Mededeling

Collapse
No announcement yet.

Programma's 'freeze' regelmatig.

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Programma's 'freeze' regelmatig.

    Mijn laptop heeft problemen met gewijzigde homepage, langzaam pstarten en uitvoeren van programma's and regelmatig 'freezing' programma's. De gewijzigde homepage lijkt te zijn verbeterd nadat ik de gewenste software had geinstalleerd (zie onderstaande logs), maar de laptop is nog steeds traag.

    Dit zijn achtereenvolgens de logs van Defogger, MBAM, AdwClean, DDS en GME:
    defogger_disable by jpshortstuff (23.02.10.1)
    Log created at 17:07 on 31/01/2015 (Kellie)

    Checking for autostart values...
    HKCU\~\Run values retrieved.
    HKLM\~\Run values retrieved.

    Checking for services/drivers...


    -=E.O.F=-

    Malwarebytes Anti-Malware
    www.malwarebytes.org


    Update, 1/31/2015 5:10:36 PM, SYSTEM, JULIE, Manual, Rootkit Database, 2014.11.18.1, 2015.1.14.1,
    Update, 1/31/2015 5:10:39 PM, SYSTEM, JULIE, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
    Update, 1/31/2015 5:10:41 PM, SYSTEM, JULIE, Manual, Malware Database, 2014.11.20.6, 2015.1.31.6,

    (end)

    # AdwCleaner v4.109 - Report created 01/02/2015 at 00:05:29
    # Updated 24/01/2015 by Xplode
    # Database : 2015-01-26.1 [Live]
    # Operating System : Windows 7 Professional (32 bits)
    # Username : Kellie - JULIE
    # Running from : C:\Users\Kellie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BAH0P02F\adwcleaner_4.109.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\SearchProtect
    Folder Deleted : C:\ProgramData\Babylon
    Folder Deleted : C:\ProgramData\BitGuard
    Folder Deleted : C:\ProgramData\Tarma Installer
    Folder Deleted : C:\Program Files\Common Files\337
    Folder Deleted : C:\Users\Kellie\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Kellie\AppData\Roaming\Iminent
    File Deleted : C:\Users\Kellie\AppData\LocalLow\SkwConfig.bin

    ***** [ Scheduled Tasks ] *****

    Task Deleted : BackgroundContainer Startup Task
    Task Deleted : Desk 365 RunAsStdUser

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\5855d6ddb339ed41
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3287810
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3287822
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3721E85-F0AC-4B7E-AE4C-3E738011DC9D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322392206}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355395506}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366396606}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344394406}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3721E85-F0AC-4B7E-AE4C-3E738011DC9D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3721E85-F0AC-4B7E-AE4C-3E738011DC9D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C3721E85-F0AC-4B7E-AE4C-3E738011DC9D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C3721E85-F0AC-4B7E-AE4C-3E738011DC9D}]
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DE0EDFB3-6597-42DC-875D-DB452B0B17B0}
    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\ImInstaller
    Key Deleted : HKCU\Software\powerpack
    Key Deleted : HKCU\Software\SearchProtect
    Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
    Key Deleted : HKCU\Software\AppDataLow\Software\lyrixeeker
    Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Deleted : HKLM\SOFTWARE\Conduit
    Key Deleted : HKLM\SOFTWARE\Delta
    Key Deleted : HKLM\SOFTWARE\Desksvc
    Key Deleted : HKLM\SOFTWARE\hdcode
    Key Deleted : HKLM\SOFTWARE\Tarma Installer
    Key Deleted : HKLM\SOFTWARE\V9
    Key Deleted : HKLM\SOFTWARE\VBMZ
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E7F552EF334C802D75A55F0F6344722
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
    Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\5EC33E4FBA7A86F47A7E0FAA48FED2E9
    Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9 D0

    ***** [ Browsers ] *****

    -\\ Internet Explorer v9.0.8112.16476


    -\\ Google Chrome v


    *************************

    AdwCleaner[R0].txt - [11694 octets] - [31/01/2015 23:35:04]
    AdwCleaner[R1].txt - [11823 octets] - [01/02/2015 00:03:29]
    AdwCleaner[S0].txt - [11995 octets] - [01/02/2015 00:05:29]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12056 octets] ##########


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    .
    ==== Disk Partitions =========================
    .
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    Adobe AIR
    Adobe Flash Player 16 ActiveX
    Adobe Reader XI (11.0.09)
    AVG 2015
    CCleaner
    Integrated Webcam Driver (1.02.02.0106)
    InterVideo DeviceService
    Java Auto Updater
    Java(TM) 6 Update 26
    Keyboard Lock Status
    Malwarebytes Anti-Malware version 2.0.4.1028
    Microsoft .NET Framework 4.5
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
    Microsoft WSE 3.0 Runtime
    Mobile Broadband Generic Drivers
    NetWaiting
    NVIDIA Drivers
    QuickSet32
    QuickTime
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    RealUpgrade 1.1
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition
    SUPERAntiSpyware
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition
    Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    USB2.0 ATV
    Verizon Wireless USB760 Firmware Updates
    Visual Studio 2012 x86 Redistributables
    VZAccess Manager
    Windows Movie Maker 6.1
    Zune Language Pack (PTG)
    .
    ==== End Of File ===========================


    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16476
    Run by Kellie at 0:09:47 on 2015-02-01
    .
    ============== Running Processes ================
    .
    c:\PROGRA~1\AVG\AVG2015\avgrsx.exe
    C:\Program Files\AVG\AVG2015\avgcsrvx.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\AVG\AVG2015\avgidsagent.exe
    C:\Program Files\AVG\AVG2015\avgwdsvc.exe
    C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
    C:\Program Files\AVG\AVG2015\avgnsx.exe
    C:\Program Files\AVG\AVG2015\avgemcx.exe
    C:\Windows\System32\alg.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Windows\LockStatusTray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVG\AVG2015\avgui.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\ctfmon.exe
    C:\Program Files\CCleaner\CCleaner.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_296_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k secsvcs
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    mStart Page = www.google.com
    mDefault_Page_URL = www.google.com
    uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
    mURLSearchHooks: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - <orphaned>
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - <orphaned>
    uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
    mRun: [LockStatusTray] c:\windows\LockStatusTray.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
    DPF: {6EEFD7B1-B26C-440D-B55A-1EC677189F30} - hxxps://65.115.233.180/NELX.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vpn.arcelormittaltubular.com/dana-cached/sc/JuniperSetupClient.cab
    DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{3CF0A289-2D08-448C-AFD6-5D61DB084612} : DHCPNameServer = 192.168.1.1
    SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    .
    =============== Created Last 30 ================
    .
    2015-02-01 04:33:54 -------- d-----w- C:\AdwCleaner
    2015-01-31 22:10:42 114904 ----a-w- c:\windows\system32\drivers\4B830468.sys
    2015-01-31 22:10:35 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2015-01-31 22:10:09 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2015-01-31 22:10:09 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
    2015-01-31 22:10:09 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
    2015-01-31 22:10:09 -------- d-----w- c:\programdata\Malwarebytes
    2015-01-31 22:10:09 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
    2015-01-31 19:14:28 -------- d-----w- c:\users\kellie\appdata\roaming\SUPERAntiSpyware.com
    2015-01-31 19:13:55 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2015-01-31 19:13:55 -------- d-----w- c:\program files\SUPERAntiSpyware
    2015-01-31 18:51:35 -------- d-s---w- c:\windows\system32\CompatTel
    2015-01-31 18:51:35 -------- d-----w- c:\windows\system32\appraiser
    2015-01-31 18:44:13 -------- d-----w- c:\windows\system32\MRT
    2015-01-31 18:43:49 6792528 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
    2015-01-31 18:43:27 9054624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{12eb263b-9c62-40dc-9d59-820686cc6a6a}\mpengine.dll
    2015-01-31 18:43:18 9054624 ------w- c:\programdata\microsoft\windows defender\definition updates\updates\mpengine.dll
    2015-01-31 18:09:55 873984 ----a-w- c:\windows\system32\aeinv.dll
    2015-01-31 18:09:55 728576 ----a-w- c:\windows\system32\appraiser.dll
    2015-01-31 18:09:55 610304 ----a-w- c:\windows\system32\invagent.dll
    2015-01-31 18:09:55 337920 ----a-w- c:\windows\system32\generaltel.dll
    2015-01-31 18:09:55 315392 ----a-w- c:\windows\system32\devinv.dll
    2015-01-31 18:09:55 159744 ----a-w- c:\windows\system32\aepic.dll
    2015-01-31 18:09:55 1160872 ----a-w- c:\windows\system32\aitstatic.exe
    2015-01-31 18:09:54 202752 ----a-w- c:\windows\system32\aepdu.dll
    2015-01-31 18:09:35 2377216 ----a-w- c:\windows\system32\win32k.sys
    2015-01-31 17:07:16 -------- d-----w- c:\program files\CCleaner
    2015-01-31 16:25:38 -------- d-----w- c:\users\kellie\appdata\roaming\AVG2015
    2015-01-31 16:24:42 -------- d-----w- c:\users\kellie\appdata\roaming\TuneUp Software
    2015-01-31 16:24:08 -------- d--h--w- C:\$AVG
    2015-01-31 16:24:08 -------- d-----w- c:\programdata\AVG2015
    2015-01-31 16:23:03 -------- d-----w- c:\program files\AVG
    2015-01-31 16:20:47 -------- d--h--w- c:\programdata\Common Files
    2015-01-31 16:20:46 -------- d-----w- c:\users\kellie\appdata\local\MFAData
    2015-01-31 16:20:46 -------- d-----w- c:\users\kellie\appdata\local\Avg2015
    2015-01-31 16:20:46 -------- d-----w- c:\programdata\MFAData
    .
    ==================== Find3M ====================
    .
    2015-01-31 16:45:30 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2015-01-31 16:45:30 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2014-12-23 05:50:16 249488 ------w- c:\windows\system32\MpSigStub.exe
    2014-12-09 02:25:06 208152 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
    2014-11-19 02:41:58 154904 ----a-w- c:\windows\system32\drivers\avgidshx.sys
    2014-11-18 19:56:48 1202848 ----a-w- c:\windows\system32\FM20.DLL
    2014-11-06 02:30:07 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
    .
    ============= FINISH: 0:12:00.14 ===============


    GMER 2.1.19357 - http://www.gmer.net
    Rootkit quick scan 2015-02-01 00:25:28
    Windows 6.1.7600 \Device\Harddisk0\DR0 -> \Device\0000006e WDC_WD25 rev.11.0 232.89GB
    Running: 4qzb195d.exe; Driver: C:\Users\Kellie\AppData\Local\Temp\uxldypod.sys


    ---- Devices - GMER 2.1 ----

    AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
    AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys
    AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys
    AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys
    AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys

    ---- EOF - GMER 2.1 ----


    Alvast mijn hartelijke dank!
    Jan

  • #2
    Hoi Jan VS

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub . ( INFO )
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Heb je deze richtlijnen gelezen en begrepen, mag je verder gaan.....



    Stap 1:

    Malware scannen en verwijderen....

    Installeer MBAM 2.0 (info & download link)

    Start MBAM.
    Klik bovenin het scherm van Malwarebytes Anti-Malware op Scan.
    Kies in het scherm voor de Aangepaste scan en vink de partities aan die van toepassing zijn (c:\ d\ enz..)
    Klik vervolgens op de knop Scan nu.

    Voor het scannen wordt er altijd eerst automatisch gecontroleerd of er updates van de virusdefinities beschikbaar zijn, indien er een update beschikbaar is, moet je deze eerst laten installeren.

    Wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijg je hier een overzicht van.
    Selecteer om allen in quarantaine te plaatsen.
    Bij de melding dat uw computer opnieuw opgestart moet worden klik je op Ja.

    Na herstart van de PC, indien Malwarebytes heeft gevraagd om de PC opnieuw op te starten, open Malwarebytes opnieuw.
    Klik de Historie knop bovenaan in het menu.
    Klik vervolgens op de optie programmalogboeken en selecteer het Scanlogboek wat u wilt exporteren. Dit is de laatste scan die je hebt gedaan (kan je zien aan de datum en tijd).
    Selecteer deze om te bekijken.
    In een nieuw venster dat zal openen zal je de resultaten van je scan zien.

    Onderaan, selecteer ofwel om te exporteren als tekstbestand en geef het tekstbestand een naam, bijvoorbeeld mbamlog.
    Ofwel kan je selecteren om te kopieren naar het klembord, zodat de inhoud van de log naar je klembord wordt gekopieerd en je die zo in je volgende post kan plakken.


    Stap 2:
    Download of Update Ccleaner

    Start CCleaner op.
    • Run Ccleaner en klik in de linkse kolom op Opties
    • Selecteer het tabblad Geavanceerd
    • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
    • Selecteer het tabblad Instellingen
    • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
    • Klik in de linkse kolom op Cleaner.
    • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
    • Klik vervolgens in de linkse kolom op Register
    • Klik op Scan naar problemen.
    • Op de vraag of je een backup wil maken van het register, klik je "Ja".
    • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

    .


    Extra nota... Zorg ervoor dat je Security software uitgeschakeld is tijdens het installeren en gebruik van E-Peek.
    Dit omdat deze scanners bepaalde componenten die E-Peek gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

    Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

    Download setupE-Peek.exe naar je bureaublad.
    Dubbelklik erop en volg de instructies.
    Op het einde van de installatie, zal E-Peek opstarten.
    Klik op "Scan".
    Post de log.


    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM scanlog
    • E-Peek log

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Frustaties ten top…

      Op jullie verzoek heb ik MalwareBytes opnieuw laten scannen…maar er werden dit keer geen items gevonden. Dus er was ook geen button voor Export. Waarschijnlijk zijn alle items in mijn scan van gisteren al gevonden? Ik verbaasde me erover gisteren hoe kort de scanlog was van MBAM maar ik heb echt alle stappen opgevolgd.
      Ik probeerde e-peek te installeren…maar helaas zonder success. Ik kan de wizard voor installatie doorlopen maar als ik bij het laatste scherm ben aanbeland, dan geeft het aan ‘Finish installation’. En daarna gebeurt er niets. Het programma start niet op. Ik kan e-peek ook niet als programma op mijn laptop vinden.

      Wat doe ik verkeerd?
      Bedankt!

      Comment


      • #4
        Ik denk dat je eens de tijd moet nemen om de handleidingen door te lezen.
        Je zal MBAM niet goed ingesteld hebben om de SCAN log te bekomen. Alles staat duidelijk uitgelegd.

        Tevens zet je best je beveiligingssoftware tijdelijk uit.
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Ik heb de tijd genomen om de handleidingen door te nemen en ik heb de stappen uitgevoerd zoals ze aangegeven waren. Wat heb ik fout gedaan? En wat is de volgende stap?

          Comment


          • #6
            Zie mijn vorige posting.

            Oorspronkelijk geplaatst door Emphyrio Bekijk Berichten
            Ik denk dat je eens de tijd moet nemen om de handleidingen door te lezen.
            Je zal MBAM niet goed ingesteld hebben om de SCAN log te bekomen. Alles staat duidelijk uitgelegd.


            Tevens zet je best je beveiligingssoftware tijdelijk uit.
            Er is zelfs een clip voorzien om het jullie gemakkelijker te maken.
            Heb je die bekeken?
            Duidelijker kunnen we niet zijn.

            Als je MBAM niet correct instelt, is er geen scanlog.
            Kijk naar de handleiding en verwijzingslinks van MBAM procedure aub.

            Wat E-Peek betreft: Zoals vermeldt: Zet je beveiligingssoftware tijdelijk uit.
            Alles staat duidelijk uitgelegd. Het heeft geen zin dat ik alles twee tot driemaal moet herhalen, toch ?
            Last edited by Emphyrio; 02-02-15, 03:42.
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              OK, I’m an idiot. Geloof me, ik heb alles nogmaals nagelezen en uitgevoerd maar ik krijg e-peek niet aan de gang. Ik heb Windows Defender, Windows Firewall, AVG, Malwarebytes uitgeschakeld maar het lukt nog steeds niet . Help!!
              Hieronder volgt de scanlog van MBAM:
              Malwarebytes Anti-Malware
              www.malwarebytes.org

              Scan Date: 2/2/2015
              Scan Time: 6:25:06 PM
              Logfile: mbamlog 0202.txt
              Administrator: Yes

              Version: 2.00.4.1028
              Malware Database: v2015.02.02.05
              Rootkit Database: v2015.01.14.01
              License: Free
              Malware Protection: Disabled
              Malicious Website Protection: Disabled
              Self-protection: Disabled

              OS: Windows 7
              CPU: x86
              File System: NTFS
              User: Kellie

              Scan Type: Custom Scan
              Result: Completed
              Objects Scanned: 484234
              Time Elapsed: 56 min, 58 sec

              Memory: Enabled
              Startup: Enabled
              Filesystem: Enabled
              Archives: Enabled
              Rootkits: Disabled
              Heuristics: Enabled
              PUP: Enabled
              PUM: Enabled

              Processes: 0
              (No malicious items detected)

              Modules: 0
              (No malicious items detected)

              Registry Keys: 0
              (No malicious items detected)

              Registry Values: 0
              (No malicious items detected)

              Registry Data: 0
              (No malicious items detected)

              Folders: 0
              (No malicious items detected)

              Files: 0
              (No malicious items detected)

              Physical Sectors: 0
              (No malicious items detected)


              (end)

              Comment


              • #8
                Download AppCheck.zip naar je bureaublad en pak het uit.
                Rechtsklik op AppCheck.exe (in de AppCheck map) en post deze log.
                Bijgevoegde Bestanden
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  Rechtsklik op AppCheck.exe en kies Open, neem ik aan? Het lukt niet. Ook dit programma start niet op. Heb nogmaals gecontroleerd of AVG, MalwareBytes, Windows Firewall en Windows Defender uitgeschakeld zijn. Maar het haalt niks uit. Het programma opent niet.


                  QUOTE=Emphyrio;705321]Download AppCheck.zip naar je bureaublad en pak het uit.
                  Rechtsklik op AppCheck.exe (in de AppCheck map) en post deze log.[/QUOTE]

                  Comment


                  • #10
                    Rechtsklikken en "als administrator uitvoeren" kiezen.
                    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                    Comment


                    • #11
                      Ik kan het programma ook niet openen via "als administrator uitvoeren".

                      Oorspronkelijk geplaatst door Emphyrio Bekijk Berichten
                      Rechtsklikken en "als administrator uitvoeren" kiezen.

                      Comment


                      • #12
                        Download Combofix naar je bureaublad.
                        (Dus niet naar een download map of temp map)

                        Extra nota... Zorg ervoor dat je Security software uitgeschakeld is tijdens het gebruik van Combofix.
                        Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

                        Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

                        Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                        Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                        Als Combofix vraagt om een update, dan staat je dit toe.

                        Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                        Deze kan je vinden als C:\combofix.txt.

                        Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                        * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                        • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                        • Illegal operation attempted on a registry key that has been marked for deletion.
                        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                        Comment


                        • #13
                          ComboFix + DDS logs

                          ComboFix:
                          ComboFix 15-02-02.01 - Kellie 02/04/2015 17:07:14.1.2 - x86
                          Running from: c:\users\Kellie\Desktop\ComboFix.exe
                          * Created a new restore point
                          .
                          .
                          ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          .
                          c:\users\Kellie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
                          c:\windows\UA000079.DLL
                          .
                          .
                          ((((((((((((((((((((((((( Files Created from 2015-01-04 to 2015-02-04 )))))))))))))))))))))))))))))))
                          .
                          .
                          2015-02-04 22:21 . 2015-02-04 22:22 -------- d-----w- c:\users\Kellie\AppData\Local\temp
                          2015-02-04 22:21 . 2015-02-04 22:21 -------- d-----w- c:\users\Default\AppData\Local\temp
                          2015-02-04 01:41 . 2014-12-15 09:13 9054624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3770940C-ABDA-4489-85EC-ABB8CD98E2B8}\mpengine.dll
                          2015-02-04 01:25 . 2015-02-04 01:26 -------- d-----w- c:\users\Guest
                          2015-02-03 11:15 . 2015-02-03 11:15 -------- d-----w- c:\users\Kellie\AppData\Local\Taplika
                          2015-02-03 11:15 . 2015-02-03 11:22 -------- d-----w- c:\users\Kellie\AppData\Local\WinZip
                          2015-02-03 11:15 . 2015-02-03 11:22 -------- d-----w- c:\programdata\WinZip
                          2015-02-03 11:15 . 2015-02-03 11:15 -------- d-----w- c:\users\Kellie\AppData\Roaming\WSE_Taplika
                          2015-02-03 11:14 . 2015-02-03 11:14 -------- d-----w- c:\programdata\{C7032FC0-9781-FE46-2607-8EC4F6855D4A}
                          2015-02-03 11:14 . 2015-02-03 11:14 -------- d-----w- c:\program files\WSE_Taplika
                          2015-02-03 11:14 . 2015-02-03 11:14 -------- d-----w- c:\program files\File Association Helper
                          2015-02-03 01:48 . 2015-02-03 11:35 -------- d-----w- c:\program files\E Dev
                          2015-02-02 03:58 . 2015-02-04 22:01 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                          2015-02-02 03:57 . 2015-02-02 03:57 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
                          2015-02-02 03:57 . 2014-11-21 11:14 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
                          2015-02-02 03:57 . 2014-11-21 11:14 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
                          2015-02-02 03:57 . 2014-11-21 11:14 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
                          2015-02-01 16:30 . 2015-02-03 01:48 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
                          2015-02-01 16:30 . 2015-02-01 16:30 -------- d-----w- c:\users\Kellie\AppData\Roaming\E Dev
                          2015-02-01 04:33 . 2015-02-01 05:05 -------- d-----w- C:\AdwCleaner
                          2015-01-31 22:10 . 2015-01-31 22:10 114904 ----a-w- c:\windows\system32\drivers\4B830468.sys
                          2015-01-31 22:10 . 2015-01-31 22:10 -------- d-----w- c:\programdata\Malwarebytes
                          2015-01-31 19:14 . 2015-01-31 19:14 -------- d-----w- c:\users\Kellie\AppData\Roaming\SUPERAntiSpyware.com
                          2015-01-31 19:13 . 2015-02-04 02:54 -------- d-----w- c:\program files\SUPERAntiSpyware
                          2015-01-31 19:13 . 2015-01-31 19:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
                          2015-01-31 18:51 . 2015-01-31 18:51 -------- d-s---w- c:\windows\system32\CompatTel
                          2015-01-31 18:51 . 2015-01-31 18:51 -------- d-----w- c:\windows\system32\appraiser
                          2015-01-31 18:44 . 2015-01-31 18:48 -------- d-----w- c:\windows\system32\MRT
                          2015-01-31 18:09 . 2014-12-04 02:20 337920 ----a-w- c:\windows\system32\generaltel.dll
                          2015-01-31 18:09 . 2014-12-04 02:20 610304 ----a-w- c:\windows\system32\invagent.dll
                          2015-01-31 18:09 . 2014-12-04 02:20 315392 ----a-w- c:\windows\system32\devinv.dll
                          2015-01-31 18:09 . 2014-12-04 02:20 159744 ----a-w- c:\windows\system32\aepic.dll
                          2015-01-31 18:09 . 2014-12-04 02:17 873984 ----a-w- c:\windows\system32\aeinv.dll
                          2015-01-31 18:09 . 2014-12-01 23:27 1160872 ----a-w- c:\windows\system32\aitstatic.exe
                          2015-01-31 18:09 . 2014-12-04 02:20 202752 ----a-w- c:\windows\system32\aepdu.dll
                          2015-01-31 18:09 . 2014-09-15 00:42 2377216 ----a-w- c:\windows\system32\win32k.sys
                          2015-01-31 17:07 . 2015-01-31 17:07 -------- d-----w- c:\program files\CCleaner
                          2015-01-31 16:25 . 2015-01-31 16:25 -------- d-----w- c:\users\Kellie\AppData\Roaming\AVG2015
                          2015-01-31 16:24 . 2015-01-31 16:24 -------- d-----w- c:\users\Kellie\AppData\Roaming\TuneUp Software
                          2015-01-31 16:24 . 2015-02-03 11:23 -------- d-----w- c:\programdata\AVG2015
                          2015-01-31 16:24 . 2015-01-31 16:24 -------- d-----w- C:\$AVG
                          2015-01-31 16:23 . 2015-01-31 16:23 -------- d-----w- c:\program files\AVG
                          2015-01-31 16:20 . 2015-01-31 16:20 -------- d--h--w- c:\programdata\Common Files
                          2015-01-31 16:20 . 2015-02-04 21:54 -------- d-----w- c:\programdata\MFAData
                          2015-01-31 16:20 . 2015-01-31 16:29 -------- d-----w- c:\users\Kellie\AppData\Local\Avg2015
                          2015-01-31 16:20 . 2015-01-31 16:20 -------- d-----w- c:\users\Kellie\AppData\Local\MFAData
                          .
                          .
                          .
                          (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          2015-01-31 16:45 . 2012-09-16 21:17 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
                          2015-01-31 16:45 . 2011-06-15 01:28 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
                          2014-12-23 05:50 . 2011-04-14 13:21 249488 ------w- c:\windows\system32\MpSigStub.exe
                          2014-12-09 02:25 . 2014-12-09 02:25 208152 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
                          2014-11-19 02:41 . 2014-11-19 02:41 154904 ----a-w- c:\windows\system32\drivers\avgidshx.sys
                          2014-11-18 19:56 . 2014-11-18 19:56 1202848 ----a-w- c:\windows\system32\FM20.DLL
                          .
                          .
                          ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
                          .
                          .
                          *Note* empty entries & legit default entries are not shown
                          REGEDIT4
                          .
                          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                          "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-01-20 5496600]
                          "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2015-01-22 6699800]
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                          "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
                          "TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2011-05-23 273544]
                          "LockStatusTray"="c:\windows\LockStatusTray.exe" [2008-02-19 192512]
                          "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
                          "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-11 13789728]
                          "AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2015-01-07 3674576]
                          "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-09-12 959176]
                          "FAHConsole"="c:\program files\File Association Helper\FAHConsole.exe" [2014-01-28 616632]
                          .
                          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
                          "WSE_Taplika"="c:\windows\system32\wscript.exe" [2009-07-14 141824]
                          .
                          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                          "ConsentPromptBehaviorAdmin"= 5 (0x5)
                          "ConsentPromptBehaviorUser"= 3 (0x3)
                          "EnableUIADesktopToggle"= 0 (0x0)
                          .
                          [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
                          @=""
                          .
                          R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-11-26 64624]
                          R3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\DRIVERS\NwUsbCdFil.sys [2009-12-18 20480]
                          R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\DRIVERS\nwusbser2.sys [2009-12-18 174720]
                          R3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS [2009-05-25 32408]
                          R3 SSLDrv;SSL-VPN NetExtender Adapter;c:\windows\system32\DRIVERS\SSLDrv.sys [2009-02-23 20504]
                          R3 StkTMini;Syntek AVStream USB2.0 ATV;c:\windows\system32\Drivers\StkTMini.sys [2007-11-16 468096]
                          R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-18 1343400]
                          S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2014-11-19 154904]
                          S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2014-07-18 230680]
                          S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2014-06-19 27416]
                          S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2014-06-19 121624]
                          S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2014-12-09 208152]
                          S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2014-06-19 21272]
                          S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2014-08-29 192792]
                          S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2014-10-10 200984]
                          S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
                          S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
                          S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2014-07-22 142648]
                          S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [2015-01-07 3440080]
                          S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [2015-01-07 309232]
                          S3 OA008Ufd;Creative Camera OA008 Upper Filter Driver;c:\windows\system32\DRIVERS\OA008Ufd.sys [2008-11-26 133472]
                          S3 OA008Vid;Creative Camera OA008 Function Driver;c:\windows\system32\DRIVERS\OA008Vid.sys [2009-01-06 271616]
                          S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
                          .
                          .
                          Contents of the 'Scheduled Tasks' folder
                          .
                          2015-02-04 c:\windows\Tasks\Adobe Flash Player Updater.job
                          - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-16 16:45]
                          .
                          .
                          ------- Supplementary Scan -------
                          .
                          uStart Page = www.google.com
                          mStart Page = www.google.com
                          IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
                          TCP: DhcpNameServer = 192.168.1.1
                          .
                          .
                          --------------------- LOCKED REGISTRY KEYS ---------------------
                          .
                          [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
                          @Denied: (A) (Users)
                          @Denied: (A) (Everyone)
                          @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                          "BlindDial"=dword:00000000
                          .
                          [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
                          @Denied: (Full) (Everyone)
                          .
                          Completion time: 2015-02-04 17:28:49
                          ComboFix-quarantined-files.txt 2015-02-04 22:28
                          .
                          Pre-Run: 198,554,841,088 bytes free
                          Post-Run: 198,211,276,800 bytes free
                          .
                          - - End Of File - - 555C53BBA46EEB12CBFBC11836FE49EA
                          A36C5E4F47E84449FF07ED3517B43A31

                          Attach.txt:
                          .
                          UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
                          IF REQUESTED, ZIP IT UP & ATTACH IT
                          .
                          DDS (Ver_2012-11-20.01)
                          .
                          .
                          ==== Disk Partitions =========================
                          .
                          .
                          ==== Disabled Device Manager Items =============
                          .
                          ==== System Restore Points ===================
                          .
                          No restore point in system.
                          .
                          ==== Installed Programs ======================
                          .
                          Update for Microsoft Office 2007 (KB2508958)
                          Adobe AIR
                          Adobe Flash Player 16 ActiveX
                          Adobe Reader XI (11.0.09)
                          AVG 2015
                          CCleaner
                          E-Peek
                          File Association Helper
                          Integrated Webcam Driver (1.02.02.0106)
                          InterVideo DeviceService
                          Java Auto Updater
                          Java(TM) 6 Update 26
                          Keyboard Lock Status
                          Malwarebytes Anti-Malware version 2.0.4.1028
                          Microsoft .NET Framework 4.5
                          Microsoft Application Error Reporting
                          Microsoft Office 2007 Service Pack 3 (SP3)
                          Microsoft Office Access MUI (English) 2007
                          Microsoft Office Access Setup Metadata MUI (English) 2007
                          Microsoft Office Excel MUI (English) 2007
                          Microsoft Office File Validation Add-In
                          Microsoft Office InfoPath MUI (English) 2007
                          Microsoft Office Outlook MUI (English) 2007
                          Microsoft Office PowerPoint MUI (English) 2007
                          Microsoft Office Professional Plus 2007
                          Microsoft Office Proof (English) 2007
                          Microsoft Office Proof (French) 2007
                          Microsoft Office Proof (Spanish) 2007
                          Microsoft Office Proofing (English) 2007
                          Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
                          Microsoft Office Publisher MUI (English) 2007
                          Microsoft Office Shared MUI (English) 2007
                          Microsoft Office Shared Setup Metadata MUI (English) 2007
                          Microsoft Office Word MUI (English) 2007
                          Microsoft Silverlight
                          Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
                          Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
                          Microsoft WSE 3.0 Runtime
                          Mobile Broadband Generic Drivers
                          NetWaiting
                          NVIDIA Drivers
                          QuickSet32
                          QuickTime
                          RealNetworks - Microsoft Visual C++ 2008 Runtime
                          RealPlayer
                          RealUpgrade 1.1
                          Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition
                          Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition
                          Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition
                          Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
                          Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
                          Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
                          Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition
                          SUPERAntiSpyware
                          Taplika
                          Update for 2007 Microsoft Office System (KB967642)
                          Update for Microsoft Office 2007 Help for Common Features (KB963673)
                          Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
                          Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
                          Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
                          Update for Microsoft Office Access 2007 Help (KB963663)
                          Update for Microsoft Office Excel 2007 Help (KB963678)
                          Update for Microsoft Office Infopath 2007 Help (KB963662)
                          Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
                          Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
                          Update for Microsoft Office Outlook 2007 Help (KB963677)
                          Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition
                          Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition
                          Update for Microsoft Office Powerpoint 2007 Help (KB963669)
                          Update for Microsoft Office Publisher 2007 Help (KB963667)
                          Update for Microsoft Office Script Editor Help (KB963671)
                          Update for Microsoft Office Word 2007 Help (KB963665)
                          USB2.0 ATV
                          Verizon Wireless USB760 Firmware Updates
                          Visual Studio 2012 x86 Redistributables
                          VZAccess Manager
                          Windows Movie Maker 6.1
                          WinZip 19.0
                          WSE_Taplika
                          Zune Language Pack (PTG)
                          .
                          ==== End Of File ===========================
                          DDS.txt:
                          DDS (Ver_2012-11-20.01) - NTFS_x86
                          Internet Explorer: 9.0.8112.16476
                          Run by Kellie at 17:37:39 on 2015-02-04
                          .
                          ============== Running Processes ================
                          .
                          C:\Windows\system32\wininit.exe
                          C:\Windows\system32\lsm.exe
                          C:\Windows\system32\nvvsvc.exe
                          C:\Windows\system32\nvvsvc.exe
                          C:\Windows\System32\spoolsv.exe
                          C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
                          C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
                          C:\Program Files\AVG\AVG2015\avgwdsvc.exe
                          C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
                          C:\Windows\system32\Dwm.exe
                          C:\Windows\system32\taskhost.exe
                          C:\Windows\System32\alg.exe
                          C:\Windows\LockStatusTray.exe
                          C:\Program Files\Common Files\Java\Java Update\jusched.exe
                          C:\Program Files\AVG\AVG2015\avgui.exe
                          C:\Program Files\File Association Helper\FAHWindow.exe
                          C:\Windows\system32\taskeng.exe
                          C:\Program Files\CCleaner\CCleaner.exe
                          C:\Windows\system32\SearchIndexer.exe
                          C:\Windows\system32\ctfmon.exe
                          C:\Program Files\Windows Media Player\wmpnetwk.exe
                          C:\Windows\system32\wuauclt.exe
                          C:\Program Files\AVG\AVG2015\avgidsagent.exe
                          C:\Program Files\AVG\AVG2015\avgemcx.exe
                          C:\Program Files\AVG\AVG2015\avgnsx.exe
                          C:\Program Files\AVG\AVG2015\avgrsx.exe
                          C:\Program Files\AVG\AVG2015\avgcsrvx.exe
                          C:\Windows\explorer.exe
                          C:\Program Files\AVG\AVG2015\avgcfgex.exe
                          C:\Program Files\Internet Explorer\iexplore.exe
                          C:\Program Files\Internet Explorer\iexplore.exe
                          C:\Windows\system32\SearchProtocolHost.exe
                          C:\Windows\system32\SearchFilterHost.exe
                          C:\Program Files\Internet Explorer\iexplore.exe
                          C:\Windows\system32\conhost.exe
                          C:\Windows\system32\svchost.exe -k DcomLaunch
                          C:\Windows\system32\svchost.exe -k RPCSS
                          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                          C:\Windows\system32\svchost.exe -k netsvcs
                          C:\Windows\system32\svchost.exe -k LocalService
                          C:\Windows\system32\svchost.exe -k NetworkService
                          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                          C:\Windows\system32\svchost.exe -k imgsvc
                          C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                          C:\Windows\System32\svchost.exe -k secsvcs
                          .
                          ============== Pseudo HJT Report ===============
                          .
                          uStart Page = www.google.com
                          mStart Page = www.google.com
                          uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
                          mURLSearchHooks: {e4c3a8b6-7724-45d1-a629-17b69118ebcd} - <orphaned>
                          BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
                          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
                          uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner.exe" /MONITOR
                          uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
                          mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
                          mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
                          mRun: [LockStatusTray] c:\windows\LockStatusTray.exe
                          mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
                          mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
                          mRun: [AVG_UI] "c:\program files\avg\avg2015\avgui.exe" /TRAYONLY
                          mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
                          mRun: [FAHConsole] c:\program files\file association helper\FAHConsole.exe
                          mRunOnce: [WSE_Taplika] c:\windows\system32\wscript.exe /e:vbscript /b "c:\users\kellie\appdata\roaming\wse_taplika\updateproc\bkup.dat"
                          uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
                          uPolicies-Explorer: NoDrives = dword:0
                          mPolicies-Explorer: NoDrives = dword:0
                          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                          mPolicies-System: ConsentPromptBehaviorUser = dword:3
                          mPolicies-System: EnableUIADesktopToggle = dword:0
                          IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
                          IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
                          DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
                          DPF: {6EEFD7B1-B26C-440D-B55A-1EC677189F30} - hxxps://65.115.233.180/NELX.cab
                          DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                          DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
                          DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                          DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
                          DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
                          DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://vpn.arcelormittaltubular.com/dana-cached/sc/JuniperSetupClient.cab
                          DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
                          TCP: NameServer = 192.168.1.1
                          TCP: Interfaces\{3CF0A289-2D08-448C-AFD6-5D61DB084612} : DHCPNameServer = 192.168.1.1
                          SSODL: WebCheck - <orphaned>
                          .
                          ============= SERVICES / DRIVERS ===============
                          .
                          .
                          =============== Created Last 30 ================
                          .
                          2015-02-04 22:29:12 -------- d-sh--w- C:\$RECYCLE.BIN
                          2015-02-04 22:28:56 -------- d-----w- c:\users\kellie\appdata\local\temp
                          2015-02-04 22:06:19 98816 ----a-w- c:\windows\sed.exe
                          2015-02-04 22:06:19 256000 ----a-w- c:\windows\PEV.exe
                          2015-02-04 22:06:19 208896 ----a-w- c:\windows\MBR.exe
                          2015-02-04 01:41:22 9054624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3770940c-abda-4489-85ec-abb8cd98e2b8}\mpengine.dll
                          2015-02-03 11:15:40 -------- d-----w- c:\users\kellie\appdata\local\Taplika
                          2015-02-03 11:15:03 -------- d-----w- c:\users\kellie\appdata\roaming\WSE_Taplika
                          2015-02-03 11:15:03 -------- d-----w- c:\users\kellie\appdata\local\WinZip
                          2015-02-03 11:14:44 -------- d-----w- c:\programdata\{C7032FC0-9781-FE46-2607-8EC4F6855D4A}
                          2015-02-03 11:14:26 -------- d-----w- c:\program files\WSE_Taplika
                          2015-02-03 11:14:05 -------- d-----w- c:\program files\File Association Helper
                          2015-02-03 01:48:19 -------- d-----w- c:\program files\E Dev
                          2015-02-02 03:58:04 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
                          2015-02-02 03:57:52 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
                          2015-02-02 03:57:52 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
                          2015-02-02 03:57:52 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
                          2015-02-02 03:57:52 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
                          2015-02-01 16:30:34 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
                          2015-02-01 16:30:00 -------- d-----w- c:\users\kellie\appdata\roaming\E Dev
                          2015-02-01 04:33:54 -------- d-----w- C:\AdwCleaner
                          2015-01-31 22:10:42 114904 ----a-w- c:\windows\system32\drivers\4B830468.sys
                          2015-01-31 22:10:09 -------- d-----w- c:\programdata\Malwarebytes
                          2015-01-31 19:14:28 -------- d-----w- c:\users\kellie\appdata\roaming\SUPERAntiSpyware.com
                          2015-01-31 19:13:55 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
                          2015-01-31 19:13:55 -------- d-----w- c:\program files\SUPERAntiSpyware
                          2015-01-31 18:51:35 -------- d-s---w- c:\windows\system32\CompatTel
                          2015-01-31 18:51:35 -------- d-----w- c:\windows\system32\appraiser
                          2015-01-31 18:44:13 -------- d-----w- c:\windows\system32\MRT
                          2015-01-31 18:43:49 9054624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
                          2015-01-31 18:43:18 9054624 ------w- c:\programdata\microsoft\windows defender\definition updates\updates\mpengine.dll
                          2015-01-31 18:09:55 873984 ----a-w- c:\windows\system32\aeinv.dll
                          2015-01-31 18:09:55 728576 ----a-w- c:\windows\system32\appraiser.dll
                          2015-01-31 18:09:55 610304 ----a-w- c:\windows\system32\invagent.dll
                          2015-01-31 18:09:55 337920 ----a-w- c:\windows\system32\generaltel.dll
                          2015-01-31 18:09:55 315392 ----a-w- c:\windows\system32\devinv.dll
                          2015-01-31 18:09:55 159744 ----a-w- c:\windows\system32\aepic.dll
                          2015-01-31 18:09:55 1160872 ----a-w- c:\windows\system32\aitstatic.exe
                          2015-01-31 18:09:54 202752 ----a-w- c:\windows\system32\aepdu.dll
                          2015-01-31 18:09:35 2377216 ----a-w- c:\windows\system32\win32k.sys
                          2015-01-31 17:07:16 -------- d-----w- c:\program files\CCleaner
                          2015-01-31 16:25:38 -------- d-----w- c:\users\kellie\appdata\roaming\AVG2015
                          2015-01-31 16:24:42 -------- d-----w- c:\users\kellie\appdata\roaming\TuneUp Software
                          2015-01-31 16:24:08 -------- d-----w- c:\programdata\AVG2015
                          2015-01-31 16:24:08 -------- d-----w- C:\$AVG
                          2015-01-31 16:23:03 -------- d-----w- c:\program files\AVG
                          2015-01-31 16:20:47 -------- d--h--w- c:\programdata\Common Files
                          2015-01-31 16:20:46 -------- d-----w- c:\users\kellie\appdata\local\MFAData
                          2015-01-31 16:20:46 -------- d-----w- c:\users\kellie\appdata\local\Avg2015
                          2015-01-31 16:20:46 -------- d-----w- c:\programdata\MFAData
                          .
                          ==================== Find3M ====================
                          .
                          2015-01-31 16:45:30 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
                          2015-01-31 16:45:30 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
                          2014-12-23 05:50:16 249488 ------w- c:\windows\system32\MpSigStub.exe
                          2014-12-09 02:25:06 208152 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
                          2014-11-19 02:41:58 154904 ----a-w- c:\windows\system32\drivers\avgidshx.sys
                          2014-11-18 19:56:48 1202848 ----a-w- c:\windows\system32\FM20.DLL
                          .
                          ============= FINISH: 17:39:33.96 ===============

                          Comment


                          • #14
                            Verwijder volgende van je pc cia Software:

                            Java(TM) 6 Update 26

                            PC herstarten hierna.


                            Download of Update Ccleaner

                            Start CCleaner op.
                            • Run Ccleaner en klik in de linkse kolom op Opties
                            • Selecteer het tabblad Geavanceerd
                            • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                            • Selecteer het tabblad Instellingen
                            • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                            • Klik in de linkse kolom op Cleaner.
                            • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                            • Klik vervolgens in de linkse kolom op Register
                            • Klik op Scan naar problemen.
                            • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                            • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

                            .



                            Geef je verborgen bestanden en mappen weer.

                            Ga naar Virus Total en upload de volgende file:

                            c:\windows\system32\wscript.exe

                            Druk op verzenden en wacht tot de resultaten verschijnen.
                            Indien het bestand reeds gescant is, laat je deze heranalyseren.(Je klikt dan op Re Analyse)

                            Uit het rapport, koppieer je het volgende:

                            KLIK HIER voor een vergroting! 
                            .
                            Plaats ook even de link naar dat rapport.
                            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                            Comment


                            • #15
                              Virustotal copy

                              SHA256:
                              047f3c5a7ab0ea05f35b2ca8037bf62dd4228786d07707064dbd0d46569305d0

                              Bestandsnaam: wscript.exe

                              Detectieverhouding: 0 / 56

                              Datum van analyse: 2015-02-05 00:56:07 UTC (1 minuut geleden)

                              43

                              165

                              Trusted source! This file belongs to Microsoft Corporation's software catalogue, you may consider it safe to use.

                              https://www.virustotal.com/nl/file/0...is/1423097767/

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X