Mededeling

Collapse
No announcement yet.

Ongewenste vensters op internet

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Ongewenste vensters op internet

    Hoi,

    Ik heb al een tijdje last van ongewenste vensters die openen na het openen van een website.
    Ergens anders op dit forum las ik dat er via HijackThis een scan moest worden gemaakt. Dit is hem:

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 20:11:49, on 21-10-2014
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.9600.17344)


    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Marije\Downloads\HijackThis.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0613&utm_campaign=installer&utm_content=ds&from=wpm0613&uid=LITEONITXLMT-64M6M-HP_002337105918&ts=1402568035&type=default&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0613&utm_campaign=installer&utm_content=ds&from=wpm0613&uid=LITEONITXLMT-64M6M-HP_002337105918&ts=1402568035&type=default&q={searchTerms}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://astromenda.com/?f=1&a=ast_ir_...=891354594&ir=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds&ts=1402333195&from=sof&uid=LITEONITXLMT-64M6M-HP_002337105918&q={searchTerms}
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds&ts=1402333195&from=sof&uid=LITEONITXLMT-64M6M-HP_002337105918&q={searchTerms}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.ubvu.vu.nl/ubvu.pac
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: CrossriderApp0057304 - {11111111-1111-1111-1111-110511731104} - C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-bho.dll
    O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O2 - BHO: (no name) - {b608cc98-54de-4775-96c9-097de398500c} - (no file)
    O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
    O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
    O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL
    O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
    O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10205 bytes

    Kan iemand van jullie vertellen welke ik moet verwijderen?
    Anti Malware en Virusscans detecteren niets.
    Alvast bedankt!

  • #2
    Oorspronkelijk geplaatst door Mary Poppins Bekijk Berichten
    Hoi,

    Ik heb al een tijdje last van ongewenste vensters die openen na het openen van een website.
    Ergens anders op dit forum las ik dat er via HijackThis een scan moest worden gemaakt.
    Dat zal dan wel niet op dit forum zijn. Hijackthis wordt al enkele jaren niet meer gebruikt door ons


    De eerste stap is het uitvoeren van deze richtlijn: !!! BELANGRIJK !!!: Lees dit eerst voor je een bericht plaatst!

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Het was ook een bericht van een aantal jaren geleden, dus vandaar dan denk ik. Ik zal al die stappen gaan volgen en ze op de virus afdeling posten. Bedankt!

      Comment


      • #4
        Oorspronkelijk geplaatst door Mary Poppins Bekijk Berichten
        Ik zal al die stappen gaan volgen en ze op de virus afdeling posten.
        Je mag de gemaakte logs hier posten
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Malwarebytes Anti-Malware
          www.malwarebytes.org


          Update, 22-10-2014 15:17:18, SYSTEM, MARIJE, Manual, Rootkit Database, 2014.9.18.1, 2014.10.21.1,
          Protection, 22-10-2014 15:17:29, SYSTEM, MARIJE, Protection, Malware Protection, Starting,
          Protection, 22-10-2014 15:17:29, SYSTEM, MARIJE, Protection, Malware Protection, Started,
          Protection, 22-10-2014 15:17:29, SYSTEM, MARIJE, Protection, Malicious Website Protection, Starting,
          Protection, 22-10-2014 15:17:30, SYSTEM, MARIJE, Protection, Malicious Website Protection, Started,
          Update, 22-10-2014 15:17:50, SYSTEM, MARIJE, Manual, Malware Database, 2014.9.19.5, 2014.10.22.4,
          Protection, 22-10-2014 15:17:50, SYSTEM, MARIJE, Protection, Refresh, Starting,
          Protection, 22-10-2014 15:17:51, SYSTEM, MARIJE, Protection, Malicious Website Protection, Stopping,
          Protection, 22-10-2014 15:17:51, SYSTEM, MARIJE, Protection, Malicious Website Protection, Stopped,
          Protection, 22-10-2014 15:18:16, SYSTEM, MARIJE, Protection, Refresh, Success,
          Protection, 22-10-2014 15:18:16, SYSTEM, MARIJE, Protection, Malicious Website Protection, Starting,
          Protection, 22-10-2014 15:18:17, SYSTEM, MARIJE, Protection, Malicious Website Protection, Started,
          Detection, 22-10-2014 15:20:40, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57673, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:20:40, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57673, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:20:40, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57674, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:20:40, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57675, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:22:35, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57741, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:22:38, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57752, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:22:38, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57753, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:22:39, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57754, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:22:39, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57755, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:23:26, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57804, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:23:26, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57805, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:23:26, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57806, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:23:30, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57847, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:23:31, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57848, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:23:31, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57849, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:23:31, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57850, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:32:54, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57943, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:32:54, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57944, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:32:54, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57945, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:32:59, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57989, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:33:00, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 57990, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:33:05, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58007, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:33:06, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58008, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:33:06, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58009, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:33:06, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58010, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:33:16, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58042, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:34:10, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58073, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:34:10, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58074, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:34:10, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58075, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:34:14, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58099, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:34:14, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58100, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:34:15, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58101, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:34:15, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58102, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:34:59, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58197, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:38:58, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58319, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:38:58, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58320, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:38:58, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58321, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:39:01, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58370, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:39:01, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58371, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:39:01, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58372, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:39:01, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58373, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:39:07, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58400, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:39:08, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58401, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:39:08, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58403, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:39:08, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58404, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:39:15, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58471, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:39:27, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58498, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:46:22, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58574, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:46:22, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58575, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:46:22, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58576, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:48:35, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58610, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:48:36, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58611, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:21, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58740, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:21, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58742, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:21, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58743, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:22, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58744, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:22, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58750, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:22, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58751, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:22, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58752, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:22, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58763, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:22, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58764, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:22, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58765, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:23, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58766, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:30, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58775, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:30, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58776, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:30, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58777, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:30, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58778, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:49:48, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58809, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:50:06, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58834, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:50:54, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58849, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:51:01, SYSTEM, MARIJE, Protection, Malware Protection, File, PUP.Optional.PriceFountain.A, C:\Users\Marije\AppData\Roaming\PriceFountain\UpdateProc\UpdateTask.exe, Quarantine, [09b371a60c7063d333f35db8b64dbb45]
          Detection, 22-10-2014 15:53:32, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58887, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:54:11, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58906, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:54:33, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58954, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:54:36, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58958, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:54:39, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58976, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:54:50, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58988, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:54:50, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58989, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:54:50, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 58990, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:55:25, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59015, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:55:25, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59016, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:55:41, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59041, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:56:03, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59058, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:56:48, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59075, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:57:51, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59099, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:57:51, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59100, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:57:52, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59101, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:57:56, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59135, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:58:05, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59155, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:58:14, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59162, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:58:19, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59171, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:58:27, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59176, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:58:36, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59183, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:59:31, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59226, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:59:38, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59241, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:59:44, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59245, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 15:59:58, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59258, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:00:14, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59279, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:00:30, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59289, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:17, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59339, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:23, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59353, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:27, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59356, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:33, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59399, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:35, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59404, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:35, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59405, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:35, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59406, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:35, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59407, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:39, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59417, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:39, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59418, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:40, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59419, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:43, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59429, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:43, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59430, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:43, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59431, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:43, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59432, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:01:51, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59443, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:02:38, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59492, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:02:49, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59516, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:03:38, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59640, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:04:03, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59700, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:04:18, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59769, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:05:02, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59814, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:07:18, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59867, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:07:19, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59868, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:07:19, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 59869, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:14:09, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60009, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:14:10, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60010, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:14:18, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60044, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:14:20, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60055, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:14:20, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60056, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:14:21, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60057, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:14:21, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60058, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:14:37, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60077, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:03, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60172, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:03, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60173, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:03, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60174, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:06, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60178, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:06, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60180, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:06, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60181, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:07, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60182, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:35, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60195, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:36, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60196, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:36, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60197, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:38, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60220, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:39, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60221, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:55, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60262, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:55, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60263, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:55, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60264, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:59, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60292, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:59, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60293, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:59, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60294, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:22:59, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60295, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:24:53, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60332, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:24:53, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60333, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:24:53, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60334, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:24:56, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60354, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:24:56, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60355, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:24:57, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60356, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:24:57, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60357, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 16:37:19, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 60422, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Update, 22-10-2014 16:52:51, SYSTEM, MARIJE, Scheduler, Malware Database, 2014.10.22.4, 2014.10.22.5,
          Protection, 22-10-2014 16:52:51, SYSTEM, MARIJE, Protection, Refresh, Starting,
          Protection, 22-10-2014 16:52:51, SYSTEM, MARIJE, Protection, Malicious Website Protection, Stopping,
          Protection, 22-10-2014 16:52:52, SYSTEM, MARIJE, Protection, Malicious Website Protection, Stopped,
          Protection, 22-10-2014 16:53:14, SYSTEM, MARIJE, Protection, Refresh, Success,
          Protection, 22-10-2014 16:53:14, SYSTEM, MARIJE, Protection, Malicious Website Protection, Starting,
          Protection, 22-10-2014 16:53:15, SYSTEM, MARIJE, Protection, Malicious Website Protection, Started,
          Detection, 22-10-2014 17:11:08, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61368, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:08, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61368, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:08, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61370, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:09, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61374, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:09, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61376, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:09, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61377, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:09, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61378, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:15, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61416, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:15, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61417, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:15, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61418, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:15, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61419, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:48, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61433, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:48, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61435, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:48, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61436, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:11:48, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61437, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:12:11, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61486, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:12:24, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61530, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:13:08, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61629, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:13:26, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61667, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:13:35, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61690, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:15:36, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61858, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:15:45, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61867, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:15:54, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61906, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:15:54, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61908, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:15:54, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61909, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:15:54, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61910, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:15:57, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61915, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:15:57, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61916, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:15:57, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61917, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:16:01, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61929, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:16:01, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61930, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:16:01, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61931, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:16:01, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61932, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:17:02, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 61983, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:17:54, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 62017, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:20:31, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 62096, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:21:03, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 62137, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:21:45, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 62192, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:21:57, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 62222, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Detection, 22-10-2014 17:22:40, SYSTEM, MARIJE, Protection, Malicious Website Protection, IP, 5.153.38.134, png.mecoolidea.com, 62265, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
          Update, 22-10-2014 18:07:08, SYSTEM, MARIJE, Scheduler, Malware Database, 2014.10.22.5, 2014.10.22.6,
          Protection, 22-10-2014 18:07:08, SYSTEM, MARIJE, Protection, Refresh, Starting,
          Protection, 22-10-2014 18:07:08, SYSTEM, MARIJE, Protection, Malicious Website Protection, Stopping,
          Protection, 22-10-2014 18:07:08, SYSTEM, MARIJE, Protection, Malicious Website Protection, Stopped,
          Protection, 22-10-2014 18:07:30, SYSTEM, MARIJE, Protection, Refresh, Success,
          Protection, 22-10-2014 18:07:30, SYSTEM, MARIJE, Protection, Malicious Website Protection, Starting,
          Protection, 22-10-2014 18:07:31, SYSTEM, MARIJE, Protection, Malicious Website Protection, Started,
          Update, 22-10-2014 20:37:13, SYSTEM, MARIJE, Scheduler, Malware Database, 2014.10.22.6, 2014.10.22.8,
          Protection, 22-10-2014 20:37:14, SYSTEM, MARIJE, Protection, Refresh, Starting,
          Protection, 22-10-2014 20:37:14, SYSTEM, MARIJE, Protection, Malicious Website Protection, Stopping,
          Protection, 22-10-2014 20:37:14, SYSTEM, MARIJE, Protection, Malicious Website Protection, Stopped,
          Protection, 22-10-2014 20:37:33, SYSTEM, MARIJE, Protection, Refresh, Success,
          Protection, 22-10-2014 20:37:33, SYSTEM, MARIJE, Protection, Malicious Website Protection, Starting,
          Protection, 22-10-2014 20:37:34, SYSTEM, MARIJE, Protection, Malicious Website Protection, Started,

          (end)

          Comment


          • #6
            # AdwCleaner v4.001 - Rapport aangemaakt 22/10/2014 op 20:51:27
            # DB v2014-10-21.1
            # Laatste Update 20/10/2014 door Xplode
            # Besturingssysteem : Windows 8.1 (64 bits)
            # Gebruikersnaam : Marije - MARIJE
            # Gestart vanuit : C:\Users\Marije\Downloads\adwcleaner_4.001.exe
            # Optie : Verwijderen

            ***** [ Services ] *****

            [#] Service Verwijderd : globalUpdate
            [#] Service Verwijderd : globalUpdatem
            [#] Service Verwijderd : IePluginServices
            [#] Service Verwijderd : WindowsProtectManger

            ***** [ Bestanden / Mappen ] *****

            Map Verwijderd : C:\Users\Marije\AppData\Roaming\337Games
            Map Verwijderd : C:\Users\Marije\AppData\Local\Astromenda
            Map Verwijderd : C:\Program Files (x86)\globalUpdate
            Map Verwijderd : C:\Users\Marije\AppData\Local\globalUpdate
            Map Verwijderd : C:\ProgramData\IePluginServices
            Map Verwijderd : C:\Program Files (x86)\SupTab
            Map Verwijderd : C:\Users\Marije\AppData\Roaming\Systweak
            Map Verwijderd : C:\ProgramData\WindowsProtectManger
            Map Verwijderd : C:\Users\Marije\AppData\Roaming\wse_astromenda
            Map Verwijderd : C:\Program Files (x86)\Plus-HD-9.6
            Bestand Verwijderd : C:\Windows\System32\roboot64.exe
            Bestand Verwijderd : C:\Users\Marije\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
            Bestand Verwijderd : C:\Users\Marije\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
            Bestand Verwijderd : C:\Users\Marije\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
            Bestand Verwijderd : C:\Users\Marije\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage
            Bestand Verwijderd : C:\Users\Marije\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal

            ***** [ Taken ] *****

            Taak Verwijderd : globalUpdateUpdateTaskMachineCore
            Taak Verwijderd : globalUpdateUpdateTaskMachineUA
            Taak Verwijderd : bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-1
            Taak Verwijderd : bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-2
            Taak Verwijderd : bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-3
            Taak Verwijderd : bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-4
            Taak Verwijderd : bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-5
            Taak Verwijderd : bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-6
            Taak Verwijderd : bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-7

            ***** [ Snelkoppelingen ] *****


            ***** [ Register ] *****

            Sleutel Verwijderd : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
            Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
            Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
            Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
            Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
            Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0057304.BHO
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0057304.BHO.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0057304.Sandbox
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0057304.Sandbox.1
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511731104}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522732204}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555735504}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566736604}
            Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544734404}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511731104}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511731104}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
            Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
            Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511731104}
            Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522732204}
            Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555735504}
            Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566736604}
            Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511731104}
            Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
            Sleutel Verwijderd : HKCU\Software\GlobalUpdate
            Sleutel Verwijderd : HKCU\Software\InstallCore
            Sleutel Verwijderd : HKCU\Software\InstalledBrowserExtensions
            Sleutel Verwijderd : HKCU\Software\systweak
            Sleutel Verwijderd : HKCU\Software\UpdateStar
            Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Crossrider
            Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Plus-HD-9.6
            Sleutel Verwijderd : HKLM\SOFTWARE\GlobalUpdate
            Sleutel Verwijderd : HKLM\SOFTWARE\InstalledBrowserExtensions
            Sleutel Verwijderd : HKLM\SOFTWARE\SupDp
            Sleutel Verwijderd : HKLM\SOFTWARE\SupTab
            Sleutel Verwijderd : HKLM\SOFTWARE\supWindowsProtectManger
            Sleutel Verwijderd : HKLM\SOFTWARE\sweet-pageSoftware
            Sleutel Verwijderd : HKLM\SOFTWARE\systweak
            Sleutel Verwijderd : HKLM\SOFTWARE\Plus-HD-9.6
            Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-9.6
            Sleutel Verwijderd : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
            Gegevens Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
            Gegevens Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL

            ***** [ Browsers ] *****

            -\\ Internet Explorer v11.0.9600.17344

            Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
            Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
            Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
            Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
            Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
            Instelling Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
            Instelling Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

            -\\ Google Chrome v35.0.1916.114


            *************************

            AdwCleaner[R0].txt - [12944 octets] - [22/10/2014 20:42:42]
            AdwCleaner[S0].txt - [11343 octets] - [22/10/2014 20:51:27]

            ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11404 octets] ##########

            Comment


            • #7
              Tot zover kom ik. Na het downloaden van DDS krijg ik de volgende melding:
              DDS is not meant to run in Compatibility Mode. Ik heb Windows 8, er staat windows 8.1 gebruikers E-peek gebruiken. Zal ik dat dan maar doen?

              Comment


              • #8
                Dat is niet de scan log van MBAM: http://www.nucia.eu/forum/blog.php

                Je mag E-Peek gebruiken.
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Sorry dat ik zo lastig ben! Maar dat snap ik dan even niet. Als ik naar history instellingen ga is dat al aangevinkt. Deze log heet protection log en is aangemaakt na het scannen. Het is ook opgeslagen onder hetgeen wat bij historie instellingen staat.

                  Comment


                  • #10
                    Oorspronkelijk geplaatst door Mary Poppins Bekijk Berichten
                    Sorry dat ik zo lastig ben! Maar dat snap ik dan even niet. Als ik naar history instellingen ga is dat al aangevinkt. Deze log heet protection log en is aangemaakt na het scannen. Het is ook opgeslagen onder hetgeen wat bij historie instellingen staat.
                    Ik vraag dan ook niet om de protection log, wél de scan log.
                    (Staat duidelijk uitgelegd in de info links)
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Malwarebytes Anti-Malware
                      www.malwarebytes.org

                      Scan Date: 22-10-2014
                      Scan Time: 22:16:27
                      Logfile: Malwarebytes Anti-Mailware scan 2.txt
                      Administrator: Yes

                      Version: 2.00.3.1025
                      Malware Database: v2014.10.22.09
                      Rootkit Database: v2014.10.22.01
                      License: Trial
                      Malware Protection: Enabled
                      Malicious Website Protection: Enabled
                      Self-protection: Disabled

                      OS: Windows 8.1
                      CPU: x64
                      File System: NTFS
                      User: Marije

                      Scan Type: Custom Scan
                      Result: Completed
                      Objects Scanned: 472562
                      Time Elapsed: 2 hr, 50 min, 50 sec

                      Memory: Enabled
                      Startup: Enabled
                      Filesystem: Enabled
                      Archives: Enabled
                      Rootkits: Enabled
                      Heuristics: Enabled
                      PUP: Enabled
                      PUM: Enabled

                      Processes: 0
                      (No malicious items detected)

                      Modules: 0
                      (No malicious items detected)

                      Registry Keys: 1
                      PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.6, Quarantined, [cef38c8bf983f83eec8882c7d231a858],

                      Registry Values: 0
                      (No malicious items detected)

                      Registry Data: 0
                      (No malicious items detected)

                      Folders: 4
                      PUP.Optional.PriceFountain.A, C:\Users\Marije\AppData\Roaming\PriceFountain, Quarantined, [2899140369138fa7e2a646cf9b68ad53],
                      PUP.Optional.PriceFountain.A, C:\Users\Marije\AppData\Roaming\PriceFountain\UpdateProc, Quarantined, [2899140369138fa7e2a646cf9b68ad53],
                      PUP.Optional.PriceFountain.A, C:\Users\Marije\AppData\Local\PriceFountain, Quarantined, [dae7b760c6b660d63e4be233ec1718e8],
                      PUP.Optional.PriceFountain.A, C:\Users\Marije\AppData\Local\PriceFountain\logs, Quarantined, [dae7b760c6b660d63e4be233ec1718e8],

                      Files: 20
                      PUP.Optional.HDPlus.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-2.exe.vir, Quarantined, [b40d41d6a6d6f3436e223a56b948857b],
                      PUP.Optional.HDPlus.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-3.exe.vir, Quarantined, [eed3e3344e2ea78fa9e7e9a703febe42],
                      PUP.Optional.HDPlus.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-4.exe.vir, Quarantined, [1aa763b43943be788808533df11030d0],
                      PUP.Optional.HDPlus.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\bd69fe80-f1b1-4f8f-b1a7-9e87900f7877-5.exe.vir, Quarantined, [f3ce8394eb9113235d33eda321e0936d],
                      PUP.Optional.HDPlus.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-bg.exe.vir, Quarantined, [883969ae9be1e84e553b7c1417ea13ed],
                      PUP.Optional.HDPlus.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-bho.dll.vir, Quarantined, [fcc5918686f669cd315f1080e51c619f],
                      PUP.Optional.HDPlus.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-bho64.dll.vir, Quarantined, [38893bdcf785013595fbeea2db26a15f],
                      PUP.Optional.HDPlus.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-codedownloader.exe.vir, Quarantined, [e8d9eb2c2f4d6fc7216ff19f728f2ad6],
                      PUP.Optional.HDPlus.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-nova.exe.vir, Quarantined, [4d74c2550478b185d2be474934cd4bb5],
                      PUP.Optional.HDPlus.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-novainstaller.exe.vir, Quarantined, [893883949ddf0c2aace449479d64718f],
                      PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-9.6\utils.exe.vir, Quarantined, [31902ee9ef8d63d3947d122eec148878],
                      PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, Quarantined, [5869a275b0ccf73fef95ad8838c8c63a],
                      PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, Quarantined, [c00121f64339f541777a4b201ae7b34d],
                      PUP.Optional.WPM.A, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsProtectManger\wprotectmanager.exe.vir, Quarantined, [279a5fb8ec90a492d1582d72ad546799],
                      PUP.Optional.DomaIQ, C:\Users\Marije\Downloads\Setup.exe, Quarantined, [38891304bebe2f0734ded486ef115fa1],
                      PUP.Optional.QuickSideBar.A, C:\Users\Marije\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ainbkicbloikcngphmjfpjdemblcojdd_0.localstorage, Quarantined, [e7dab364601cd95d709c61d404ffeb15],
                      PUP.Optional.SelectNGo.A, C:\Users\Marije\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, Quarantined, [f5cc1502e09ccc6ada053901cc37aa56],
                      PUP.Optional.SelectNGo.A, C:\Users\Marije\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, Quarantined, [853cbe591e5eb87e9a4560da08fbe41c],
                      PUP.Optional.PriceFountain.A, C:\Users\Marije\AppData\Roaming\PriceFountain\UpdateProc\config.dat, Quarantined, [2899140369138fa7e2a646cf9b68ad53],
                      PUP.Optional.PriceFountain.A, C:\Users\Marije\AppData\Roaming\PriceFountain\UpdateProc\info.dat, Quarantined, [2899140369138fa7e2a646cf9b68ad53],

                      Physical Sectors: 0
                      (No malicious items detected)


                      (end)

                      Comment


                      • #12
                        # AdwCleaner v4.001 - Rapport aangemaakt 23/10/2014 op 10:34:53
                        # DB v2014-10-21.1
                        # Laatste Update 20/10/2014 door Xplode
                        # Besturingssysteem : Windows 8.1 (64 bits)
                        # Gebruikersnaam : Marije - MARIJE
                        # Gestart vanuit : C:\Users\Marije\Downloads\adwcleaner_4.001.exe
                        # Optie : Verwijderen

                        ***** [ Services ] *****


                        ***** [ Bestanden / Mappen ] *****


                        ***** [ Taken ] *****


                        ***** [ Snelkoppelingen ] *****


                        ***** [ Register ] *****


                        ***** [ Browsers ] *****

                        -\\ Internet Explorer v11.0.9600.17344


                        -\\ Google Chrome v35.0.1916.114


                        *************************

                        AdwCleaner[R0].txt - [12944 octets] - [22/10/2014 20:42:42]
                        AdwCleaner[R1].txt - [866 octets] - [23/10/2014 10:33:06]
                        AdwCleaner[S0].txt - [11529 octets] - [22/10/2014 20:51:27]
                        AdwCleaner[S1].txt - [784 octets] - [23/10/2014 10:34:53]

                        ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [843 octets] ##########

                        Comment


                        • #13
                          E-Peek v 1.0.5.4 © Emphyrio/Onsia Patrick 2013-2014
                          Downloaded @ E Dev
                          Run at do 23 okt 2014 11:12
                          .
                          Windows 8.1 (64 bits)
                          C:\Windows [NTFS - Fixed]
                          Default Browser: Google Chrome
                          Boot mode: Normal boot
                          User logged in: Marije
                          .
                          Java x86: n/a
                          Java x64: n/a
                          .
                          AV : Windows Defender [Updated - Running]
                          AS : Windows Defender [Updated - Running]
                          FW : Windows firewall
                          .
                          ==================== Files and Folders history =================================

                          Folders Created Last 7 days :

                          23-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev
                          22-10-2014 ##### r-h-s-d+a- C:\ProgramData\Malwarebytes
                          22-10-2014 ##### r-h-s-d+a- C:\AdwCleaner
                          21-10-2014 ##### r-h-s-d+a- C:\Users\Marije\AppData\Roaming\InstallShield
                          21-10-2014 ##### r-h+s+d+a- C:\Config.Msi

                          Files Modified Last 7 days :

                          23-10-2014 01967078 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI
                          23-10-2014 00841144 r-h-s-d-a+ C:\Windows\system32\perfh013.dat
                          23-10-2014 00786952 r-h-s-d-a+ C:\Windows\system32\perfh009.dat
                          23-10-2014 00177926 r-h-s-d-a+ C:\Windows\system32\perfc013.dat
                          23-10-2014 00161212 r-h-s-d-a+ C:\Windows\system32\perfc009.dat
                          23-10-2014 00065536 r-h-s-d-a+ C:\Windows\system32\spu_storage.bin
                          21-10-2014 08157184 r-h-s-d-a+ C:\Windows\system32\IDTNHP.dll
                          21-10-2014 08131584 r-h-s-d-a+ C:\Windows\system32\IDTNGUI.exe
                          21-10-2014 06154240 r-h-s-d-a+ C:\Windows\system32\stlang64.dll
                          21-10-2014 02233344 r-h-s-d-a+ C:\Windows\system32\IDTNX.dll
                          21-10-2014 02213376 r-h-s-d-a+ C:\Windows\system32\stapo64.dll
                          21-10-2014 01897984 r-h-s-d-a+ C:\Windows\system32\IDTNC64.cpl
                          21-10-2014 00697856 r-h-s-d-a- C:\Windows\system32\stapi64.dll
                          21-10-2014 00499200 r-h-s-d-a+ C:\Windows\system32\stcplx64.dll
                          21-10-2014 00464384 r-h-s-d-a+ C:\Windows\system32\slapoi64.dll
                          21-10-2014 00256000 r-h-s-d-a+ C:\Windows\system32\st646498.dll
                          21-10-2014 00253952 r-h-s-d-a+ C:\Windows\system32\IDTNJ.exe
                          21-10-2014 00224768 r-h-s-d-a+ C:\Windows\system32\HPToneCtrls64.dll
                          21-10-2014 00017454 r-h-s-d-a+ C:\Windows\system32\nbspkrs.ico
                          21-10-2014 00003774 r-h-s-d-a+ C:\Windows\system32\bltinmic.ico
                          21-10-2014 00003774 r-h-s-d-a+ C:\Windows\system32\2hps.ico
                          21-10-2014 00000052 r-h-s-d-a+ C:\Windows\SysWOW64\DOErrors.log
                          21-10-2014 00000000 r-h-s-d-a+ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
                          16-10-2014 00481752 r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT

                          Files Created Last 7 days :

                          22-10-2014 00000000 r-h-s-d-a+ C:\Users\Marije\defogger_reenable
                          21-10-2014 08157184 r-h-s-d-a+ C:\Windows\system32\IDTNHP.dll
                          21-10-2014 08131584 r-h-s-d-a+ C:\Windows\system32\IDTNGUI.exe
                          21-10-2014 06154240 r-h-s-d-a+ C:\Windows\system32\stlang64.dll
                          21-10-2014 02233344 r-h-s-d-a+ C:\Windows\system32\IDTNX.dll
                          21-10-2014 02213376 r-h-s-d-a+ C:\Windows\system32\stapo64.dll
                          21-10-2014 01897984 r-h-s-d-a+ C:\Windows\system32\IDTNC64.cpl
                          21-10-2014 00697856 r-h-s-d-a- C:\Windows\system32\stapi64.dll
                          21-10-2014 00524288 r-h+s+d-a+ C:\ProgramData\ntuser.dat{9e884cb1-5909-11e4-8286-c8a0f28fadaa}.TMContainer00000000000000000002.regtrans-ms
                          21-10-2014 00524288 r-h+s+d-a+ C:\ProgramData\ntuser.dat{9e884cb1-5909-11e4-8286-c8a0f28fadaa}.TMContainer00000000000000000001.regtrans-ms
                          21-10-2014 00499200 r-h-s-d-a+ C:\Windows\system32\stcplx64.dll
                          21-10-2014 00464384 r-h-s-d-a+ C:\Windows\system32\slapoi64.dll
                          21-10-2014 00262144 r-h-s-d-a+ C:\ProgramData\ntuser.dat
                          21-10-2014 00256000 r-h-s-d-a+ C:\Windows\system32\st646498.dll
                          21-10-2014 00253952 r-h-s-d-a+ C:\Windows\system32\IDTNJ.exe
                          21-10-2014 00224768 r-h-s-d-a+ C:\Windows\system32\HPToneCtrls64.dll
                          21-10-2014 00065536 r-h+s+d-a+ C:\ProgramData\ntuser.dat{9e884cb1-5909-11e4-8286-c8a0f28fadaa}.TM.blf
                          21-10-2014 00017454 r-h-s-d-a+ C:\Windows\system32\nbspkrs.ico
                          21-10-2014 00008192 r-h+s+d-a+ C:\ProgramData\ntuser.dat.LOG2
                          21-10-2014 00008192 r-h+s+d-a+ C:\ProgramData\ntuser.dat.LOG1
                          21-10-2014 00003774 r-h-s-d-a+ C:\Windows\system32\bltinmic.ico
                          21-10-2014 00003774 r-h-s-d-a+ C:\Windows\system32\2hps.ico
                          21-10-2014 00000052 r-h-s-d-a+ C:\Windows\SysWOW64\DOErrors.log
                          21-10-2014 00000000 r-h-s-d-a+ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
                          17-10-2014 03117568 r-h-s-d-a+ C:\Windows\SysWOW64\msi.dll
                          17-10-2014 02779648 r-h-s-d-a+ C:\Windows\system32\msi.dll
                          17-10-2014 02646016 r-h-s-d-a+ C:\Windows\system32\authui.dll
                          17-10-2014 02321920 r-h-s-d-a+ C:\Windows\SysWOW64\authui.dll
                          17-10-2014 00921600 r-h-s-d-a+ C:\Windows\system32\MrmCoreR.dll
                          17-10-2014 00626688 r-h-s-d-a+ C:\Windows\SysWOW64\MrmCoreR.dll
                          17-10-2014 00118272 r-h-s-d-a+ C:\Windows\system32\winbici.dll
                          17-10-2014 00109568 r-h-s-d-a+ C:\Windows\system32\appinfo.dll

                          ==================== RUNNING PROCESSES =========================================


                          ==================== IE PAGES ==================================================

                          IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.google.com
                          IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm
                          IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.google.com
                          IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = about:blank
                          IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://www.google.com
                          IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
                          IE04 - HKCU\..\SearchScopes {D944BB61-2E34-4DBF-A683-47E505C587DC} @ DisplayName: [eBay] @ URL = hxxp://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=hxxp%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
                          IE04 - HKCU\..\SearchScopes {E086B10D-34BA-4F14-84C2-C80B030D28B4} @ DisplayName: [Amazon (UK) Search Suggestions] @ URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
                          IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll
                          IE06 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings @ AutoConfigURL = http://www.ubvu.vu.nl/ubvu.pac
                          IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = about:blank
                          IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm
                          IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = about:blank
                          IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://www.google.com
                          IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.google.com
                          IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
                          IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
                          IE10 - HKLM\..\SearchScopes {D944BB61-2E34-4DBF-A683-47E505C587DC} @ DisplayName: [eBay] @ URL = hxxp://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=hxxp%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
                          IE10 - HKLM\..\SearchScopes {E086B10D-34BA-4F14-84C2-C80B030D28B4} @ DisplayName: [Amazon (UK) Search Suggestions] @ URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
                          IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.google.com
                          IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm
                          IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.google.com
                          IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = about:blank
                          IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = hxxp://www.google.com
                          IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
                          IE04 x64 - HKCU\..\SearchScopes {D944BB61-2E34-4DBF-A683-47E505C587DC} @ DisplayName: [eBay] @ URL = hxxp://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=hxxp%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
                          IE04 x64 - HKCU\..\SearchScopes {E086B10D-34BA-4F14-84C2-C80B030D28B4} @ DisplayName: [Amazon (UK) Search Suggestions] @ URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
                          IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll
                          IE06 x64 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings @ AutoConfigURL = http://www.ubvu.vu.nl/ubvu.pac
                          IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = about:blank
                          IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm
                          IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = about:blank
                          IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://www.google.com
                          IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.google.com
                          IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
                          IE10 x64 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
                          IE10 x64 - HKLM\..\SearchScopes {D944BB61-2E34-4DBF-A683-47E505C587DC} @ DisplayName: [eBay] @ URL = hxxp://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=hxxp%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
                          IE10 x64 - HKLM\..\SearchScopes {E086B10D-34BA-4F14-84C2-C80B030D28B4} @ DisplayName: [Amazon (UK) Search Suggestions] @ URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

                          ==================== Auto Load =================================================

                          AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = userinit.exe,
                          AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe
                          AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe,
                          AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe

                          ==================== Google Chrome =============================================

                          GC - Prefpath: C:\Users\Marije\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          GC - Profile Name: Eerste gebruiker
                          GC - Homepage: http://www.google.com/
                          GC - Default Search Provider: Google

                          = Known Disabled Extensions =



                          ==================== Windows Host File =========================================


                          ==================== BHO =======================================================

                          BHO - [Lync Browser Helper] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} @ Default = C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
                          BHO - [Microsoft SkyDrive Pro Browser Helper] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} @ Default = C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
                          BHO - [HP Network Check Helper] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} @ Default = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
                          BHO x64 - [Lync Browser Helper] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} @ Default = C:\Program Files\Microsoft Office\Office15\OCHelper.dll
                          BHO x64 - [Microsoft SkyDrive Pro Browser Helper] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} @ Default = C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL
                          BHO x64 - [HP Network Check Helper] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} @ Default = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll

                          ==================== Auto Start Programs =======================================

                          ASP01 - HKLM\..\Run @ HPMessageService = C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
                          ASP01 - HKLM\..\Run @ StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
                          ASP01 x64 - HKLM\..\Run @ HPMessageService = C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
                          ASP01 x64 - HKLM\..\Run @ StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
                          ASP - Startup - C:\Users\Marije\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
                          ASP - Startup - C:\Users\Marije\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk
                          ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini



                          ==================== Extra Items IE ============================================

                          EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
                          EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
                          EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing
                          EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security
                          EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings
                          EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International
                          EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
                          EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
                          EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
                          EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing
                          EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security
                          EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings
                          EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International
                          EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
                          EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {11111111-1111-1111-1111-110511731104} =
                          EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {b608cc98-54de-4775-96c9-097de398500c} =

                          ==================== Internet Default Prefix ===================================

                          IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://
                          IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://
                          IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://
                          IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://

                          ==================== Default Settings IE - DSIE ================================

                          DSIE - ieuinit.inf: START_PAGE= "http://go.microsoft.com/fwlink/p/?LinkId
                          DSIE - ieuinit.inf: SEARCH_PAGE_URL= "http://go.microsoft.com/fwlink/?LinkId

                          ==================== Protocol Hijackers - PH ===================================

                          PH00 - Handlersf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} @ = Unknown # C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL # MD5 [cb7e6052455d585dead6f637d8d0a3c9]
                          PH00 - Handler:wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} @ = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [41290ae21c588291f2fc9309ad38ead5]
                          PH01 - Filter:text/xml - {807583E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL <= Unknown
                          PH00 x64 - Handlersf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} @ = Unknown # C:\Program Files\Microsoft Office\Office15\MSOSB.DLL # MD5 [59ac63d95071da4b8f1f5a9277b7f4fe]
                          PH01 x64 - Filter:text/xml - {807583E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL <= Unknown

                          ==================== ShellServiceObjectDelayLoad - SSODL =======================

                          SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =
                          SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =

                          ==================== Extra items - EXT (Torpig/ConduitSearch) ==================

                          EXT00 - HKLM\SOFTWARE\AppDataLow\Software\Adobe
                          EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft
                          EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll
                          EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll
                          EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft
                          EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll
                          EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll

                          ==================== DRIVERS and SERVICES ======================================

                          *** Win32OwnProcess ***

                          SERV - R2 - [AdaptiveSleepService] - AdaptiveSleepService - c:\program files\ati technologies\ati.ace\a4\adaptivesleepservice.exe
                          SERV - R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe
                          SERV - R2 - [AMD FUEL Service] - AMD FUEL Service - c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe
                          SERV - R2 - [HP Support Assistant Service] - HP Support Assistant Service - c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe
                          SERV - R2 - [MBAMScheduler] - MBAMScheduler - d:\malwarebytes anti-malware\mbamscheduler.exe
                          SERV - R2 - [MBAMService] - MBAMService - d:\malwarebytes anti-malware\mbamservice.exe
                          SERV - R2 - [STacSV] - Audio Service - c:\program files\idt\wdm\stacsv64.exe
                          SERV - R2 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
                          SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
                          SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
                          SERV - R3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
                          SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
                          SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
                          SERV - S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
                          SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
                          SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
                          SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
                          SERV - S3 - [hpqwmiex] - HP Software Framework Service - c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe
                          SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
                          SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
                          SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
                          SERV - S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
                          SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
                          SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
                          SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
                          SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
                          SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
                          SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
                          SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
                          SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe

                          *** Win32ShareProcess ***

                          SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
                          SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
                          SERV - R3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
                          SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
                          SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
                          SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

                          *** Others ***

                          SERV - R2 - [HPWMISVC] - HPWMISVC - c:\program files (x86)\hewlett-packard\hp system event\hpwmisvc.exe
                          SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
                          SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

                          *** File System Driver ***

                          DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
                          DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
                          DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
                          DRV - R0 - [WdFilter] - Windows Defender Mini-Filter Driver - C:\Windows\system32\Drivers\WdFilter.sys
                          DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\Windows\system32\Drivers\Wof.sys
                          DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
                          DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys
                          DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys

                          *** Kernel Driver ***

                          DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\Windows\system32\Drivers\ACPI.sys
                          DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys
                          DRV - R0 - [amdsata] - amdsata - C:\Windows\system32\Drivers\amdsata.sys
                          DRV - R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
                          DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys
                          DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
                          DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\disk.sys
                          DRV - R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys
                          DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys
                          DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\Windows\system32\Drivers\intelpep.sys
                          DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
                          DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
                          DRV - R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys
                          DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
                          DRV - R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys
                          DRV - R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys
                          DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\Windows\system32\Drivers\pci.sys
                          DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
                          DRV - R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys
                          DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
                          DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\Windows\system32\Drivers\spaceport.sys
                          DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys
                          DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\Windows\system32\Drivers\vdrvroot.sys
                          DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\Windows\system32\Drivers\volmgr.sys
                          DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys
                          DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys
                          DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
                          DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\Windows\system32\Drivers\WFPLWFS.sys
                          DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
                          DRV - R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
                          DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys
                          DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys
                          DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
                          DRV - S0 - [WdBoot] - Windows Defender Boot Driver - C:\Windows\system32\Drivers\WdBoot.sys
                          DRV - S3 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys

                          ==================== SvcHost - White Listed ====================================

                          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
                          apphostsvc = ServiceDll = C:\Windows\system32\inetsrv\apphostsvc.dll [9dcb42905f1ebf9cec57ee5df0bda965]
                          w3logsvc = ServiceDll = C:\Windows\system32\inetsrv\w3logsvc.dll [8e553c859c83784dec08b10afc3eac92]

                          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
                          w3svc = [8e553c859c83784dec08b10afc3eac92]
                          was = ServiceDll = C:\Windows\system32\inetsrv\iisw3adm.dll [9bae40bd31e3ee0b0c70bef167e0a2bc]


                          HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\[email protected]
                          apphostsvc = ServiceDll = C:\Windows\system32\inetsrv\apphostsvc.dll [9dcb42905f1ebf9cec57ee5df0bda965]
                          w3logsvc = ServiceDll = C:\Windows\system32\inetsrv\w3logsvc.dll [8e553c859c83784dec08b10afc3eac92]

                          HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\[email protected]
                          w3svc = [8e553c859c83784dec08b10afc3eac92]
                          was = ServiceDll = C:\Windows\system32\inetsrv\iisw3adm.dll [9bae40bd31e3ee0b0c70bef167e0a2bc]


                          ==================== SigCheck x86 Fast =========================================

                          Fast Scan All ok

                          ==================== SigCheck x64 Fast =========================================

                          Fast Scan All ok

                          ==================== Job tasks =================================================

                          There are no .job files found.

                          ==================== End scanning at do 23 okt 2014 11:12 (0 Min 42 Sec ) ======
                          Last edited by Emphyrio; 23-10-14, 10:49. Reden: Smileys uitgezet

                          Comment


                          • #14
                            Oke, bij de laatste stap loop ik ook tegen iets aan. Gmer geeft de melding:
                            Het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt.
                            Daarna sluit het automatisch af.

                            Comment


                            • #15
                              Ok.

                              Even een rechtzetting:

                              Oorspronkelijk geplaatst door Mary Poppins Bekijk Berichten
                              Tot zover kom ik. Na het downloaden van DDS krijg ik de volgende melding:
                              DDS is not meant to run in Compatibility Mode. Ik heb Windows 8, er staat windows 8.1 gebruikers E-peek gebruiken. Zal ik dat dan maar doen?
                              De reden dat je DDS niet kon runnen is omdat je Windows 8.1 hebt en niet Windows 8 zoals je schrijft.
                              Dit geldt eveneens voor Gmer.


                              Doe eens deze stappen met RIES om je IE settings te herstellen.
                              Tevens wil ik je aan raden om een actieve Antivirus tool te installeren.
                              Windows Defender voldoet echt niet.

                              Lees dit artikel er eens op na: http://www.nucia.eu/forum/threads/72...owserhijacking

                              Als je dat hebt gedaan, doe je het volgende:


                              Download of Update Ccleaner

                              Start CCleaner op.
                              • Run Ccleaner en klik in de linkse kolom op Opties
                              • Selecteer het tabblad Geavanceerd
                              • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                              • Selecteer het tabblad Instellingen
                              • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                              • Klik in de linkse kolom op Cleaner.
                              • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                              • Klik vervolgens in de linkse kolom op Register
                              • Klik op Scan naar problemen.
                              • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                              • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                              .


                              Download Kaspersky® Virus Removal Tool naar je Bureaublad

                              Dubbelklik op het installatie bestand om het programma te installeren

                              Zorg ervoor dat de volgende items zijn aangevinkt
                              • Hidden startup objects
                              • System memory
                              • Disk boot sectors
                              • Deze Computer
                              • De schijf waar Windows is geïnstalleerd
                              • Alle verwisselbare schijven

                              Klik: Start scan

                              Bij een Infectie word door middel van een Pop-Up aangegeven wat te doen
                              Klik “Disinfect (recommended)” als dit word aangegeven
                              Kan de Infectie niet gedesinfecteerd worden kies in de volgende Pop-up
                              voor “Delete (recommended)”
                              Volg de aanwijzing van Kaspersky >>(recommended)

                              Klik aan het eind van de scan “Report”
                              Klik op het plus(+) teken voor Autoscan
                              Rechtermuisklik >>kies “select all” dan
                              Rechtermuisklik >>kies “Copy”
                              Ga via Start\Programma’s\Bureau accesoires naar Kladblok(Editor)
                              Rechtermuisklik >>kies “Plakken”
                              Geef het tekstbestandje een naam b.v kav.txt en sla het op je Bureaublad op
                              Sluit KVRT en er komt de volgende vraag,klik Yes
                              Kopïeer nu de inhoud van het log in het Forum.

                              Verwijder de Installer van Kaspersky® Virus Removal Tool van je Bureaublad


                              Post eveneens een verse E-Peek log.
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X