundation-lettertypecache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
    .
    =============== File Associations ===============
    .
    FileExt: .ini: Applications\vlc.exe="c:\program files\videolan\vlc\vlc.exe" --started-from-file "%1" [UserChoice]
    ShellExec: PortraitProfessional.exe: open="c:\program files\portrait professional 11 trial\PortraitProfessionalTrial.exe" /P "%1"
    .
    =============== Created Last 30 ================
    .
    2014-08-21 12:15:27 -------- d-----w- c:\users\denise\appdata\local\ESET
    2014-08-20 17:27:50 -------- d-----w- c:\program files\XBMC
    2014-08-20 17:25:43 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{180c05ad-8303-408e-b48a-41935e9d00b7}\offreg.dll
    2014-08-20 14:57:10 -------- d-----w- c:\program files\ESET
    2014-08-19 19:47:56 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-08-19 19:47:22 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-08-19 19:47:22 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
    2014-08-19 19:47:22 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
    2014-08-19 15:00:50 8581864 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{180c05ad-8303-408e-b48a-41935e9d00b7}\mpengine.dll
    2014-08-15 01:06:43 99480 ----a-w- c:\windows\system32\infocardapi.dll
    2014-08-15 01:06:43 619664 ----a-w- c:\windows\system32\icardagt.exe
    2014-08-15 01:06:42 8856 ----a-w- c:\windows\system32\icardres.dll
    2014-08-15 01:06:39 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
    2014-08-14 17:53:19 2054656 ----a-w- c:\windows\system32\win32k.sys
    2014-08-14 17:53:18 297984 ----a-w- c:\windows\system32\gdi32.dll
    .
    ==================== Find3M ====================
    .
    2014-08-21 07:05:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2014-08-21 07:05:26 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2014-08-05 07:20:02 231584 ------w- c:\windows\system32\MpSigStub.exe
    2014-07-24 17:58:33 1810432 ----a-w- c:\windows\system32\jscript9.dll
    2014-07-24 17:51:52 1129472 ----a-w- c:\windows\system32\wininet.dll
    2014-07-24 17:51:19 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2014-07-24 17:49:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2014-07-24 17:49:38 421376 ----a-w- c:\windows\system32\vbscript.dll
    2014-07-24 17:48:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2014-07-24 17:48:21 11776 ----a-w- c:\windows\system32\mshta.exe
    2014-07-08 00:46:44 2048 ----a-w- c:\windows\system32\tzres.dll
    2014-06-14 00:44:11 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2014-06-14 00:33:17 37376 ----a-w- c:\windows\system32\cdd.dll
    2014-06-06 08:59:38 506880 ----a-w- c:\windows\system32\qedit.dll
    2014-06-02 10:31:00 332800 ----a-w- c:\windows\system32\msihnd.dll
    2014-06-02 10:31:00 2263552 ----a-w- c:\windows\system32\msi.dll
    2014-06-02 10:30:31 1993728 ----a-w- c:\windows\system32\authui.dll
    2014-06-02 10:30:29 33280 ----a-w- c:\windows\system32\appinfo.dll
    2014-06-02 08:56:30 82432 ----a-w- c:\windows\system32\consent.exe
    2014-05-30 06:53:22 273408 ----a-w- c:\windows\system32\drivers\afd.sys
    .
    ============= FINISH: 15:06:04,61 ===============

  • #2
    Hoi Scenic,

    De eerste stap is het uitvoeren van deze richtlijn: !!! BELANGRIJK !!!: Lees dit eerst voor je een bericht plaatst!

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      IK heb alles gelezen en uitgeprobeerd volgens mij kon ik dit nu als eerste logfile plaatsen van Gmer.
      Ik heb via malwarebytes geen kwaadaardige malware meer....toch zie ik graag mijn laptop alsnog gecontroleerd.



      GMER 2.1.19357 - http://www.gmer.net
      Rootkit scan 2014-08-22 20:20:00
      Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.FG01 298,09GB
      Running: tub77h6i.exe; Driver: C:\Users\Denise\AppData\Local\Temp\pgryypob.sys


      ---- System - GMER 2.1 ----

      SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwCreateThread [0x92195F80]
      SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwLoadDriver [0x92196040]
      SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwSetSystemInformation [0x92196000]
      SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys ZwSystemDebugControl [0x92195FC0]

      ---- Kernel code sections - GMER 2.1 ----

      .text ntkrnlpa.exe!KeSetEvent + 221 830C886C 4 Bytes [80, 5F, 19, 92] {SBB BYTE [EDI+0x19], 0x92}
      .text ntkrnlpa.exe!KeSetEvent + 37D 830C89C8 4 Bytes [40, 60, 19, 92]
      .text ntkrnlpa.exe!KeSetEvent + 5DD 830C8C28 4 Bytes [00, 60, 19, 92] {ADD [EAX+0x19], AH; XCHG EDX, EAX}
      .text ntkrnlpa.exe!KeSetEvent + 619 830C8C64 4 Bytes [C0, 5F, 19, 92] {RCR BYTE [EDI+0x19], 0x92}
      .text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x83F59480, 0x3C939, 0xE8000020]
      .dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x83F9A900, 0x3CA, 0x48000040]
      .text C:\Program Files\CyberLink\PowerDVD9\000.fcl section is writeable [0xB2587000, 0x2892, 0xE8000020]
      .vmp2 C:\Program Files\CyberLink\PowerDVD9\000.fcl entry point in ".vmp2" section [0xB25AA050]

      ---- User code sections - GMER 2.1 ----

      .text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1804] kernel32.dll!SetUnhandledExceptionFilter 7646A9BD 4 Bytes [C2, 04, 00, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtCreateFile + 6 77D6426A 4 Bytes [28, 88, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtCreateFile + B 77D6426F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtMapViewOfSection + 6 77D649BA 4 Bytes [28, 8B, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtMapViewOfSection + B 77D649BF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenFile + 6 77D64A4A 4 Bytes [68, 88, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenFile + B 77D64A4F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenProcess + 6 77D64ACA 4 Bytes [A8, 89, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenProcess + B 77D64ACF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenProcessToken + B 77D64ADF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenProcessTokenEx + 6 77D64AEA 4 Bytes [A8, 8A, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenProcessTokenEx + B 77D64AEF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenThread + 6 77D64B3A 4 Bytes [68, 89, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenThread + B 77D64B3F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenThreadToken + 6 77D64B4A 4 Bytes [68, 8A, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenThreadToken + B 77D64B4F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtOpenThreadTokenEx + B 77D64B5F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtQueryAttributesFile + 6 77D64BEA 4 Bytes [A8, 88, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtQueryAttributesFile + B 77D64BEF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtQueryFullAttributesFile + B 77D64C9F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtSetInformationFile + 6 77D6517A 4 Bytes [28, 89, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtSetInformationFile + B 77D6517F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtSetInformationThread + 6 77D651CA 4 Bytes [28, 8A, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtSetInformationThread + B 77D651CF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtUnmapViewOfSection + 6 77D6546A 4 Bytes [68, 8B, 1F, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4616] ntdll.dll!NtUnmapViewOfSection + B 77D6546F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4864] ntdll.dll!NtMapViewOfSection + 6 77D649BA 4 Bytes [18, 10, 0E, 69]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[4864] ntdll.dll!NtMapViewOfSection + B 77D649BF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtCreateFile + 6 77D6426A 4 Bytes [28, EC, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtCreateFile + B 77D6426F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtMapViewOfSection + 6 77D649BA 4 Bytes [28, EF, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtMapViewOfSection + B 77D649BF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenFile + 6 77D64A4A 4 Bytes [68, EC, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenFile + B 77D64A4F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenProcess + 6 77D64ACA 4 Bytes [A8, ED, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenProcess + B 77D64ACF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenProcessToken + B 77D64ADF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenProcessTokenEx + 6 77D64AEA 4 Bytes [A8, EE, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenProcessTokenEx + B 77D64AEF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenThread + 6 77D64B3A 4 Bytes [68, ED, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenThread + B 77D64B3F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenThreadToken + 6 77D64B4A 4 Bytes [68, EE, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenThreadToken + B 77D64B4F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtOpenThreadTokenEx + B 77D64B5F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtQueryAttributesFile + 6 77D64BEA 4 Bytes [A8, EC, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtQueryAttributesFile + B 77D64BEF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtQueryFullAttributesFile + B 77D64C9F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtSetInformationFile + 6 77D6517A 4 Bytes [28, ED, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtSetInformationFile + B 77D6517F 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtSetInformationThread + 6 77D651CA 4 Bytes [28, EE, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtSetInformationThread + B 77D651CF 1 Byte [E2]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtUnmapViewOfSection + 6 77D6546A 4 Bytes [68, EF, C8, 00]
      .text C:\Users\Denise\AppData\Local\Google\Chrome\Application\chrome.exe[5848] ntdll.dll!NtUnmapViewOfSection + B 77D6546F 1 Byte [E2]

      ---- User IAT/EAT - GMER 2.1 ----

      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73DA7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73DEB4F1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73DABB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73D9F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73DA75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73D9E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73DD73F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73DADA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73D9FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73D9FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73D971CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73E2CB12] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73DCC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73D9D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73D96853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73D9687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll
      IAT C:\Windows\Explorer.EXE[2016] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73DA2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.19096_none_9e59a14eca0fa8d e\gdiplus.dll

      ---- Devices - GMER 2.1 ----

      AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
      AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys

      ---- Registry - GMER 2.1 ----

      Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\[email protected] 0x40 0x64 0xFD 0x86 ...

      ---- EOF - GMER 2.1 ----

      Comment


      • #4
        Hoi scenic,

        Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
        .
        • Log enkel in als beheerder met alle rechten.
        • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
        • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
        • Volg aandachtig de instructies die door mij worden gegeven.
        • Volg enkel het door mij gegeven advies op
        • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
        • Als je iets niet weet of verstaat, vraag het dan even aub.
        • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
        • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
        • Zet je emoticons (Smileys) uit als je logs plaatst aub . ( INFO )
        • De logs niet als bijlage, noch tussen codetags zetten aub.

        .
        Opmerking: Alle tools steeds uitvoeren als admin.
        De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

        Heb je deze richtlijnen gelezen en begrepen, mag je verder gaan.....



        Stap 1:

        Malware scannen en verwijderen....

        Installeer MBAM 2.0 (info & download link)

        Start MBAM.
        Klik bovenin het scherm van Malwarebytes Anti-Malware op Scan.
        Kies in het scherm voor de Aangepaste scan en vink de partities aan die van toepassing zijn (c:\ d\ enz..)
        Klik vervolgens op de knop Scan nu.

        Voor het scannen wordt er altijd eerst automatisch gecontroleerd of er updates van de virusdefinities beschikbaar zijn, indien er een update beschikbaar is, moet je deze eerst laten installeren.

        Wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijg je hier een overzicht van.
        Selecteer om allen in quarantaine te plaatsen.
        Bij de melding dat uw computer opnieuw opgestart moet worden klik je op Ja.

        Na herstart van de PC, indien Malwarebytes heeft gevraagd om de PC opnieuw op te starten, open Malwarebytes opnieuw.
        Klik de Historie knop bovenaan in het menu.
        Klik vervolgens op de optie programmalogboeken en selecteer het Scanlogboek wat u wilt exporteren. Dit is de laatste scan die je hebt gedaan (kan je zien aan de datum en tijd).
        Selecteer deze om te bekijken.
        In een nieuw venster dat zal openen zal je de resultaten van je scan zien.

        Onderaan, selecteer ofwel om te exporteren als tekstbestand en geef het tekstbestand een naam, bijvoorbeeld mbamlog.
        Ofwel kan je selecteren om te kopieren naar het klembord, zodat de inhoud van de log naar je klembord wordt gekopieerd en je die zo in je volgende post kan plakken.
        .___________________________________________________________

        Stap 2:

        Controle op slechte toolbars...

        Download AdwCleaner by Xplode naar je Bureaublad.
        • Sluit alle openstaande vensters
        • Start AdwCleaner
        • Klik op Scannen
        • Klik op Verwijderen
        • KLIK HIER voor een vergroting! 

        Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
        Je PC word opnieuw opgestart en er een opent een logfile (C:\ AdwCleaner\AdwCleaner[xx].txt
        Post deze inhoud hier op het Forum.

        Enkel de log na de "Verwijderen" optie heb ik nodig.

        Vergeet niet om je "smileys" uit te schakelen.

        Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in.
        Deze word standaard door AdwCleaner terug gezet naar Google.com
        ___________________________________________________________

        Stap 3:

        Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


        DDS is een diagnosetool en maakt gebruik van scripts.
        Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


        Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
        Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
        Beide logfiles sla je op je bureaublad.

        Post de inhoud van DDS.txt.

        De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.


        ___________________________________________________________

        Stap 4:

        Download Security Check op je bureaublad via hier of hier

        Start Security Check
        Volg de Instructies in het scherm
        Aan het eind verschijnt een log ( checkup.txt )
        Plaats de inhoud ervan in je volgende antwoord.


        In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
        .
        • MBAM
        • AdwCleaner
        • DDS
        • checkup.txt

        .
        Deze logs NIET als bijlage of tussen codetags posten aub.
        (Desnoods in meerdere postingen.)

        Emphyrio
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Wil het lukken?
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            Ben op dit moment niet in de gelegenheid om het te checken en kom er morgen op terug.
            Bedankt voor je snelle reactie. ..

            Comment


            • #7
              Hallo Emphyrio ,

              Bij deze een logfile van adwcleaner ik kon deze tool niet via deze laptop downloaden dus eerst op een ander gedownload en vervolgens geinstalleerd op deze...ook een scan gedaan via malwarebyte maar deze heeft niets gevonden.



              # AdwCleaner v3.308 - Rapport aangemaakt 24/08/2014 op 21:39:53
              # Laatste Update 20/08/2014 door Xplode
              # Besturingssysteem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
              # Gebruikersnaam : Denise - PC_VAN_DENISE
              # Gestart vanuit : C:\Users\Denise\Desktop\adwcleaner_3.308.exe
              # Optie : Verwijderen

              ***** [ Services ] *****


              ***** [ Bestanden / Mappen ] *****

              Map Verwijderd : C:\ProgramData\apn
              Map Verwijderd : C:\ProgramData\Babylon
              Map Verwijderd : C:\ProgramData\iMesh
              Map Verwijderd : C:\ProgramData\Trymedia
              Map Verwijderd : C:\ProgramData\Uniblue
              Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh
              Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
              Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater
              Map Verwijderd : C:\Program Files\Conduit
              Map Verwijderd : C:\Program Files\iMesh Applications
              Map Verwijderd : C:\Program Files\Mobogenie
              Map Verwijderd : C:\Program Files\MyPC Backup
              Map Verwijderd : C:\Program Files\openit
              Map Verwijderd : C:\Program Files\Perion
              Map Verwijderd : C:\Program Files\Smart Driver Updater
              Map Verwijderd : C:\Program Files\Uniblue
              Map Verwijderd : C:\Program Files\VideoConverter
              Map Verwijderd : C:\Users\Denise\AppData\Local\apn
              Map Verwijderd : C:\Users\Denise\AppData\Local\genienext
              Map Verwijderd : C:\Users\Denise\AppData\Local\iMesh
              Map Verwijderd : C:\Users\Denise\AppData\Local\Mobogenie
              Map Verwijderd : C:\Users\Denise\AppData\Local\PackageAware
              Map Verwijderd : C:\Users\Denise\AppData\Local\Systweak
              Map Verwijderd : C:\Users\Denise\AppData\LocalLow\AVG Security Toolbar
              Map Verwijderd : C:\Users\Denise\AppData\LocalLow\Conduit
              Map Verwijderd : C:\Users\Denise\AppData\LocalLow\Delta
              Map Verwijderd : C:\Users\Denise\AppData\Roaming\DigitalSites
              Map Verwijderd : C:\Users\Denise\AppData\Roaming\Funmoods
              Map Verwijderd : C:\Users\Denise\AppData\Roaming\pccustubinstaller
              Map Verwijderd : C:\Users\Denise\AppData\Roaming\Smart Driver Updater
              Map Verwijderd : C:\Users\Denise\AppData\Roaming\Systweak
              Map Verwijderd : C:\Users\Denise\AppData\Roaming\LimewirePlus
              Map Verwijderd : C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Video Converter
              Map Verwijderd : C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
              Map Verwijderd : C:\Users\Denise\Documents\iMesh
              Map Verwijderd : C:\Users\Denise\Documents\Mobogenie
              Map Verwijderd : C:\Users\Denise\Documents\VideoConverter
              Map Verwijderd : C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
              Map Verwijderd : C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\Extensions\eghepdicbhhbhegihkllkmgjggcjpkma
              Bestand Verwijderd : C:\Users\Denise\AppData\Local\CRE\eghepdicbhhbhegihkllkmgjggcjpkma.crx
              Bestand Verwijderd : C:\END
              Bestand Verwijderd : C:\Users\Public\Desktop\Open It!.lnk
              Bestand Verwijderd : C:\Windows\system32\roboot.exe
              Bestand Verwijderd : C:\Users\Denise\daemonprocess.txt
              Bestand Verwijderd : C:\Users\Denise\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
              Bestand Verwijderd : C:\Users\Denise\Desktop\Video Converter.lnk
              Bestand Verwijderd : C:\Program Files\Mozilla Firefox\user.js

              ***** [ Taken ] *****

              Taak Verwijderd : LaunchApp

              ***** [ Snelkoppelingen ] *****

              Snelkoppeling Gedesinfecteerd : C:\Users\Denise\Desktop\Google Chrome.lnk
              Snelkoppeling Gedesinfecteerd : C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
              Snelkoppeling Gedesinfecteerd : C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
              Snelkoppeling Gedesinfecteerd : C:\Users\Denise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
              Snelkoppeling Gedesinfecteerd : C:\Users\Denise\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
              Snelkoppeling Gedesinfecteerd : C:\Users\Denise\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

              ***** [ Register ] *****

              Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
              Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\eghepdicbhhbhegihkllkmgjggcjpkma
              Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\eghepdicbhhbhegihkllkmgjggcjpkma
              Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
              Waarde Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Smart Driver Updater]
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escort.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\iMesh.AudioCD
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\iMesh.Device
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\iMesh.file
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\nctaudiocdwriter2.audiocdwriter2.1
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn.1
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.Localizer
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.Localizer.1
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter.1
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics.1
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper.1
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy.1
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
              Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArr ival
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArri val
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArr ival
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArri val
              Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
              Sleutel Verwijderd : HKCU\Software\ee8cd1b33dbd14
              Sleutel Verwijderd : HKLM\SOFTWARE\ee8cd1b33dbd14
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{937936AF-28CA-4973-B8AE-F250406149A2}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{01AD9322-02FF-4F4F-AC52-92FDA5AE65F0}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5D9E7BE9-95E5-4392-8CD2-D82DE89589ED}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{0BBF19A5-BE50-4E06-A340-6777A505E490}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{869E753F-BD0D-4832-8131-94FEEE058AE3}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2D77AC8A-0A4C-40D0-9557-51907A575E45}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
              Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
              Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{47E161A0-F4BA-41DD-A17B-D2EB26AD6A02}]
              Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
              Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
              Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{47E161A0-F4BA-41DD-A17B-D2EB26AD6A02}]
              Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{47E161A0-F4BA-41DD-A17B-D2EB26AD6A02}]
              Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{47E161A0-F4BA-41DD-A17B-D2EB26AD6A02}]
              Gegevens Hersteld : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
              Sleutel Verwijderd : HKCU\Software\APN PIP
              Sleutel Verwijderd : HKCU\Software\dsiteproducts
              Sleutel Verwijderd : HKCU\Software\filescout
              Sleutel Verwijderd : HKCU\Software\FunWebProducts
              Sleutel Verwijderd : HKCU\Software\Headlight
              Sleutel Verwijderd : HKCU\Software\IM
              Sleutel Verwijderd : HKCU\Software\Imesh
              Sleutel Verwijderd : HKCU\Software\ImInstaller
              Sleutel Verwijderd : HKCU\Software\Smart Driver Updater
              Sleutel Verwijderd : HKCU\Software\Softonic
              Sleutel Verwijderd : HKCU\Software\Somoto
              Sleutel Verwijderd : HKCU\Software\systweak
              Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit
              Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\iMeshMediabarTb
              Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\MyWebSearch
              Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
              Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\LimewirePlus
              Sleutel Verwijderd : HKLM\SOFTWARE\Babylon
              Sleutel Verwijderd : HKLM\SOFTWARE\Conduit
              Sleutel Verwijderd : HKLM\SOFTWARE\Imesh
              Sleutel Verwijderd : HKLM\SOFTWARE\systweak
              Sleutel Verwijderd : HKLM\SOFTWARE\Tarma Installer
              Sleutel Verwijderd : HKLM\SOFTWARE\Trymedia Systems
              Sleutel Verwijderd : HKLM\SOFTWARE\Uniblue
              Sleutel Verwijderd : HKLM\SOFTWARE\Web Assistant
              Sleutel Verwijderd : HKLM\SOFTWARE\LimewirePlus
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Video Converter
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Driver Updater_is1
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\clickpotatolitesa
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mobogenie
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\openit open it!
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Smart Driver Updater_is1
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic for Windows
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Video Converter
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\LimewirePlus Toolbar
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Installer\Features\1A594BF8F3A4D1C4DB72F3A32B6E7636
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Installer\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636

              ***** [ Browsers ] *****

              -\\ Internet Explorer v9.0.8112.16563


              -\\ Mozilla Firefox v

              -\\ Google Chrome v

              [ Bestand : C:\Users\Denise\AppData\Local\Google\Chrome\User Data\Default\preferences ]

              Verwijderd [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
              Verwijderd [Extension] : eghepdicbhhbhegihkllkmgjggcjpkma
              Verwijderd [Extension] : flpcjncodpafbgdpnkljologafpionhb
              Verwijderd [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg

              *************************

              AdwCleaner[R0].txt - [24192 octets] - [24/08/2014 21:37:31]
              AdwCleaner[S0].txt - [23350 octets] - [24/08/2014 21:39:53]

              ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23411 octets] ##########

              Comment


              • #8
                Heb nu ook de smileys ff uitgezet....

                Comment


                • #9
                  Ik wacht nog op de volgende logs die gevraagd geweest zijn:
                  .
                  • MBAM (Aangepaste scan)
                  • DDS
                  • Checkup.txt

                  .
                  En ik had ze graag vandaag nog gehad.
                  Ben ondertussen bijna drie dagen aan het wachten op de gevraagde logs.
                  Last edited by Emphyrio; 24-08-14, 21:27.
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    Bij gebrek aan feedback zet ik dit topic op opgelost.

                    Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                    Dit is gedaan om het forum netjes en overzichtelijk te houden.

                    Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.


                    Emphyrio
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Hierbij de logs waar om werd gevraagd...ik kon het helaas niet sneller sorry..

                      DDS (Ver_2012-11-20.01) - NTFS_x86
                      Internet Explorer: 9.0.8112.16563 BrowserJavaVersion: 10.13.2
                      Run by Denise at 7:08:40 on 2014-08-25
                      Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2936.1580 [GMT 2:00]
                      .
                      AV: ESET NOD32 Antivirus 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
                      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                      SP: ESET NOD32 Antivirus 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
                      .
                      ============== Running Processes ================
                      .
                      C:\Windows\system32\wininit.exe
                      C:\Windows\system32\lsm.exe
                      C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
                      C:\Windows\system32\SLsvc.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Windows\System32\spoolsv.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
                      C:\Windows\system32\Dwm.exe
                      C:\Windows\Explorer.EXE
                      C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
                      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
                      C:\Windows\system32\dlbkcoms.exe
                      C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
                      C:\Program Files\veiligheidspakket\fshoster32.exe
                      C:\Windows\system32\FsUsbExService.Exe
                      C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
                      C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
                      C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
                      C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
                      C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
                      C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
                      C:\Windows\system32\TODDSrv.exe
                      C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
                      C:\Program Files\TOSHIBA\TECO\TecoService.exe
                      C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
                      C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                      C:\Windows\system32\SearchIndexer.exe
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                      C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
                      C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
                      C:\Windows\system32\wbem\wmiprvse.exe
                      C:\Program Files\Windows Defender\MSASCui.exe
                      C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
                      C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
                      C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
                      C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
                      C:\Windows\System32\igfxtray.exe
                      C:\Program Files\TeamViewer\Version8\TeamViewer.exe
                      C:\Windows\System32\hkcmd.exe
                      C:\Windows\System32\igfxpers.exe
                      C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
                      C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
                      C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
                      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                      C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe
                      C:\Program Files\TOSHIBA\TECO\TEco.exe
                      C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
                      C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
                      C:\Program Files\TeamViewer\Version8\tv_w32.exe
                      C:\Program Files\Toshiba TEMPRO\TemproTray.exe
                      C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
                      C:\Program Files\FTS\LASER MOUSE\1.0\GTGMouse.exe
                      C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
                      C:\Program Files\CyberLink\Shared Files\brs.exe
                      C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
                      C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
                      C:\Windows\ehome\ehtray.exe
                      C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
                      C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
                      C:\Program Files\Windows Media Player\wmpnscfg.exe
                      C:\Windows\system32\wbem\unsecapp.exe
                      C:\Program Files\WinZip\WZQKPICK32.EXE
                      C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
                      C:\Windows\system32\wbem\wmiprvse.exe
                      C:\Windows\system32\igfxsrvc.exe
                      C:\Program Files\Windows Media Player\wmpnetwk.exe
                      C:\Windows\ehome\ehmsas.exe
                      C:\Windows\ehome\ehsched.exe
                      C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
                      C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
                      C:\Windows\system32\igfxext.exe
                      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
                      C:\Windows\ehome\ehRecvr.exe
                      C:\Windows\system32\conime.exe
                      C:\Windows\servicing\TrustedInstaller.exe
                      C:\Program Files\Internet Explorer\iexplore.exe
                      C:\Program Files\Internet Explorer\iexplore.exe
                      C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_176_ActiveX.exe
                      C:\Windows\system32\SearchProtocolHost.exe
                      C:\Windows\system32\SearchFilterHost.exe
                      C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
                      C:\Windows\system32\DllHost.exe
                      C:\Windows\system32\svchost.exe -k DcomLaunch
                      C:\Windows\system32\svchost.exe -k rpcss
                      C:\Windows\System32\svchost.exe -k secsvcs
                      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                      C:\Windows\system32\svchost.exe -k netsvcs
                      C:\Windows\system32\svchost.exe -k GPSvcGroup
                      C:\Windows\system32\svchost.exe -k LocalService
                      C:\Windows\system32\svchost.exe -k NetworkService
                      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                      C:\Windows\system32\svchost.exe -k imgsvc
                      C:\Windows\System32\svchost.exe -k WerSvcGroup
                      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                      .
                      ============== Pseudo HJT Report ===============
                      .
                      uStart Page = hxxp://www.google.nl/
                      uSearch Bar = hxxp://www.google.com/ie
                      uDefault_Page_URL = www.google.com
                      mDefault_Page_URL = www.google.com
                      uProxyServer = alc-proxy:8080
                      uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
                      uURLSearchHooks: {d00f20d3-6e9f-40ff-860b-e5bb7c5a0b1a} - <orphaned>
                      uURLSearchHooks: {46735dee-f862-49d1-876d-6382794dc625} - <orphaned>
                      dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
                      BHO: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
                      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
                      BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
                      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
                      TB: <No Name>: - LocalServer32 - <no file>
                      uRun: [TOSHIBA Online Product Information] c:\program files\toshiba\toshiba online product information\topi.exe
                      uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
                      uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
                      uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
                      uRun: [Sony PC Companion] "c:\program files\sony\sony pc companion\PCCompanion.exe" /Background
                      uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
                      mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
                      mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
                      mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP
                      mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
                      mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
                      mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosSENotify.exe
                      mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
                      mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
                      mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
                      mRun: [Persistence] c:\windows\system32\igfxpers.exe
                      mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
                      mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe
                      mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
                      mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
                      mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
                      mRun: [SmartFaceVWatcher] c:\program files\toshiba\smartfacev\SmartFaceVWatcher.exe
                      mRun: [Teco] "c:\program files\toshiba\teco\Teco.exe" /r
                      mRun: [TPCHWMsg] c:\program files\toshiba\tphm\TPCHWMsg.exe
                      mRun: [NDSTray.exe] "c:\program files\toshiba\configfree\NDSTray.exe"
                      mRun: [cfFncEnabler.exe] "c:\program files\toshiba\configfree\cfFncEnabler.exe"
                      mRun: [Toshiba TEMPRO] c:\program files\toshiba tempro\TemproTray.exe
                      mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaReminder.exe
                      mRun: [GTGMOUSE] "c:\program files\fts\laser mouse\1.0\GTGMouse.exe"
                      mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"
                      mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"
                      mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
                      mRun: [TWebCamera] "c:\program files\toshiba\toshiba web camera application\TWebCamera.exe" autorun
                      mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
                      mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
                      mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBGAFIARQBFAC0AVgA2AFoASgBBAC0AQgBOADIAWQBRAC0ARgAzAFYAUwBSAC0AVgBXAFMAUgA0AC0AVgBZADcATQBa AA"&"inst=NwA3AC0AMQA4ADEAOQA0ADEAMgA4ADMALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWA BPADMANgArADEALQBGADkATQA3AEMAKwA1AC0AWABPADkAKwAxAC0ARgA5AE0AMwArADEALQBEAEQAVAArADUANwA2ADMALQBEAE QAOQAwAEYAKwAxAC0AUwBUADkAMABGAEEAUABQACsAMQAtAEYAOQAwAE0AMQAyAEUAVAArADEALQBUAEIAKwAxAC0AVQA5ADUAKw AxAC0ARgBVAEkAKwAyAC0ARgA5ADAAVABCACsAMgAtAEYAOQAwAE0AMQAyAFIAKwAxAC0AVgBJAFAAMQAyACsAMQAtAFQATAArAD EA"&"prod=90"&"ver=9.0.894
                      dRun: [TOSHIBA Online Product Information] c:\program files\toshiba\toshiba online product information\topi.exe
                      StartupFolder: c:\users\denise\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
                      StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE
                      mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
                      mPolicies-System: EnableUIADesktopToggle = dword:0
                      IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
                      IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
                      IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
                      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
                      IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
                      IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1346-71494-26233-2/4
                      IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
                      IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/...k-21&site=home
                      IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
                      TCP: NameServer = 192.168.2.1
                      TCP: Interfaces\{CFF7E900-5BDF-42FA-A940-38244D371F75} : DHCPNameServer = 192.168.2.1
                      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
                      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
                      Notify: igfxcui - igfxdev.dll
                      LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
                      .
                      ============= SERVICES / DRIVERS ===============
                      .
                      R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2013-9-17 188808]
                      R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2013-9-17 134248]
                      R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/01 14:33:04];c:\program files\cyberlink\powerdvd9\000.fcl [2009-2-28 87536]
                      R2 camsvc;TOSHIBA Web Camera Service;c:\program files\toshiba\toshiba web camera application\TWebCameraSrv.exe [2009-7-30 20544]
                      R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
                      R2 dlbk_device;dlbk_device;c:\windows\system32\dlbkcoms.exe -service --> c:\windows\system32\dlbkcoms.exe -service [?]
                      R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2013-9-12 1337752]
                      R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2013-9-17 122376]
                      R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
                      R2 fshoster;F-Secure Dll Hoster;c:\program files\veiligheidspakket\fshoster32.exe [2012-11-26 183864]
                      R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-2-24 233472]
                      R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-8-23 1809720]
                      R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup 3.0\SymcPCCULaunchSvc.exe [2013-6-23 132504]
                      R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-10-9 5095264]
                      R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\toshiba tempro\TemproSvc.exe [2009-3-23 116104]
                      R2 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-7-30 62776]
                      R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-4-24 176128]
                      R2 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD/SSD-waarschuwingsservice;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-3-17 73728]
                      R2 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-4-15 656752]
                      R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2013\TuneUpUtilitiesService32.exe [2012-10-8 1699168]
                      R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-3-20 12920]
                      R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-2-24 36608]
                      R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-9-22 112128]
                      R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-8-23 23256]
                      R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
                      R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-7-30 22272]
                      R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2013\TuneUpUtilitiesDriver32.sys [2012-9-19 10088]
                      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
                      S2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-8-23 860472]
                      S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
                      S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-1 39272]
                      S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
                      S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-6-15 30192]
                      S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-8-23 51928]
                      S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2013-4-13 155824]
                      S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-2-24 90112]
                      S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-2-24 14976]
                      S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-2-24 121856]
                      S3 WPFFontCache_v0400;Windows Presentation Foundation-lettertypecache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
                      .
                      =============== File Associations ===============
                      .
                      FileExt: .ini: Applications\vlc.exe="c:\program files\videolan\vlc\vlc.exe" --started-from-file "%1" [UserChoice]
                      ShellExec: PortraitProfessional.exe: open="c:\program files\portrait professional 11 trial\PortraitProfessionalTrial.exe" /P "%1"
                      .
                      =============== Created Last 30 ================
                      .
                      2014-08-24 19:38:19 536576 ----a-w- c:\windows\system32\sqlite3.dll
                      2014-08-24 19:34:35 -------- d-----w- C:\AdwCleaner
                      2014-08-23 10:35:43 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                      2014-08-23 10:35:10 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
                      2014-08-23 10:35:10 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
                      2014-08-23 10:35:10 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
                      2014-08-23 10:35:09 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
                      2014-08-23 10:30:58 -------- d-----w- c:\users\denise\appdata\local\Adobe
                      2014-08-22 15:01:54 8581864 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{62270a71-8e37-42f4-b872-ae9207650ca0}\mpengine.dll
                      2014-08-21 12:15:27 -------- d-----w- c:\users\denise\appdata\local\ESET
                      2014-08-20 17:27:50 -------- d-----w- c:\program files\XBMC
                      2014-08-20 14:57:10 -------- d-----w- c:\program files\ESET
                      2014-08-15 01:06:43 99480 ----a-w- c:\windows\system32\infocardapi.dll
                      2014-08-15 01:06:43 619664 ----a-w- c:\windows\system32\icardagt.exe
                      2014-08-15 01:06:42 8856 ----a-w- c:\windows\system32\icardres.dll
                      2014-08-15 01:06:39 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
                      2014-08-14 17:53:19 2054656 ----a-w- c:\windows\system32\win32k.sys
                      2014-08-14 17:53:18 297984 ----a-w- c:\windows\system32\gdi32.dll
                      .
                      ==================== Find3M ====================
                      .
                      2014-08-21 07:05:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
                      2014-08-21 07:05:26 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
                      2014-08-05 07:20:02 231584 ------w- c:\windows\system32\MpSigStub.exe
                      2014-07-24 17:58:33 1810432 ----a-w- c:\windows\system32\jscript9.dll
                      2014-07-24 17:51:52 1129472 ----a-w- c:\windows\system32\wininet.dll
                      2014-07-24 17:51:19 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
                      2014-07-24 17:49:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe
                      2014-07-24 17:49:38 421376 ----a-w- c:\windows\system32\vbscript.dll
                      2014-07-24 17:48:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
                      2014-07-24 17:48:21 11776 ----a-w- c:\windows\system32\mshta.exe
                      2014-07-08 00:46:44 2048 ----a-w- c:\windows\system32\tzres.dll
                      2014-06-14 00:44:11 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
                      2014-06-14 00:33:17 37376 ----a-w- c:\windows\system32\cdd.dll
                      2014-06-06 08:59:38 506880 ----a-w- c:\windows\system32\qedit.dll
                      2014-06-02 10:31:00 332800 ----a-w- c:\windows\system32\msihnd.dll
                      2014-06-02 10:31:00 2263552 ----a-w- c:\windows\system32\msi.dll
                      2014-06-02 10:30:31 1993728 ----a-w- c:\windows\system32\authui.dll
                      2014-06-02 10:30:29 33280 ----a-w- c:\windows\system32\appinfo.dll
                      2014-06-02 08:56:30 82432 ----a-w- c:\windows\system32\consent.exe
                      2014-05-30 06:53:22 273408 ----a-w- c:\windows\system32\drivers\afd.sys
                      .
                      ============= FINISH: 7:09:19,72 ===============

                      Comment


                      • #12
                        Results of screen317's Security Check version 0.99.87
                        Windows Vista Service Pack 2 x86 (UAC is enabled)
                        Internet Explorer 9
                        Internet Explorer 8
                        ``````````````Antivirus/Firewall Check:``````````````
                        ESET NOD32 Antivirus 7.0
                        Antivirus up to date!
                        `````````Anti-malware/Other Utilities Check:`````````
                        TuneUp Utilities 2013
                        TuneUp Utilities Language Pack (nl-NL)
                        TuneUp Utilities 2013
                        CCleaner
                        Java 7 Update 13
                        Java version out of Date!
                        Adobe Flash Player 14.0.0.145
                        Adobe Reader 10.1.10 Adobe Reader out of Date!
                        Google Chrome 36.0.1985.125
                        Google Chrome 36.0.1985.143
                        ````````Process Check: objlist.exe by Laurent````````
                        Windows Defender MSASCui.exe
                        ESET NOD32 Antivirus egui.exe
                        ESET NOD32 Antivirus ekrn.exe
                        Malwarebytes Anti-Malware mbamscheduler.exe
                        Windows Defender MSASCui.exe
                        TOSHIBA Toshiba Online Product Information TOPI.exe
                        `````````````````System Health check`````````````````
                        Total Fragmentation on Drive C: %
                        ````````````````````End of Log``````````````````````

                        Comment


                        • #13
                          Ik mis nog steeds de MBAM log (Aangepaste scan) zoals gevraagd geweest is van in het begin van dit topic, zo'n 4 dagen geleden.

                          Als ik die heb + een verse DDS log (gemaakt na de MBAM scan), dan kunnen we voort.
                          Last edited by Emphyrio; 25-08-14, 06:29.
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            Malwarebytes Anti-Malware
                            www.malwarebytes.org

                            Scandatum: 25-8-2014
                            Scantijd: 16:24:43
                            Logbestand: Mbam.txt
                            Beheerder: Ja

                            Versie: 2.00.2.1012
                            Malwaredatabase: v2014.08.25.03
                            Rootkitdatabase: v2014.08.21.01
                            Licentie: Premium
                            Malwarebescherming: Ingeschakeld
                            Kwaadaardige Website Bescherming: Ingeschakeld
                            Self-protection: Uitgeschakeld

                            Besturingssysteem: Windows Vista Service Pack 2
                            Processor: x86
                            Bestandssysteem: NTFS
                            Gebruiker: Denise

                            Scantype: Aangepaste Scan
                            Resultaat: Voltooid
                            Objecten Gescand: 446325
                            Verstreken Tijd: 1 u, 37 m, 54 s

                            Geheugen: Ingeschakeld
                            Opstarten: Ingeschakeld
                            Bestandssysteem: Ingeschakeld
                            Archieven: Ingeschakeld
                            Rootkits: Uitgeschakeld
                            Heuristics: Ingeschakeld
                            POP: Ingeschakeld
                            POA: Ingeschakeld

                            Processen: 0
                            (No malicious items detected)

                            Modules: 0
                            (No malicious items detected)

                            Registersleutels: 0
                            (No malicious items detected)

                            Registerwaardes: 0
                            (No malicious items detected)

                            Registerdata: 0
                            (No malicious items detected)

                            Mappen: 0
                            (No malicious items detected)

                            Bestanden: 0
                            (No malicious items detected)

                            Fysieke Sectoren: 0
                            (No malicious items detected)


                            (end)

                            Comment


                            • #15
                              DDS (Ver_2012-11-20.01) - NTFS_x86
                              Internet Explorer: 9.0.8112.16563 BrowserJavaVersion: 10.13.2
                              Run by Denise at 18:05:52 on 2014-08-25
                              Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.2936.1407 [GMT 2:00]
                              .
                              AV: ESET NOD32 Antivirus 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
                              SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                              SP: ESET NOD32 Antivirus 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
                              .
                              ============== Running Processes ================
                              .
                              C:\Windows\system32\wininit.exe
                              C:\Windows\system32\lsm.exe
                              C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
                              C:\Windows\system32\SLsvc.exe
                              C:\Windows\system32\taskeng.exe
                              C:\Windows\System32\spoolsv.exe
                              C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
                              C:\Windows\system32\taskeng.exe
                              C:\Windows\system32\Dwm.exe
                              C:\Windows\Explorer.EXE
                              C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
                              C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
                              C:\Windows\system32\dlbkcoms.exe
                              C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
                              C:\Program Files\veiligheidspakket\fshoster32.exe
                              C:\Windows\system32\FsUsbExService.Exe
                              C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
                              C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
                              C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
                              C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
                              C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
                              C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
                              C:\Windows\system32\TODDSrv.exe
                              C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
                              C:\Program Files\TOSHIBA\TECO\TecoService.exe
                              C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
                              C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
                              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                              C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
                              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                              C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
                              C:\Windows\system32\wbem\wmiprvse.exe
                              C:\Program Files\TeamViewer\Version8\TeamViewer.exe
                              C:\Program Files\TeamViewer\Version8\tv_w32.exe
                              C:\Program Files\Windows Defender\MSASCui.exe
                              C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
                              C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
                              C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
                              C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
                              C:\Windows\System32\igfxtray.exe
                              C:\Windows\System32\hkcmd.exe
                              C:\Windows\System32\igfxpers.exe
                              C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
                              C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
                              C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
                              C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                              C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe
                              C:\Program Files\TOSHIBA\TECO\TEco.exe
                              C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
                              C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
                              C:\Program Files\Toshiba TEMPRO\TemproTray.exe
                              C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
                              C:\Program Files\FTS\LASER MOUSE\1.0\GTGMouse.exe
                              C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
                              C:\Program Files\CyberLink\Shared Files\brs.exe
                              C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
                              C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
                              C:\Windows\ehome\ehtray.exe
                              C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
                              C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
                              C:\Program Files\Windows Media Player\wmpnscfg.exe
                              C:\Program Files\WinZip\WZQKPICK32.EXE
                              C:\Windows\system32\wbem\unsecapp.exe
                              C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
                              C:\Windows\system32\wbem\wmiprvse.exe
                              C:\Windows\system32\igfxsrvc.exe
                              C:\Windows\ehome\ehmsas.exe
                              C:\Windows\ehome\ehsched.exe
                              C:\Program Files\Windows Media Player\wmpnetwk.exe
                              C:\Windows\ehome\ehRecvr.exe
                              C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
                              C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
                              C:\Windows\system32\igfxext.exe
                              C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
                              C:\Windows\system32\conime.exe
                              C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
                              C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
                              C:\Program Files\Common Files\Java\Java Update\jusched.exe
                              C:\Windows\system32\SearchIndexer.exe
                              C:\Windows\system32\SearchFilterHost.exe
                              C:\Program Files\Internet Explorer\iexplore.exe
                              C:\Program Files\Internet Explorer\iexplore.exe
                              C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_176_ActiveX.exe
                              C:\Windows\system32\SearchProtocolHost.exe
                              C:\Windows\system32\DllHost.exe
                              C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
                              C:\Windows\system32\svchost.exe -k DcomLaunch
                              C:\Windows\system32\svchost.exe -k rpcss
                              C:\Windows\System32\svchost.exe -k secsvcs
                              C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                              C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                              C:\Windows\system32\svchost.exe -k netsvcs
                              C:\Windows\system32\svchost.exe -k GPSvcGroup
                              C:\Windows\system32\svchost.exe -k LocalService
                              C:\Windows\system32\svchost.exe -k NetworkService
                              C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                              C:\Windows\system32\svchost.exe -k imgsvc
                              C:\Windows\System32\svchost.exe -k WerSvcGroup
                              C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                              .
                              ============== Pseudo HJT Report ===============
                              .
                              uStart Page = hxxp://www.google.nl/
                              uSearch Bar = hxxp://www.google.com/ie
                              uDefault_Page_URL = www.google.com
                              mDefault_Page_URL = www.google.com
                              uProxyServer = alc-proxy:8080
                              uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
                              uURLSearchHooks: {d00f20d3-6e9f-40ff-860b-e5bb7c5a0b1a} - <orphaned>
                              uURLSearchHooks: {46735dee-f862-49d1-876d-6382794dc625} - <orphaned>
                              dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
                              BHO: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
                              BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
                              BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
                              BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
                              TB: <No Name>: - LocalServer32 - <no file>
                              uRun: [TOSHIBA Online Product Information] c:\program files\toshiba\toshiba online product information\topi.exe
                              uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
                              uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
                              uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
                              uRun: [Sony PC Companion] "c:\program files\sony\sony pc companion\PCCompanion.exe" /Background
                              uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
                              mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
                              mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
                              mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP
                              mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
                              mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
                              mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosSENotify.exe
                              mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
                              mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
                              mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
                              mRun: [Persistence] c:\windows\system32\igfxpers.exe
                              mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
                              mRun: [HSON] c:\program files\toshiba\tbs\HSON.exe
                              mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
                              mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
                              mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
                              mRun: [SmartFaceVWatcher] c:\program files\toshiba\smartfacev\SmartFaceVWatcher.exe
                              mRun: [Teco] "c:\program files\toshiba\teco\Teco.exe" /r
                              mRun: [TPCHWMsg] c:\program files\toshiba\tphm\TPCHWMsg.exe
                              mRun: [NDSTray.exe] "c:\program files\toshiba\configfree\NDSTray.exe"
                              mRun: [cfFncEnabler.exe] "c:\program files\toshiba\configfree\cfFncEnabler.exe"
                              mRun: [Toshiba TEMPRO] c:\program files\toshiba tempro\TemproTray.exe
                              mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaReminder.exe
                              mRun: [GTGMOUSE] "c:\program files\fts\laser mouse\1.0\GTGMouse.exe"
                              mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"
                              mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"
                              mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
                              mRun: [TWebCamera] "c:\program files\toshiba\toshiba web camera application\TWebCamera.exe" autorun
                              mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
                              mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
                              mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBGAFIARQBFAC0AVgA2AFoASgBBAC0AQgBOADIAWQBRAC0ARgAzAFYAUwBSAC0AVgBXAFMAUgA0AC0AVgBZADcATQBa AA"&"inst=NwA3AC0AMQA4ADEAOQA0ADEAMgA4ADMALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWA BPADMANgArADEALQBGADkATQA3AEMAKwA1AC0AWABPADkAKwAxAC0ARgA5AE0AMwArADEALQBEAEQAVAArADUANwA2ADMALQBEAE QAOQAwAEYAKwAxAC0AUwBUADkAMABGAEEAUABQACsAMQAtAEYAOQAwAE0AMQAyAEUAVAArADEALQBUAEIAKwAxAC0AVQA5ADUAKw AxAC0ARgBVAEkAKwAyAC0ARgA5ADAAVABCACsAMgAtAEYAOQAwAE0AMQAyAFIAKwAxAC0AVgBJAFAAMQAyACsAMQAtAFQATAArAD EA"&"prod=90"&"ver=9.0.894
                              dRun: [TOSHIBA Online Product Information] c:\program files\toshiba\toshiba online product information\topi.exe
                              StartupFolder: c:\users\denise\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
                              StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE
                              mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
                              mPolicies-System: EnableUIADesktopToggle = dword:0
                              IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
                              IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
                              IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
                              IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
                              IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
                              IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1346-71494-26233-2/4
                              IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
                              IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/...k-21&site=home
                              IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
                              TCP: NameServer = 192.168.2.1
                              TCP: Interfaces\{CFF7E900-5BDF-42FA-A940-38244D371F75} : DHCPNameServer = 192.168.2.1
                              Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
                              Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
                              Notify: igfxcui - igfxdev.dll
                              LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
                              .
                              ============= SERVICES / DRIVERS ===============
                              .
                              R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2013-9-17 188808]
                              R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2013-9-17 134248]
                              R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/01 14:33:04];c:\program files\cyberlink\powerdvd9\000.fcl [2009-2-28 87536]
                              R2 camsvc;TOSHIBA Web Camera Service;c:\program files\toshiba\toshiba web camera application\TWebCameraSrv.exe [2009-7-30 20544]
                              R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
                              R2 dlbk_device;dlbk_device;c:\windows\system32\dlbkcoms.exe -service --> c:\windows\system32\dlbkcoms.exe -service [?]
                              R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2013-9-12 1337752]
                              R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2013-9-17 122376]
                              R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
                              R2 fshoster;F-Secure Dll Hoster;c:\program files\veiligheidspakket\fshoster32.exe [2012-11-26 183864]
                              R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-2-24 233472]
                              R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-8-23 1809720]
                              R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-8-23 860472]
                              R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup 3.0\SymcPCCULaunchSvc.exe [2013-6-23 132504]
                              R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-10-9 5095264]
                              R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\toshiba tempro\TemproSvc.exe [2009-3-23 116104]
                              R2 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-7-30 62776]
                              R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-4-24 176128]
                              R2 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD/SSD-waarschuwingsservice;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-3-17 73728]
                              R2 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-4-15 656752]
                              R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2013\TuneUpUtilitiesService32.exe [2012-10-8 1699168]
                              R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-3-20 12920]
                              R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-2-24 36608]
                              R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-9-22 112128]
                              R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-8-23 23256]
                              R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-8-23 110296]
                              R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-8-23 51928]
                              R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
                              R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-7-30 22272]
                              R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2013\TuneUpUtilitiesDriver32.sys [2012-9-19 10088]
                              S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
                              S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
                              S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-1 39272]
                              S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
                              S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-6-15 30192]
                              S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2013-4-13 155824]
                              S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-2-24 90112]
                              S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-2-24 14976]
                              S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-2-24 121856]
                              S3 WPFFontCache_v0400;Windows Presentation Foundation-lettertypecache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
                              .
                              =============== File Associations ===============
                              .
                              FileExt: .ini: Applications\vlc.exe="c:\program files\videolan\vlc\vlc.exe" --started-from-file "%1" [UserChoice]
                              ShellExec: PortraitProfessional.exe: open="c:\program files\portrait professional 11 trial\PortraitProfessionalTrial.exe" /P "%1"
                              .
                              =============== Created Last 30 ================
                              .
                              2014-08-24 19:38:19 536576 ----a-w- c:\windows\system32\sqlite3.dll
                              2014-08-24 19:34:35 -------- d-----w- C:\AdwCleaner
                              2014-08-23 10:35:43 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                              2014-08-23 10:35:10 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
                              2014-08-23 10:35:10 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
                              2014-08-23 10:35:10 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
                              2014-08-23 10:35:09 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
                              2014-08-23 10:30:58 -------- d-----w- c:\users\denise\appdata\local\Adobe
                              2014-08-22 15:01:54 8581864 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{62270a71-8e37-42f4-b872-ae9207650ca0}\mpengine.dll
                              2014-08-21 12:15:27 -------- d-----w- c:\users\denise\appdata\local\ESET
                              2014-08-20 17:27:50 -------- d-----w- c:\program files\XBMC
                              2014-08-20 14:57:10 -------- d-----w- c:\program files\ESET
                              2014-08-15 01:06:43 99480 ----a-w- c:\windows\system32\infocardapi.dll
                              2014-08-15 01:06:43 619664 ----a-w- c:\windows\system32\icardagt.exe
                              2014-08-15 01:06:42 8856 ----a-w- c:\windows\system32\icardres.dll
                              2014-08-15 01:06:39 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
                              2014-08-14 17:53:19 2054656 ----a-w- c:\windows\system32\win32k.sys
                              2014-08-14 17:53:18 297984 ----a-w- c:\windows\system32\gdi32.dll
                              .
                              ==================== Find3M ====================
                              .
                              2014-08-21 07:05:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
                              2014-08-21 07:05:26 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
                              2014-08-05 07:20:02 231584 ------w- c:\windows\system32\MpSigStub.exe
                              2014-07-24 17:58:33 1810432 ----a-w- c:\windows\system32\jscript9.dll
                              2014-07-24 17:51:52 1129472 ----a-w- c:\windows\system32\wininet.dll
                              2014-07-24 17:51:19 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
                              2014-07-24 17:49:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe
                              2014-07-24 17:49:38 421376 ----a-w- c:\windows\system32\vbscript.dll
                              2014-07-24 17:48:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
                              2014-07-24 17:48:21 11776 ----a-w- c:\windows\system32\mshta.exe
                              2014-07-08 00:46:44 2048 ----a-w- c:\windows\system32\tzres.dll
                              2014-06-14 00:44:11 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
                              2014-06-14 00:33:17 37376 ----a-w- c:\windows\system32\cdd.dll
                              2014-06-06 08:59:38 506880 ----a-w- c:\windows\system32\qedit.dll
                              2014-06-02 10:31:00 332800 ----a-w- c:\windows\system32\msihnd.dll
                              2014-06-02 10:31:00 2263552 ----a-w- c:\windows\system32\msi.dll
                              2014-06-02 10:30:31 1993728 ----a-w- c:\windows\system32\authui.dll
                              2014-06-02 10:30:29 33280 ----a-w- c:\windows\system32\appinfo.dll
                              2014-06-02 08:56:30 82432 ----a-w- c:\windows\system32\consent.exe
                              2014-05-30 06:53:22 273408 ----a-w- c:\windows\system32\drivers\afd.sys
                              .
                              ============= FINISH: 18:06:54,15 ===============

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X