Mededeling

Collapse
No announcement yet.

Vervolg: PC geïnfecteerd?

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Vervolg: PC geïnfecteerd?

    N.a.v. dit topic:

    http://www.nucia.eu/forum/threads/72...C3%AFnfecteerd

    Post ik hier de gevraagde logfiles van Mbam en DDS.

    Logfile Mbam:
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 1-9-2014
    Scan Time: 15:55:45
    Logfile: logfile 1-9.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.09.01.02
    Rootkit Database: v2014.08.21.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: nicole

    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 565933
    Time Elapsed: 2 hr, 3 min, 25 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 5
    PUP.Optional.OptimizerPro, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProReminder.exe.vir, Quarantined, [274fe9fff8839c9af8632312758c2ed2],
    PUP.Optional.OptimizerPro, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir, Quarantined, [6115ebfdd3a8a492fdb04ed9ed1359a7],
    PUP.Optional.OptimizerPro, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProGuard.exe.vir, Quarantined, [c4b26d7bcbb011259ac17eb76d94827e],
    PUP.Optional.OptimizerPro, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSchedule.exe.vir, Quarantined, [cda97d6b7ffc2b0b64f8092c659cb848],
    PUP.Optional.OptimizerPro, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir, Quarantined, [4e28a741bfbcab8bff5ed75ef20f7c84],

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    Logfile DDS:
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.9.2
    Run by nicole at 13:11:39 on 2014-09-04
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3037.2156 [GMT 2:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
    C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
    C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
    C:\Users\nicole\AppData\Roaming\Spotify\spotify.exe
    C:\Users\nicole\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe
    C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
    C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUI.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVAST Software\Avast\avastui.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Users\nicole\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    C:\Users\nicole\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    C:\Users\nicole\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    C:\Users\nicole\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Users\nicole\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    C:\Users\nicole\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.nl/
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    uDefault_Page_URL = www.google.com
    uDefault_Search_URL = hxxp://www.google.com
    mStart Page = www.google.com
    mSearch Page = www.google.com
    mDefault_Page_URL = www.google.com
    mDefault_Search_URL = www.google.com
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
    mWinlogon: Userinit = userinit.exe,
    BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [EPSON SX218 Series] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\Windows\TEMP\E_S6A68.tmp" /EF "HKCU"
    uRun: [Facebook Update] "C:\Users\nicole\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
    uRun: [Spotify] "C:\Users\nicole\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
    uRun: [Spotify Web Helper] "C:\Users\nicole\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"
    mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    mRun: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    StartupFolder: C:\Users\nicole\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ZOOSKM~1.LNK - C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-00109-0002-0009-ABCDEFFEDCBC} - <orphaned>
    IE: {15105F6B-80FF-40d3-B239-AEC9E0E93ACD} - C:\Program Files (x86)\PokerStars.DK\PokerStarsUpdate.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/mjss/MJSS.cab109791.cab
    DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{2C4E1A04-E60C-488C-8BB6-CE7BBBC57E15} : DHCPNameServer = 192.168.42.129
    TCP: Interfaces\{A38FAAF2-65AD-4F06-A943-3E7B3816B62E} : DHCPNameServer = 192.168.0.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-mStart Page = www.google.com
    x64-mSearch Page = www.google.com
    x64-mDefault_Page_URL = www.google.com
    x64-mDefault_Search_URL = www.google.com
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll
    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
    x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
    x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\nicole\AppData\Roaming\Mozilla\Firefox\Profiles\gm2ju1ud.default\
    FF - prefs.js: browser.startup.homepage - hxxps://accounts.google.com/ServiceLogin?service=oz&passive=1209600&continue=https://plus.google.com/?gpsrc%3Dogpy0%26tab%3DwX
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
    FF - plugin: C:\Users\nicole\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\nicole\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-3-7 22600]
    R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-7 65776]
    R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-7 208416]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2012-11-21 1039096]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2012-11-21 423240]
    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
    R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-6-19 29208]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-11-21 79184]
    R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-3-13 85328]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-6-19 50344]
    R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-1-20 166400]
    R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-1-20 128512]
    R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
    R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-5-12 243232]
    R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2010-5-12 138752]
    S2 0072561353527098mcinstcleanup;McAfee Application Installer Cleanup (0072561353527098);C:\Users\nicole\AppData\Local\Temp\007256~1.EXE -cleanup -nolog --> C:\Users\nicole\AppData\Local\Temp\007256~1.EXE -cleanup -nolog [?]
    S2 avgwd;AVG WatchDog;"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" --> C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]
    S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-15 111616]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-4-9 289256]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-5-23 155824]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-14 59392]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-5 1255736]
    .
    =============== Created Last 30 ================
    .
    2014-09-02 09:20:15 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6F503A1A-A05E-421C-A285-034BFE141859}\mpengine.dll
    2014-08-28 08:37:58 3163648 ----a-w- C:\Windows\System32\win32k.sys
    2014-08-28 08:37:57 404480 ----a-w- C:\Windows\System32\gdi32.dll
    2014-08-28 08:37:57 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2014-08-25 19:50:25 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
    2014-08-25 19:49:04 -------- d-----w- C:\AdwCleaner
    2014-08-25 19:21:56 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-08-25 19:21:04 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-08-25 19:21:04 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-08-25 19:21:04 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-08-25 19:21:04 -------- d-----w- C:\ProgramData\Malwarebytes
    2014-08-25 19:21:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-08-24 08:41:17 2620928 ----a-w- C:\Windows\System32\wucltux.dll
    2014-08-24 08:41:00 97792 ----a-w- C:\Windows\System32\wudriver.dll
    2014-08-24 08:41:00 92672 ----a-w- C:\Windows\SysWow64\wudriver.dll
    2014-08-24 08:40:15 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
    2014-08-24 08:40:15 179656 ----a-w- C:\Windows\SysWow64\wuwebv.dll
    2014-08-24 08:40:14 198600 ----a-w- C:\Windows\System32\wuwebv.dll
    2014-08-24 08:40:13 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2014-08-15 04:02:36 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
    2014-08-15 04:02:36 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
    2014-08-15 04:02:36 171160 ----a-w- C:\Windows\System32\infocardapi.dll
    2014-08-15 04:02:36 1389208 ----a-w- C:\Windows\System32\icardagt.exe
    2014-08-15 04:02:34 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
    2014-08-15 04:02:34 8856 ----a-w- C:\Windows\System32\icardres.dll
    2014-08-15 04:02:14 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
    2014-08-15 04:02:14 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
    2014-08-14 05:37:48 -------- d-----w- C:\Users\nicole\AppData\Local\Adobe
    2014-08-09 10:14:26 -------- d-----w- C:\Users\nicole\AppData\Roaming\BRT
    2014-08-06 16:01:00 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
    .
    ==================== Find3M ====================
    .
    2014-08-07 02:06:41 529920 ----a-w- C:\Windows\System32\aepdu.dll
    2014-08-07 02:01:34 424448 ----a-w- C:\Windows\System32\aeinv.dll
    2014-08-05 07:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
    2014-07-30 09:14:24 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-07-30 09:14:23 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
    2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
    2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
    2014-06-19 12:52:54 85328 ----a-w- C:\Windows\System32\drivers\aswstm.sys
    2014-06-19 12:52:54 1039096 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
    2014-06-19 12:52:43 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2014-06-19 12:52:43 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
    2014-06-19 12:52:43 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
    2014-06-19 12:52:43 208416 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
    2014-06-19 12:52:42 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2014-06-19 12:52:41 43152 ----a-w- C:\Windows\avastSS.scr
    2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
    2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
    2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    .
    ============= FINISH: 13:12:48,81 ===============

  • #2
    Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
    (hier en hier) kan je lezen hoe je dat doet.

    Download Zoek.exe naar het bureaublad.
    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
    • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken" als je zip- of rar-download hebt gebruikt.
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkwaardig probleem.
      Code:
      emptyclsid;
      emptyfolderscheck;
      firefoxlook; 
      Chromelook; 
      CHRdefaults;
      autoclean; 
      iedefaults; 
      filesrcm;  
      startupall;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage[/url].

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Hoi Juisterr!

      Bedankt alvast voor je reactie! Ik probeer zsm een afspraak te plannen om deze scan te draaien!

      Comment


      • #4
        Ik hoop dat het gelukt is?

        Zoek logfile:
        zoek-results-10-09.txt

        Comment


        • #5
          Enige verbetering merkbaar Nicole ?

          Windows 10 opstarten in Veilige Modus

          Comment


          • #6
            Heb even gevraagd, hij heeft aan dat hij idd verbetering heeft gemerkt. In ieder geval geen pop-ups etc meer.

            Heb je nog wat uit de logjes kunnen halen verder?

            Comment


            • #7
              Alle rommel is er wel uit zo te zien, als alles nu goed gaat mag je de tools weer verwijderen.

              Windows 10 opstarten in Veilige Modus

              Comment


              • #8
                Oke ga ik doen! Bedankt in ieder geval!

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X