Mededeling

Collapse
No announcement yet.

irritante reclames bij het surfen

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • irritante reclames bij het surfen

    Hoi,

    Ik heb sinds gisteren een irritante virus die overal reclamebanners laat zien. Hierbij mijn logs. Alvast bedankt.

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 28-11-2014
    Scan Time: 18:23:38
    Logfile:
    Administrator: Yes

    Version: 2.00.3.1025
    Malware Database: v2014.11.28.06
    Rootkit Database: v2014.11.22.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: standaard

    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 553246
    Time Elapsed: 1 hr, 21 min, 21 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 2
    Trojan.SProtector, C:\Program Files (x86)\VideoCnv\Zet.dll, Delete-on-Reboot, [8d48c975a3d9ea4c3aeae2029d644eb2],
    PUP.Optional.VideoCNV.A, C:\Program Files (x86)\VideoCnv\Zet.dll, Delete-on-Reboot, [29acfe40f18bb1853976d46b1ae9ea16],

    Registry Keys: 12
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{baaf1593-f09e-4cfa-82db-b1084d6809ab}, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{BAAF1593-F09E-4CFA-82DB-B1084D6809AB}, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{BAAF1593-F09E-4CFA-82DB-B1084D6809AB}, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\., Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\..10, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\., Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\..10, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BAAF1593-F09E-4CFA-82DB-B1084D6809AB}, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{BAAF1593-F09E-4CFA-82DB-B1084D6809AB}, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{BAAF1593-F09E-4CFA-82DB-B1084D6809AB}, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{BAAF1593-F09E-4CFA-82DB-B1084D6809AB}\INPROCSERVER32, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.VideoCNV.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fa6789c5, Quarantined, [4392310d58241d19f1bdc47b59aaab55],

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 1
    PUP.Optional.VideoCNV.A, C:\Program Files (x86)\VideoCnv, Delete-on-Reboot, [29acfe40f18bb1853976d46b1ae9ea16],

    Files: 8
    Trojan.SProtector, C:\Program Files (x86)\VideoCnv\Zet.dll, Delete-on-Reboot, [8d48c975a3d9ea4c3aeae2029d644eb2],
    PUP.Optional.MultiPlug, C:\ProgramData\jointheshop\rUgKQTN2sh4G77.x64.dll, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.MultiPlug, C:\ProgramData\jointheshop\rUgKQTN2sh4G77.dll, Quarantined, [24b1e955f68657df1dfaa918d52c4fb1],
    PUP.Optional.VideoCNV.A, C:\Program Files (x86)\VideoCnv\Zet.dll, Delete-on-Reboot, [29acfe40f18bb1853976d46b1ae9ea16],
    PUP.Optional.LiveLyrics.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage, Delete-on-Reboot, [b124b38be993f34380d95a0b37cc17e9],
    PUP.Optional.LiveLyrics.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage-journal, Delete-on-Reboot, [fadb5ce2ee8e2c0a73e6145125def010],
    PUP.Optional.ReMarkable.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Delete-on-Reboot, [6a6b9aa44b3182b4a1a46f4be22225db],
    PUP.Optional.ReMarkable.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, Delete-on-Reboot, [23b2d86693e9c274af96635747bd718f],

    Physical Sectors: 0
    (No malicious items detected)


    (end)

  • #2
    # AdwCleaner v4.102 - Rapport aangemaakt 28/11/2014 op 21:51:27
    # Laatste Update 23/11/2014 door Xplode
    # Database : 2014-11-27.1 [Live]
    # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Gebruikersnaam : standaard - STANDAARD-PC
    # Gestart vanuit : C:\Users\standaard\Desktop\adwcleaner_4.102 (1).exe
    # Optie : Verwijderen

    ***** [ Services ] *****


    ***** [ Bestanden / Mappen ] *****

    Map Verwijderd : C:\ProgramData\5908d20bc53781dc
    Bestand Verwijderd : C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
    Bestand Verwijderd : C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
    Bestand Verwijderd : C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage
    Bestand Verwijderd : C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal
    Bestand Verwijderd : C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
    Bestand Verwijderd : C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

    ***** [ Taken ] *****


    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****

    Waarde Verwijderd : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17420


    -\\ Mozilla Firefox v33.1 (x86 nl)


    -\\ Google Chrome v38.0.2125.111


    *************************

    AdwCleaner[R0].txt - [1859 octets] - [03/11/2014 16:44:13]
    AdwCleaner[R1].txt - [2517 octets] - [28/11/2014 21:49:38]
    AdwCleaner[S0].txt - [1894 octets] - [03/11/2014 16:49:52]
    AdwCleaner[S1].txt - [2315 octets] - [28/11/2014 21:51:27]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2375 octets] ##########

    Comment


    • #3
      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 11.0.9600.17420
      Run by standaard at 21:58:54 on 2014-11-28
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2047.642 [GMT 1:00]
      .
      AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
      SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      ============== Running Processes ===============
      .
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\svchost.exe -k RPCSS
      C:\Program Files\Microsoft Security Client\MsMpEng.exe
      C:\Windows\system32\atiesrxx.exe
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Windows\system32\atieclxx.exe
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Windows\system32\taskhost.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Windows\system32\taskeng.exe
      C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      C:\Program Files\Microsoft Security Client\msseces.exe
      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      C:\Program Files\CCleaner\CCleaner64.exe
      C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Windows\system32\NOTEPAD.EXE
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Program Files (x86)\Popcorn Time\Updater.exe
      C:\Windows\System32\WUDFHost.exe
      C:\Windows\system32\SearchIndexer.exe
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files\Microsoft Security Client\NisSrv.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Windows\system32\sppsvc.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Windows\servicing\TrustedInstaller.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Windows\system32\SearchProtocolHost.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://www.google.nl
      BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll
      BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
      BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\urlredir.dll
      BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
      uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
      mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
      uPolicies-Explorer: NoDrives = dword:0
      mPolicies-Explorer: NoDrives = dword:0
      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
      mPolicies-System: ConsentPromptBehaviorUser = dword:3
      mPolicies-System: EnableLUA = dword:0
      mPolicies-System: EnableUIADesktopToggle = dword:0
      IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
      IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\onbttnie.dll
      IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll
      IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
      DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
      TCP: NameServer = 192.168.1.1 192.168.1.1
      TCP: Interfaces\{ED1144B2-33C2-41A8-9708-DA068DD7AF26} : DHCPNameServer = 192.168.1.1 192.168.1.1
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
      SSODL: WebCheck - <orphaned>
      mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
      x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
      x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
      x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
      x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
      x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
      x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
      x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
      x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
      x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
      x64-SSODL: WebCheck - <orphaned>
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\4notqi66.default-1415222583719\
      FF - prefs.js: browser.startup.homepage - www.nu.nl|PSV.netwerk.to|ibood.nl|energyup.nl
      FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
      FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
      FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
      FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL
      FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
      FF - plugin: C:\Users\standaard\AppData\Roaming\TorrentStream\player\npts_plugin.dll
      FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll
      FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
      R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
      R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-11-1 2443960]
      R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 125584]
      R2 Update service;Update service;C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-11-1 179200]
      R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
      S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
      S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
      S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
      S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-28 129752]
      S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-9-25 178760]
      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
      S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-11-18 88960]
      S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
      S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
      S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
      S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-18 1255736]
      .
      =============== Created Last 30 ================
      .
      2014-11-28 17:23:12 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
      2014-11-28 17:22:43 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
      2014-11-28 17:22:43 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
      2014-11-28 17:22:43 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
      2014-11-28 17:22:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
      2014-11-27 22:10:14 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF82DC90-5B49-4E46-ABBE-EC9B8A24B823}\mpengine.dll
      2014-11-26 21:24:43 11632448 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
      2014-11-25 22:51:34 -------- d-----w- C:\ProgramData\rocketsaler
      2014-11-25 22:51:06 -------- d-----w- C:\ProgramData\jointheshop
      2014-11-24 21:54:12 -------- d-----r- C:\Users\standaard\Dropbox
      2014-11-24 21:50:24 -------- d-----w- C:\Users\standaard\AppData\Roaming\Dropbox
      2014-11-21 17:26:22 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{10BB44E6-66C2-4CD2-A9FD-BE17E1001077}\gapaengine.dll
      2014-11-19 07:08:48 729600 ----a-w- C:\Windows\System32\kerberos.dll
      2014-11-19 07:08:48 690688 ----a-w- C:\Windows\SysWow64\adtschema.dll
      2014-11-19 07:08:48 690688 ----a-w- C:\Windows\System32\adtschema.dll
      2014-11-19 07:08:48 241152 ----a-w- C:\Windows\System32\pku2u.dll
      2014-11-19 07:08:48 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
      2014-11-19 07:08:47 551424 ----a-w- C:\Windows\SysWow64\kerberos.dll
      2014-11-19 07:08:46 463872 ----a-w- C:\Windows\System32\certcli.dll
      2014-11-19 07:08:46 342528 ----a-w- C:\Windows\SysWow64\certcli.dll
      2014-11-18 22:56:00 -------- d-----w- C:\Program Files (x86)\Lame For Audacity
      2014-11-12 06:45:00 424448 ----a-w- C:\Windows\System32\aeinv.dll
      2014-11-12 06:45:00 304640 ----a-w- C:\Windows\System32\generaltel.dll
      2014-11-12 06:45:00 228864 ----a-w- C:\Windows\System32\aepdu.dll
      2014-11-12 06:43:59 2364416 ----a-w- C:\Windows\SysWow64\msi.dll
      2014-11-12 06:43:55 861696 ----a-w- C:\Windows\System32\oleaut32.dll
      2014-11-12 06:43:55 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
      2014-11-09 09:04:44 -------- d-----w- C:\Forqan Group
      2014-11-06 06:12:06 -------- d-sh--w- C:\$RECYCLE.BIN
      2014-11-05 21:32:46 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
      2014-11-05 21:20:39 -------- d-----w- C:\Windows\System32\appmgmt
      2014-11-05 19:51:20 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
      2014-11-05 19:51:20 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      2014-11-04 17:08:29 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
      2014-11-03 20:58:35 2560 ----a-w- C:\Windows\System32\drivers\ar-SA\wdf01000.sys.mui
      2014-11-03 19:00:04 758272 ----a-w- C:\Windows\System32\cohelper.dll
      2014-11-03 19:00:04 11164 ----a-w- C:\Windows\System32\drivers\nvphy.bin
      2014-11-03 19:00:03 -------- d-----w- C:\Program Files\NVIDIA Corporation
      2014-11-03 18:57:01 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
      2014-11-03 18:57:01 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
      2014-11-03 18:34:31 -------- d-----w- C:\Windows\fr-FR
      2014-11-03 18:34:20 -------- d-----w- C:\Windows\SysWow64\en
      2014-11-03 18:34:20 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\fr-FR
      2014-11-03 18:34:20 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\en-US
      2014-11-03 18:34:20 -------- d-----w- C:\Windows\SysWow64\drivers\fr-FR
      2014-11-03 18:34:20 -------- d-----w- C:\Windows\SysWow64\drivers\en-US
      2014-11-03 18:34:20 -------- d-----w- C:\Windows\SysWow64\drivers\ar-SA
      2014-11-03 18:34:20 -------- d-----w- C:\Windows\SysWow64\ar
      2014-11-03 18:34:20 -------- d-----w- C:\Windows\SysWow64\040C
      2014-11-03 18:34:20 -------- d-----w- C:\Windows\SysWow64\0409
      2014-11-03 18:34:15 -------- d-----w- C:\Windows\SysWow64\fr
      2014-11-03 18:32:53 -------- d-----w- C:\Windows\System32\wbem\fr-FR
      2014-11-03 18:32:51 -------- d-----w- C:\Windows\System32\wbem\ar-SA
      2014-11-03 18:24:09 6144 ----a-w- C:\Windows\System32\drivers\ar-SA\rdvgkmd.sys.mui
      2014-11-03 18:24:09 3584 ----a-w- C:\Windows\System32\drivers\ar-SA\portcls.sys.mui
      2014-11-03 18:24:09 2560 ----a-w- C:\Windows\System32\drivers\ar-SA\scfilter.sys.mui
      2014-11-03 18:24:09 2560 ----a-w- C:\Windows\System32\drivers\ar-SA\rdpwd.sys.mui
      2014-11-03 18:24:05 4096 ----a-w- C:\Windows\System32\drivers\ar-SA\tsusbhub.sys.mui
      2014-11-03 18:24:04 7168 ----a-w- C:\Windows\System32\drivers\ar-SA\tunnel.sys.mui
      2014-11-03 18:24:04 3584 ----a-w- C:\Windows\System32\drivers\ar-SA\tsusbflt.sys.mui
      2014-11-03 18:24:03 11776 ----a-w- C:\Windows\System32\drivers\ar-SA\usbhub.sys.mui
      2014-11-03 18:24:02 24576 ----a-w- C:\Windows\System32\drivers\ar-SA\usbport.sys.mui
      2014-11-03 18:23:52 9728 ----a-w- C:\Windows\System32\drivers\ar-SA\battc.sys.mui
      2014-11-03 18:21:58 2560 ----a-w- C:\Windows\System32\drivers\ar-SA\volmgrx.sys.mui
      2014-11-03 15:44:54 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
      2014-11-03 15:43:56 -------- d-----w- C:\AdwCleaner
      2014-11-03 14:13:23 -------- d-----w- C:\ProgramData\Malwarebytes
      2014-11-03 06:23:54 3928064 ----a-w- C:\Windows\System32\d2d1.dll
      2014-11-03 06:23:54 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
      2014-11-03 06:22:57 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
      2014-11-03 06:22:57 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
      2014-11-03 06:22:56 559616 ----a-w- C:\Windows\System32\spoolsv.exe
      2014-11-03 06:22:55 67072 ----a-w- C:\Windows\splwow64.exe
      2014-11-03 06:12:11 -------- d-----w- C:\Windows\System32\MRT
      2014-11-03 05:44:17 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
      2014-11-03 05:44:15 -------- d-----w- C:\Windows\System32\wbem\en-US
      2014-11-03 05:43:45 -------- d-s---w- C:\Windows\System32\CompatTel
      2014-11-03 00:37:42 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
      2014-11-03 00:37:41 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
      2014-11-03 00:37:41 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
      2014-11-03 00:37:40 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
      2014-11-03 00:07:28 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
      2014-11-02 19:55:46 2560 ----a-w- C:\Windows\System32\drivers\nl-NL\wdf01000.sys.mui
      2014-11-02 19:45:13 294912 ----a-w- C:\Windows\System32\browserchoice.exe
      2014-11-02 19:31:22 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
      2014-11-02 19:31:22 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
      2014-11-02 19:31:22 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
      2014-11-02 19:31:22 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
      2014-11-02 19:31:21 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
      2014-11-02 19:31:20 744448 ----a-w- C:\Windows\System32\WUDFx.dll
      2014-11-02 19:31:20 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
      2014-11-02 19:21:23 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
      2014-11-02 19:21:22 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
      2014-11-02 19:21:22 5120 ----a-w- C:\Windows\System32\wmi.dll
      2014-11-02 19:14:43 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
      2014-11-02 19:14:43 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
      2014-11-02 19:14:43 171160 ----a-w- C:\Windows\System32\infocardapi.dll
      2014-11-02 19:14:43 1389208 ----a-w- C:\Windows\System32\icardagt.exe
      2014-11-02 19:14:40 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
      2014-11-02 19:14:40 8856 ----a-w- C:\Windows\System32\icardres.dll
      2014-11-02 19:14:21 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
      2014-11-02 19:14:21 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
      2014-11-02 07:49:52 1572864 ----a-w- C:\Windows\System32\quartz.dll
      2014-11-02 07:48:58 186880 ----a-w- C:\Windows\System32\cryptsvc.dll
      2014-11-02 07:47:56 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
      2014-11-02 07:46:47 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
      2014-11-02 07:45:50 1737688 ----a-w- C:\Windows\System32\ntdll.dll
      2014-11-02 07:45:49 878080 ----a-w- C:\Windows\System32\advapi32.dll
      2014-11-02 07:45:49 859648 ----a-w- C:\Windows\System32\tdh.dll
      2014-11-02 07:45:48 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
      2014-11-02 07:45:48 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
      2014-11-02 07:45:48 1296312 ----a-w- C:\Windows\SysWow64\ntdll.dll
      2014-11-02 07:45:45 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
      2014-11-02 07:45:07 70656 ----a-w- C:\Windows\System32\appinfo.dll
      2014-11-02 07:45:07 504320 ----a-w- C:\Windows\System32\msihnd.dll
      2014-11-02 07:45:07 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
      2014-11-02 07:45:07 1942016 ----a-w- C:\Windows\System32\authui.dll
      2014-11-02 07:45:07 1806848 ----a-w- C:\Windows\SysWow64\authui.dll
      2014-11-02 07:45:07 112568 ----a-w- C:\Windows\System32\consent.exe
      2014-11-02 07:43:59 3724800 ----a-w- C:\Windows\System32\mstscax.dll
      2014-11-02 07:42:51 956416 ----a-w- C:\Windows\System32\localspl.dll
      2014-11-02 07:38:31 461312 ----a-w- C:\Windows\System32\scavengeui.dll
      2014-11-02 07:38:13 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
      2014-11-02 07:38:13 190464 ----a-w- C:\Windows\System32\rpchttp.dll
      2014-11-02 07:38:13 141312 ----a-w- C:\Windows\SysWow64\rpchttp.dll
      2014-11-02 07:38:13 1215488 ----a-w- C:\Windows\System32\rpcrt4.dll
      2014-11-01 19:04:38 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
      2014-11-01 19:04:21 851664 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
      2014-11-01 19:00:49 -------- d-----w- C:\Program Files\Microsoft Office 15
      2014-11-01 18:47:40 -------- d-----w- C:\Users\standaard\AppData\Local\Macromedia
      2014-11-01 18:41:52 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2014-11-01 18:41:12 -------- d-----w- C:\Users\standaard\AppData\Local\Adobe
      2014-11-01 18:39:48 -------- d-----w- C:\Users\standaard\AppData\Local\Google
      2014-11-01 17:53:10 -------- d-----w- C:\Users\standaard\AppData\Local\PCStreams3
      2014-11-01 17:53:10 -------- d-----w- C:\ProgramData\PCStreams
      2014-11-01 17:45:22 -------- d-----w- C:\Windows\Migration
      2014-11-01 17:41:40 -------- d-----w- C:\TorrentStream
      2014-11-01 17:41:37 -------- d-----w- C:\Users\standaard\AppData\Roaming\.Torrent Stream
      2014-11-01 17:40:39 -------- d-----w- C:\Users\standaard\AppData\Roaming\TorrentStream
      2014-11-01 17:33:45 -------- d-----w- C:\Program Files (x86)\PCStreams
      2014-11-01 17:33:23 -------- d-----w- C:\Users\standaard\AppData\Roaming\Downloaded Installations
      2014-11-01 17:32:23 260696 ----a-w- C:\Windows\System32\unrar64.dll
      2014-11-01 17:32:21 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
      2014-11-01 17:31:42 -------- d-----w- C:\Program Files (x86)\Popcorn Time
      2014-11-01 17:31:26 -------- d-----w- C:\Users\standaard\AppData\Local\Programs
      2014-11-01 17:31:02 -------- d-----w- C:\Program Files (x86)\SopCast
      2014-11-01 17:12:34 -------- d-----w- C:\Program Files\CCleaner
      2014-11-01 17:06:10 -------- d-----w- C:\Users\standaard\AppData\Local\Skype
      2014-11-01 17:05:58 -------- d-----r- C:\Program Files (x86)\Skype
      2014-11-01 16:39:48 -------- d-----w- C:\Users\standaard\AppData\Local\Mozilla
      2014-11-01 16:39:40 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
      2014-11-01 16:37:25 -------- d-----w- C:\ProgramData\Oracle
      2014-11-01 16:16:37 0 ----a-w- C:\Windows\ativpsrm.bin
      2014-11-01 15:40:44 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
      2014-11-01 15:40:44 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
      2014-11-01 15:40:44 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
      2014-11-01 15:32:08 268333 ----a-w- C:\Windows\SysWow64\mpas-fe.exe
      2014-11-01 15:31:36 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
      2014-11-01 15:31:30 -------- d-----w- C:\Program Files\Microsoft Security Client
      2014-11-01 15:28:05 2620928 ----a-w- C:\Windows\System32\wucltux.dll
      2014-11-01 15:26:59 -------- d-sh--we C:\ProgramData\Sjablonen
      2014-11-01 15:26:59 -------- d-sh--we C:\ProgramData\Menu Start
      2014-11-01 15:26:59 -------- d-sh--we C:\ProgramData\Favorieten
      2014-11-01 15:26:59 -------- d-sh--we C:\ProgramData\Documenten
      2014-11-01 15:26:59 -------- d-sh--we C:\ProgramData\Bureaublad
      2014-11-01 15:26:59 -------- d-----w- C:\Recovery
      2014-11-01 15:11:31 -------- d-----w- C:\Windows\ConfigSetRoot
      2014-11-01 15:01:26 -------- d-----w- C:\Windows.old
      .
      ==================== Find3M ====================
      .
      2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
      2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
      2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
      2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
      2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
      2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
      2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
      2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
      2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
      2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
      2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
      2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
      2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
      2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
      2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
      2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
      2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
      2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
      2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
      2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
      2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
      2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
      2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
      2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
      2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
      2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
      2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
      2014-11-03 00:07:28 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
      2014-11-01 18:48:18 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
      2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
      2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
      2014-10-14 02:20:39 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
      2014-10-14 02:16:40 686592 ----a-w- C:\Windows\System32\termsrv.dll
      2014-10-14 02:16:37 341504 ----a-w- C:\Windows\System32\schannel.dll
      2014-10-14 02:16:33 309760 ----a-w- C:\Windows\System32\ncrypt.dll
      2014-10-14 02:16:32 3243008 ----a-w- C:\Windows\System32\msi.dll
      2014-10-14 02:16:30 1463808 ----a-w- C:\Windows\System32\lsasrv.dll
      2014-10-14 02:13:02 146432 ----a-w- C:\Windows\System32\msaudite.dll
      2014-10-14 01:50:01 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
      2014-10-14 01:50:01 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
      2014-10-14 01:49:58 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
      2014-10-14 01:48:55 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
      2014-10-14 01:46:48 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
      2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
      2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
      2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
      2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
      2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
      2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
      2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
      2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
      2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
      2014-09-25 03:49:18 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
      2014-09-25 03:49:18 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
      2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
      2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
      2014-09-11 03:47:59 249344 ----a-w- C:\Windows\System32\wksprt.exe
      2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
      2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
      2014-09-04 10:23:50 425472 ----a-w- C:\Windows\System32\rastls.dll
      2014-09-04 05:06:55 373248 ----a-w- C:\Windows\SysWow64\rastls.dll
      .
      ============= FINISH: 21:59:56,10 ===============

      Comment


      • #4
        Download of Update Ccleaner

        Start CCleaner op.
        • Run Ccleaner en klik in de linkse kolom op Opties
        • Selecteer het tabblad Geavanceerd
        • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
        • Selecteer het tabblad Instellingen
        • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
        • Klik in de linkse kolom op Cleaner.
        • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
        • Klik vervolgens in de linkse kolom op Register
        • Klik op Scan naar problemen.
        • Op de vraag of je een backup wil maken van het register, klik je "Ja".
        • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

        .


        Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
        Deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
        Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

        Download Zoek.exe naar het bureaublad.
        • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
        • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken" als je zip- of rar-download hebt gebruikt.
        • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
        • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
        • Kopieer nu onderstaande code en plak die in het grote invulvenster:
        • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkwaardig probleem.
          Code:
          emptyclsid;
          emptyfolderscheck;
          firefoxlook; 
          Chromelook; 
          CHRdefaults;
          autoclean; 
          iedefaults; 
          filesrcm;  
          startupall;
        • Klik nu op de knop "Run script".
        • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
        • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
        • Post het geopende logje in het volgende bericht
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          GMER 2.1.19357 - http://www.gmer.net
          Rootkit scan 2014-11-28 22:12:56
          Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000056 SAMSUNG_ rev.1AA0 698,64GB
          Running: h7zgvfs0.exe; Driver: C:\Users\STANDA~1\AppData\Local\Temp\pwldyuob.sys


          ---- Threads - GMER 2.1 ----

          Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2088:1348] 000007fefb962c38
          Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [2088:1612] 000007fef52b5124

          ---- EOF - GMER 2.1 ----

          Comment


          • #6
            Zoek.exe v5.0.0.0 Updated 27-11-2014
            Tool run by standaard on vr 28-11-2014 at 22:22:09,12.
            Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
            Running in: Normal Mode Internet Access Detected
            Launched: C:\Users\standaard\Desktop\zoek.exe [Scan all users] [Script inserted]

            ===== Runcheck 22:22:50,96 =====

            --- Create Environment Variables 22:22:52,06
            --- Create System Restore Point 22:22:57,04

            Comment


            • #7
              Dit is niet de volledige log, Muzzy.
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                Sorry ik was te snel.

                Zoek.exe v5.0.0.0 Updated 27-11-2014
                Tool run by standaard on vr 28-11-2014 at 22:22:09,12.
                Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
                Running in: Normal Mode Internet Access Detected
                Launched: C:\Users\standaard\Desktop\zoek.exe [Scan all users] [Script inserted]

                ==== System Restore Info ======================

                ==== Deleting CLSID Registry Keys ======================

                HKEY_USERS\S-1-5-21-2755389905-846533760-1136847600-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

                ==== Deleting CLSID Registry Values ======================


                ==== Deleting Services ======================


                ==== Deleting Files \ Folders ======================

                C:\ProgramData\jointheshop deleted
                C:\PROGRA~2\SopCast deleted
                C:\Windows\SysNative\config\systemprofile\Searches deleted
                C:\windows\SysNative\GroupPolicy\Machine deleted
                C:\windows\SysNative\GroupPolicy\User deleted
                C:\windows\SysNative\GroupPolicy\gpt.ini deleted
                C:\Users\STANDA~1\AppData\Roaming\Mozilla\Firefox\Profiles\4notqi66.default-1415222583719\extensions\[email protected] deleted

                ==== Files Recently Created / Modified ======================

                ====== C:\Windows ====
                2014-11-03 06:22:55 F4872D16F08BDA4250E97A58F9DAD555 67072 ----a-w- C:\Windows\splwow64.exe
                2014-11-01 16:16:37 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\ativpsrm.bin
                ====== C:\Users\STANDA~1\AppData\Local\Temp ====
                ====== Java Cache =====
                2014-11-01 16:37:40 30810F09A3FCC03EC583120B033700BC 282329 ----a-w- C:\Users\standaard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-70cc0cb6
                2014-11-01 16:37:39 67911F367EC150BDC8F2CB46397F0925 845 ----a-w- C:\Users\standaard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\31b19ba-1c79e6e1
                2014-11-01 16:37:39 67911F367EC150BDC8F2CB46397F0925 845 ----a-w- C:\Users\standaard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-7aeb9e40
                2014-11-01 16:37:40 434F3DF69CA50F442A5D73A9BE7462E2 99 ----a-w- C:\Users\standaard\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap
                2014-11-01 15:39:05 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\standaard\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-200c765f
                ====== C:\Windows\SysWOW64 =====
                2014-11-19 07:08:48 98B3C919C6B9C5F810FF2CAFA339822B 186880 ----a-w- C:\Windows\SysWOW64\pku2u.dll
                2014-11-19 07:08:48 3373A35D31AF6BD85FD831AF99253828 690688 ----a-w- C:\Windows\SysWOW64\adtschema.dll
                2014-11-19 07:08:47 1DB51E3046B6BF2C6ED1A397B69C3B24 551424 ----a-w- C:\Windows\SysWOW64\kerberos.dll
                2014-11-19 07:08:46 514A8BFF14E4B7A800C64BD37D37635B 342528 ----a-w- C:\Windows\SysWOW64\certcli.dll
                ====== C:\Windows\SysWOW64\drivers =====
                ====== C:\Windows\Sysnative =====
                2014-11-19 07:08:48 337163460C4B8883A2915B0F27997044 690688 ----a-w- C:\Windows\Sysnative\adtschema.dll
                2014-11-19 07:08:48 1306E6A1BF4D506CD687DF9F947270F2 241152 ----a-w- C:\Windows\Sysnative\pku2u.dll
                2014-11-19 07:08:48 1001191BBDD2FBBA04016FEE8B82B0E2 729600 ----a-w- C:\Windows\Sysnative\kerberos.dll
                2014-11-19 07:08:46 C5745DA64B738C5B57095998A5EA9AAD 463872 ----a-w- C:\Windows\Sysnative\certcli.dll
                ====== C:\Windows\Sysnative\drivers =====
                2014-11-28 17:23:12 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
                2014-11-28 17:22:43 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
                2014-11-28 17:22:43 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys
                2014-11-28 17:22:43 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
                2014-11-12 06:44:57 F2908E8C29163DD5E7A02556012792C5 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
                2014-11-03 19:00:04 E36BD2E405B82C8CCD1CA7E857154A04 11164 ----a-w- C:\Windows\Sysnative\drivers\nvphy.bin
                2014-11-02 19:31:22 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys
                2014-11-02 19:31:22 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys
                2014-11-02 19:31:20 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
                2014-11-02 19:21:23 6BD9295CC032DD3077C671FCCF579A7B 23408 ----a-w- C:\Windows\Sysnative\drivers\fs_rec.sys
                2014-11-02 07:48:47 4F80944B03112F486212DC20BE166079 1897408 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
                2014-11-02 07:48:46 D906F40ABFE0932427B5C75833305BF3 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
                2014-11-02 07:48:46 316F3D330F0BB9BC8289F16C7868CA25 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
                2014-11-02 07:48:26 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys
                2014-11-02 07:48:26 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys
                2014-11-02 07:48:20 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys
                2014-11-02 07:48:04 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
                2014-11-02 07:48:04 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
                2014-11-02 07:48:04 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
                2014-11-02 07:48:04 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
                2014-11-02 07:48:04 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys
                2014-11-02 07:48:04 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
                2014-11-02 07:48:04 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
                2014-11-02 07:48:02 FDD71F94CD5580E4C1D16F96EF6C2856 41472 ----a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys
                2014-11-02 07:48:02 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys
                2014-11-02 07:47:55 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys
                2014-11-02 07:47:52 BDF76C3CE993FFB6214287272708364F 496640 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
                2014-11-02 07:47:51 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
                2014-11-02 07:47:51 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys
                2014-11-02 07:47:51 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
                2014-11-02 07:47:50 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys
                2014-11-02 07:47:48 1B16D0BD9841794A6E0CDE0CEF744ABC 45568 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys
                2014-11-02 07:47:42 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys
                2014-11-02 07:47:42 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys
                2014-11-02 07:47:18 83A296715A67D696F101130AB44B92A7 141824 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
                2014-11-02 07:47:03 D6934D14EDAEC74F47C8C6A8026ADA01 61952 ----a-w- C:\Windows\Sysnative\drivers\appid.sys
                2014-11-02 07:46:30 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
                2014-11-02 07:46:30 1F04CFB79DD5FB7694468CE3FB3DCC31 265064 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys
                2014-11-02 07:45:45 E9766131EEADE40A27DC27D2D68FBA9C 75120 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys
                2014-11-02 07:44:59 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys
                2014-11-02 07:44:59 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys
                2014-11-02 07:44:59 22F46A5433A9D2260EBF0F96ADAA8828 275392 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys
                2014-11-02 07:43:56 6F426DCF2DDDCCF6BA4DFD34E9803E5B 212992 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys
                2014-11-02 07:43:56 2CE1083C5A2D9BA5FFAD087F997EE25C 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
                2014-11-02 07:43:27 8F6322049018354F45F05A2FD2D4E5E0 223752 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys
                2014-11-02 07:43:23 48B6047F82D5A8D0AEC71593F4ACD79B 1684416 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
                2014-11-02 07:43:06 29F5E6D593ED5CAC96B0889FD6CF555B 458704 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
                2014-11-02 07:43:05 A6C623B5EAF9C0D03EA9BB55215E3307 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
                2014-11-01 15:40:44 51C5ECEB1CDEE2468A1748BE550CFBC8 23552 ----a-w- C:\Windows\Sysnative\drivers\tdtcp.sys
                2014-11-01 15:21:50 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_09_00.Wdf
                ====== C:\Windows\Tasks ======
                2014-11-01 19:04:47 -------- d-----w- C:\Windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform
                2014-11-01 18:39:54 E48A67EA3C569D7141DD6F4FF6668D6C 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
                2014-11-01 18:39:54 275A93108206022993A10DBC232EB035 4052 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
                2014-11-01 18:39:53 F625F610F65E2331E83BA1D579713936 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
                2014-11-01 18:39:53 2DCAAD2C813728336DC3B29EB77E3AAF 3800 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
                ====== C:\Windows\Temp ======
                ======= C:\Program Files =====
                2014-11-05 21:32:19 -------- d-----w- C:\Program Files\Java
                2014-11-03 19:00:03 -------- d-----w- C:\Program Files\NVIDIA Corporation
                2014-11-03 18:57:56 -------- d-----w- C:\Program Files\Microsoft Silverlight
                2014-11-01 19:14:08 -------- d-----w- C:\Program Files\Common Files\DESIGNER
                2014-11-01 19:04:36 -------- d-----w- C:\Program Files\Microsoft Office
                2014-11-01 19:00:49 -------- d-----w- C:\Program Files\Microsoft Office 15
                ======= C:\PROGRA~2 =====
                2014-11-23 19:17:39 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe
                2014-11-23 19:17:39 -------- d-----w- C:\PROGRA~2\Adobe
                2014-11-18 22:56:00 -------- d-----w- C:\PROGRA~2\Lame For Audacity
                2014-11-05 21:32:56 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
                2014-11-05 19:51:20 -------- d-----w- C:\PROGRA~2\Microsoft Synchronization Services
                2014-11-05 19:51:20 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server Compact Edition
                2014-11-03 18:57:55 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight
                2014-11-01 18:39:36 -------- d-----w- C:\PROGRA~2\Google
                2014-11-01 17:33:45 -------- d-----w- C:\PROGRA~2\PCStreams
                2014-11-01 17:32:21 -------- d-----w- C:\PROGRA~2\K-Lite Codec Pack
                2014-11-01 17:31:42 -------- d-----w- C:\PROGRA~2\Popcorn Time
                2014-11-01 17:05:59 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype
                2014-11-01 17:05:58 -------- d-----r- C:\PROGRA~2\Skype
                2014-11-01 16:39:40 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service
                ======= C: =====
                ====== C:\Users\standaard\AppData\Roaming ======
                2014-11-24 21:51:28 -------- d-----w- C:\Users\standaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
                2014-11-24 21:50:24 -------- d-----w- C:\Users\standaard\AppData\Roaming\Dropbox
                2014-11-18 22:48:04 -------- d-----w- C:\Users\standaard\AppData\Roaming\Audacity
                2014-11-09 09:09:00 -------- d-----w- C:\Users\standaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÇáÞÇÚÏÉ ÇáäæÑÇäíÉ
                2014-11-06 17:27:23 -------- d-----w- C:\Users\standaard\AppData\Locallow\Adobe
                2014-11-05 21:32:53 -------- d-----w- C:\Users\standaard\AppData\Locallow\Oracle
                2014-11-05 21:21:25 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun
                2014-11-05 19:38:28 -------- d-----w- C:\Users\Public\AppData\Local\temp
                2014-11-05 19:38:28 -------- d-----w- C:\Users\Default\AppData\Local\temp
                2014-11-05 19:38:28 -------- d-----w- C:\Users\Default User\AppData\Local\temp
                2014-11-05 19:38:28 -------- d-----w- C:\Users\Administrator\AppData\Local\temp
                2014-11-01 18:45:02 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google
                2014-11-01 18:41:12 -------- d-----w- C:\Users\standaard\AppData\Local\Adobe
                2014-11-01 18:39:48 -------- d-----w- C:\Users\standaard\AppData\Local\Google
                2014-11-01 17:53:10 -------- d-----w- C:\Users\standaard\AppData\Local\PCStreams3
                2014-11-01 17:41:37 -------- d-----w- C:\Users\standaard\AppData\Roaming\.Torrent Stream
                2014-11-01 17:41:04 -------- d-----w- C:\Users\standaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent Stream
                2014-11-01 17:40:39 -------- d-----w- C:\Users\standaard\AppData\Roaming\TorrentStream
                2014-11-01 17:33:23 -------- d-----w- C:\Users\standaard\AppData\Roaming\Downloaded Installations
                2014-11-01 17:31:26 -------- d-----w- C:\Users\standaard\AppData\Local\Programs
                2014-11-01 17:31:02 -------- d-----w- C:\Users\standaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
                2014-11-01 17:30:45 -------- d-----w- C:\Users\standaard\AppData\Roaming\WinRAR
                2014-11-01 17:06:10 -------- d-----w- C:\Users\standaard\AppData\Local\Skype
                2014-11-01 17:06:08 -------- d-----w- C:\Users\standaard\AppData\Roaming\Skype
                2014-11-01 16:39:48 -------- d-----w- C:\Users\standaard\AppData\Roaming\Mozilla
                2014-11-01 16:39:48 -------- d-----w- C:\Users\standaard\AppData\Local\Mozilla
                2014-11-01 16:37:49 -------- d-----w- C:\Users\standaard\AppData\Roaming\Oracle
                2014-11-01 16:36:40 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Sun
                2014-11-01 16:36:30 -------- d-----w- C:\Users\standaard\AppData\Roaming\Adobe
                2014-11-01 15:38:50 -------- d-----w- C:\Users\standaard\AppData\Locallow\Sun
                2014-11-01 15:31:30 -------- d-s---w- C:\Users\standaard\AppData\Locallow\Microsoft
                2014-11-01 15:30:38 07A97DDFB14C645AEB04A273BF7A5805 113048 ----a-w- C:\Users\standaard\AppData\Local\GDIPFONTCACHEV1.DAT
                2014-11-01 15:30:31 -------- d-----r- C:\Users\standaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
                2014-11-01 15:30:31 -------- d-----r- C:\Users\standaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
                2014-11-01 15:30:20 -------- d-----w- C:\Users\standaard\AppData\Roaming\Identities
                2014-11-01 15:27:30 -------- d-s---w- C:\Users\standaard\AppData\Roaming\Microsoft
                2014-11-01 15:27:30 -------- d-----w- C:\Users\standaard\AppData\Roaming\Media Center Programs
                2014-11-01 15:27:30 -------- d-----w- C:\Users\standaard\AppData\Local\Temp
                2014-11-01 15:27:30 -------- d-----w- C:\Users\standaard\AppData\Local\Microsoft
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
                ====== C:\Users\standaard ======
                2014-11-28 21:15:13 038B75662205880BE56A8FFA9930F830 5162080 ----a-w- C:\Users\standaard\Desktop\ccsetup500.exe
                2014-11-28 21:01:32 9A8336796A7C71E9F33DE848B8320ED3 380416 ----a-w- C:\Users\standaard\Desktop\h7zgvfs0.exe
                2014-11-28 20:57:45 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\standaard\Desktop\dds.com
                2014-11-28 20:48:24 5A6F21141B846BD3CE1ED0BD0F19C3AF 2148864 ----a-w- C:\Users\standaard\Desktop\adwcleaner_4.102 (1).exe
                2014-11-28 17:15:19 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\standaard\Desktop\mbam-setup-2.0.3.1025.exe
                2014-11-28 17:12:42 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\standaard\Downloads\mbam-setup-2.0.3.1025.exe
                2014-11-25 22:51:34 -------- d-----w- C:\ProgramData\rocketsaler
                2014-11-24 21:54:12 -------- d-----r- C:\Users\standaard\Dropbox
                2014-11-05 19:38:28 -------- d-----w- C:\Users\Public\AppData
                2014-11-05 19:38:28 -------- d-----w- C:\Users\Administrator\AppData
                2014-11-03 18:59:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
                2014-11-03 14:12:11 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\standaard\defogger_reenable
                2014-11-01 19:04:38 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
                2014-11-01 19:02:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
                2014-11-01 18:40:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
                2014-11-01 17:53:10 -------- d-----w- C:\ProgramData\PCStreams
                2014-11-01 17:33:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCStreams
                2014-11-01 17:32:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
                2014-11-01 17:32:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
                2014-11-01 17:31:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
                2014-11-01 17:05:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
                2014-11-01 17:05:55 -------- d-----w- C:\ProgramData\Skype
                2014-11-01 16:39:41 -------- d-----w- C:\ProgramData\Mozilla
                2014-11-01 16:37:25 -------- d-----w- C:\ProgramData\Oracle
                2014-11-01 16:37:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
                2014-11-01 15:30:31 -------- d-----r- C:\Users\standaard\Searches
                2014-11-01 15:30:18 -------- d-----r- C:\Users\standaard\Contacts
                2014-11-01 15:27:54 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\standaard\ntuser.ini
                2014-11-01 15:27:30 -------- d--h--w- C:\Users\standaard\AppData
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\Videos
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\Saved Games
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\Pictures
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\Music
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\Links
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\Favorites
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\Downloads
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\Documents
                2014-11-01 15:27:30 -------- d-----r- C:\Users\standaard\Desktop

                ====== C: exe-files ==
                2014-11-28 21:15:13 038B75662205880BE56A8FFA9930F830 5162080 ----a-w- C:\Users\standaard\Desktop\ccsetup500.exe
                2014-11-28 21:01:32 9A8336796A7C71E9F33DE848B8320ED3 380416 ----a-w- C:\Users\standaard\Desktop\h7zgvfs0.exe
                2014-11-28 20:48:24 5A6F21141B846BD3CE1ED0BD0F19C3AF 2148864 ----a-w- C:\Users\standaard\Desktop\adwcleaner_4.102 (1).exe
                2014-11-28 17:15:19 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\standaard\Desktop\mbam-setup-2.0.3.1025.exe
                2014-11-28 17:12:42 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\standaard\Downloads\mbam-setup-2.0.3.1025.exe
                2014-11-25 22:51:34 79F9311AC6A5009FEF1A5756A0A529D3 381799 ----a-w- C:\ProgramData\rocketsaler\rocketsaler.exe
                2014-11-24 21:51:25 AB0C872B1FFE283D20C91C8E575E2F67 35419192 ----a-w- C:\Users\standaard\AppData\Roaming\Dropbox\bin\Dropbox.exe
                2014-11-24 21:51:25 3DE922CE5A2D820DDA0585EA07E9BAC0 225232 ----a-w- C:\Users\standaard\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
                === C: other files ==
                2014-11-28 20:57:45 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\standaard\Desktop\dds.com
                2014-11-28 17:23:12 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
                2014-11-28 17:22:43 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
                2014-11-28 17:22:43 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
                2014-11-28 17:22:43 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
                2014-11-24 21:51:25 B3B7E9E398D909FA919BE73884662D86 1129317 ----a-w- C:\Users\standaard\AppData\Roaming\Dropbox\bin\xui_resources.zip

                ==== Startup Registry Enabled ======================

                [HKEY_USERS\S-1-5-21-2755389905-846533760-1136847600-1000\Software\Microsoft\Windows\CurrentVersion\Run]
                "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

                [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
                "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

                [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
                "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

                ==== Startup Registry Enabled x64 ======================

                [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

                ==== Task Scheduler Jobs ======================

                C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01-11-2014 19:39]
                C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01-11-2014 19:39]

                ==== Other Scheduled Tasks ======================

                "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
                "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
                "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
                "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

                ==== Firefox Extensions ======================

                ProfilePath: C:\Users\STANDA~1\AppData\Roaming\Mozilla\Firefox\Profiles\4notqi66.default-1415222583719
                - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

                ProfilePath: C:\Users\STANDA~1\AppData\Roaming\Mozilla\Firefox\Profiles\tp17opdu.default
                - Undetermined - %ProfilePath%\extensions\[email protected]

                AppDir: C:\Program Files (x86)\Mozilla Firefox
                - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

                ==== Firefox Plugins ======================

                Profilepath: C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\4notqi66.default-1415222583719
                D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013
                18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL - Microsoft Office 2013
                63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash
                DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director
                124FD703EDD027A0506B53FD9D66F511 - C:\Users\standaard\AppData\Roaming\TorrentStream\player\npts_plugin.dll - Torrent Stream P2P Multimedia Plug-in 2


                ==== Chromium Look ======================

                Google Docs - standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
                Google Drive - standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
                YouTube - standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
                Google Search - standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
                Google Wallet - standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
                Gmail - standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

                ==== Set IE to Default ======================

                Old Values:
                [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
                "Start Page"="http://www.google.nl"
                [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
                No DefaultScope Set For HKCU

                New Values:
                [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
                "Start Page"="http://www.google.nl"
                [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
                "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

                ==== All HKCU SearchScopes ======================

                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
                {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
                {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
                {7113DC5C-E4AD-44E7-92C1-29E755753943} Google Url="https://www.google.com/search?q={searchTerms}"

                ==== Reset Google Chrome ======================

                C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
                C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

                ==== Deleting Registry Keys ======================

                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C9705F9F-4CE1-3345-77B9-7D077B03099D} deleted successfully

                ==== Empty IE Cache ======================

                C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
                C:\Users\standaard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
                C:\Users\standaard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
                C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
                C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
                C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
                C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

                ==== Empty FireFox Cache ======================

                No FireFox Cache found

                ==== Empty Chrome Cache ======================

                C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

                ==== Empty All Flash Cache ======================

                Flash Cache Emptied Successfully

                ==== Empty All Java Cache ======================

                Java Cache cleared successfully

                ==== C:\zoek_backup content ======================

                C:\zoek_backup (files=111 folders=20 21380878 bytes)

                ==== Empty Temp Folders ======================

                C:\Users\Administrator\AppData\Local\temp emptied successfully
                C:\Users\Default\AppData\Local\temp emptied successfully
                C:\Users\Default User\AppData\Local\temp emptied successfully
                C:\Users\Public\AppData\Local\temp emptied successfully
                C:\Users\standaard\AppData\Local\Temp will be emptied at reboot
                C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
                C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
                C:\Windows\Temp will be emptied at reboot

                ==== After Reboot ======================

                ==== Empty Temp Folders ======================

                C:\Windows\Temp successfully emptied
                C:\Users\STANDA~1\AppData\Local\Temp successfully emptied

                ==== Empty Recycle Bin ======================

                C:\$RECYCLE.BIN successfully emptied

                ==== EOF on vr 28-11-2014 at 22:58:19,06 ======================

                Comment


                • #9
                  Zijn er meer dan 1 gebruiker op deze pc?
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    Er is maar 1 account als dat is wat je bedoeld. Verder maakt heel het gezin gebruik van dezelfde PC.

                    Comment


                    • #11
                      Met ieder zijn eigen profile in Firefox?
                      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                      Comment


                      • #12
                        Nee we hebben 1 profiel. Er is wel een ander profiel ergens op de pc maar dat heeft te maken met het opnieuw installeren van W7

                        Comment


                        • #13
                          Dit dus:

                          ProfilePath: C:\Users\STANDA~1\AppData\Roaming\Mozilla\Firefox\Profiles\tp17opdu.default
                          - Undetermined - %ProfilePath%\extensions\[email protected]

                          ?
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            Dit zegt me even niks. Ik heb ook de laatste tijd niets met het profiel gedaan. Het was destijds alleen om mijn bladwijzers mee te nemen.

                            Comment


                            • #15
                              OK, dan mag je dat profile verwijderen.
                              Dus : ga naar uitvoeren
                              Kopieer dit: C:\Users\STANDA~1\AppData\Roaming\Mozilla\Firefox\Profiles\tp17opdu.default
                              en plak het in uitvoeren + Ok
                              Verwijder tp17opdu.default


                              Herinitializeer je Firefox volgens deze instructies.


                              Download of Update Ccleaner

                              Start CCleaner op.
                              • Run Ccleaner en klik in de linkse kolom op Opties
                              • Selecteer het tabblad Geavanceerd
                              • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                              • Selecteer het tabblad Instellingen
                              • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                              • Klik in de linkse kolom op Cleaner.
                              • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                              • Klik vervolgens in de linkse kolom op Register
                              • Klik op Scan naar problemen.
                              • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                              • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                              .

                              Hoe is het nu?
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X