Mededeling

Collapse
No announcement yet.

Irritante reclame constant in beeld en in linkjes

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Irritante reclame constant in beeld en in linkjes

    Ik heb dus een virus te pakken waarbij ik steeds reclame te zien krijg. Verder wordt mijn zoekmachine steeds gewijzigd. Ik heb ook last van gewone tekst dat als reclame link te zien is. Hier onder mijn logjes.

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 27-3-2015
    Scantijd: 22:26:13
    Logbestand:
    Beheerder: Ja

    Versie: 2.01.4.1018
    Malware Gegevensbestand: v2015.03.27.10
    Rootkit Gegevensbestand: v2015.03.26.01
    Licentie: Gratis
    Malwarebescherming: Uitgeschakeld
    Kwaadaardige Website Bescherming: Uitgeschakeld
    Zelfbescherming: Uitgeschakeld

    Besturingssysteem: Windows 7 Service Pack 1
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: standaard

    Scantype: Aangepaste Scan
    Resultaat: Voltooid
    Objecten Gescand: 644779
    Verstreken Tijd: 1 u, 58 m, 10 s

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Ingeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 1
    PUP.Optional.Unizeto, C:\ProgramData\{5444e75a-833c-5f2e-5444-4e75a8339d6a}\AnzhiRoot_U9508.exe, 1164, Verwijder-bij-Herstart, [226487c3a2e8360051456fcc7a88a45c]

    Modules: 1
    PUP.Optional.SProtector, C:\Program Files (x86)\TerminusMaker\TerminusMaker.dll, Verwijder-bij-Herstart, [b2d4de6c4f3bdc5a705f70c1649ea55b],

    Registersleutels: 68
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{1c12ff6c-3066-47f5-9420-e22deec763a4}, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1C12FF6C-3066-47F5-9420-E22DEEC763A4}, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1C12FF6C-3066-47F5-9420-E22DEEC763A4}, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P1c12ff6c_3066_47f5_9420_e22deec763a4_.P1c12ff6c_3066_47f5_9420_e22deec763a4_, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P1c12ff6c_3066_47f5_9420_e22deec763a4_.P1c12ff6c_3066_47f5_9420_e22deec763a4_. 9, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P1c12ff6c_3066_47f5_9420_e22deec763a4_.P1c12ff6c_3066_47f5_9420_e2 2deec763a4_, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P1c12ff6c_3066_47f5_9420_e22deec763a4_.P1c12ff6c_3066_47f5_9420_e2 2deec763a4_.9, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P1c12ff6c_3066_47f5_9420_e22deec763a4_.P1c12ff6c_3066_47f5_9420_e2 2deec763a4_, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P1c12ff6c_3066_47f5_9420_e22deec763a4_.P1c12ff6c_3066_47f5_9420_e2 2deec763a4_.9, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1C12FF6C-3066-47F5-9420-E22DEEC763A4}, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1c12ff6c-3066-47f5-9420-e22deec763a4}, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{1C12FF6C-3066-47F5-9420-E22DEEC763A4}, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{1C12FF6C-3066-47F5-9420-E22DEEC763A4}, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{1C12FF6C-3066-47F5-9420-E22DEEC763A4}\INPROCSERVER32, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{e89bddc4-9af5-45d9-a39a-d1252c33e033}, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E89BDDC4-9AF5-45D9-A39A-D1252C33E033}, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E89BDDC4-9AF5-45D9-A39A-D1252C33E033}, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\Pe89bddc4_9af5_45d9_a39a_d1252c33e033_.Pe89bddc4_9af5_45d9_a39a_d1252c33e033_, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\Pe89bddc4_9af5_45d9_a39a_d1252c33e033_.Pe89bddc4_9af5_45d9_a39a_d1252c33e033_. 9, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Pe89bddc4_9af5_45d9_a39a_d1252c33e033_.Pe89bddc4_9af5_45d9_a39a_d1 252c33e033_, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Pe89bddc4_9af5_45d9_a39a_d1252c33e033_.Pe89bddc4_9af5_45d9_a39a_d1 252c33e033_.9, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Pe89bddc4_9af5_45d9_a39a_d1252c33e033_.Pe89bddc4_9af5_45d9_a39a_d1 252c33e033_, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Pe89bddc4_9af5_45d9_a39a_d1252c33e033_.Pe89bddc4_9af5_45d9_a39a_d1 252c33e033_.9, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E89BDDC4-9AF5-45D9-A39A-D1252C33E033}, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{e89bddc4-9af5-45d9-a39a-d1252c33e033}, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{E89BDDC4-9AF5-45D9-A39A-D1252C33E033}, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{E89BDDC4-9AF5-45D9-A39A-D1252C33E033}, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{E89BDDC4-9AF5-45D9-A39A-D1252C33E033}\INPROCSERVER32, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, HKU\S-1-5-21-2755389905-846533760-1136847600-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, In Quarantaine, [95f156f4ed9dbb7bc92d63c68d76d828],
    PUP.Optional.Multiplug, HKU\S-1-5-21-2755389905-846533760-1136847600-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, In Quarantaine, [95f156f4ed9dbb7bc92d63c68d76d828],
    PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}, In Quarantaine, [1f67f753e1a983b330877bb4e022cb35],
    PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, In Quarantaine, [5c2a7fcba0ea0a2c61560c23af53916f],
    PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B696F285-F54E-2524-58B1-E06A70ABE6BE}, In Quarantaine, [671fa7a34f3bcc6a8334fd32e121966a],
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantaine, [384e6bdf3e4c58de49f7af7b5da81fe1],
    PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantaine, [1f67202aa2e8f73f3e8ed930b3511fe1],
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, In Quarantaine, [f6905befeaa0e254358901cb3ec54bb5],
    PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, In Quarantaine, [8402e862cebc01351fb69c240ef543bd],
    PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantaine, [11757dcdb4d66bcb4cf479b14eb78b75],
    PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantaine, [fd89321831592b0be4b65667030034cc],
    PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantaine, [74120c3eb0da53e35c3d4b72d033de22],
    PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, In Quarantaine, [aadc87c39af0e84ed65f4885c241946c],
    PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantaine, [3d490b3f6e1cfa3c7027ecd1a360e719],
    PUP.Optional.HomeTab.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\HomeTab, In Quarantaine, [5f27fc4e41493bfb21e16984d3307f81],
    PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\SearchProtectWS, In Quarantaine, [6a1c96b46d1dd75f4756cbf2cd369a66],
    PUP.Optional.TNT.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\TNT2, In Quarantaine, [c9bdf456f19937ff5924dde2b54e827e],
    PUP.Optional.Wajam.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\WajIntEnhance, In Quarantaine, [9aece8625931e6508650833df90a1ae6],
    PUP.Optional.Qone8, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantaine, [ed99f05abcce0d29a897b67422e3b54b],
    PUP.Optional.Iminent.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantaine, [285ee8620c7e85b14d45ac0d4eb5c13f],
    PUP.Optional.Iminent.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantaine, [52341c2e6624072f177cae0bc142639d],
    PUP.Optional.Linkey.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, In Quarantaine, [572f82c82b5f280ee0b48c2dac5716ea],
    PUP.Optional.Vosteran.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, In Quarantaine, [e89eb5957d0df93d3362269334cfe51b],
    PUP.Optional.Wajam.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantaine, [ff87b09a325850e61d7915a427dceb15],
    PUP.Optional.Wajam.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\SIMPLYTECH\HomeTabWajIEnhance, In Quarantaine, [f49260eaa2e8072f5b3d1ba2ca39936d],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{81FE6D2E-CF13-4E70-88CF-68C16FB0AF4B}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{26F377AF-2D3C-4A7C-BE49-596CCF4DD255}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{4F0DF045-A24E-4F54-ABA2-B8077BB1EFCC}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9E80F94E-104F-4BC1-88A7-D275CC2B2F95}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{EC0EA5F0-AE36-4685-A83E-C999F45FF755}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{26F377AF-2D3C-4A7C-BE49-596CCF4DD255}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4F0DF045-A24E-4F54-ABA2-B8077BB1EFCC}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9E80F94E-104F-4BC1-88A7-D275CC2B2F95}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EC0EA5F0-AE36-4685-A83E-C999F45FF755}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{26F377AF-2D3C-4A7C-BE49-596CCF4DD255}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4F0DF045-A24E-4F54-ABA2-B8077BB1EFCC}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9E80F94E-104F-4BC1-88A7-D275CC2B2F95}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EC0EA5F0-AE36-4685-A83E-C999F45FF755}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{81FE6D2E-CF13-4E70-88CF-68C16FB0AF4B}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{81FE6D2E-CF13-4E70-88CF-68C16FB0AF4B}, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],

    Registerwaardes: 4
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}, In Quarantaine, [dfa72d1dc8c2d16566591b32bb4a8080]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}, In Quarantaine, [6b1ba5a5800a45f1962963eab154738d]
    PUP.Optional.SearchEngine.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|[email protected], C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected], In Quarantaine, [5d290941117900365ab54ffcbb4a7090]
    PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}, In Quarantaine, [94f2b3972a601521bd01004d887d0df3]

    Registerdata: 14
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}),Vervangen,[89fd54f6b7d3c0760f0cc12c0203af51]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=h...52515_B0738828, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/?type=h...828),Vervangen,[94f2f9511c6e9a9cd84315d88283f40c]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=h...52515_B0738828, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/?type=h...828),Vervangen,[5b2b56f4fd8d94a20d0ea14c60a5f30d]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}),Vervangen,[88fe6fdbdcae4cea28f3f8f5a75e649c]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}),Vervangen,[26600743c6c444f236e7f1fc21e4bc44]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}),Vervangen,[d8aed37798f2a2946ab344a982835aa6]
    PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Goed: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Slecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Vervangen,[780eaf9ba7e39a9cf32319e08382e31d]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}),Vervangen,[6422fa508dfdee48aa7110ddf01548b8]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=h...52515_B0738828, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/?type=h...828),Vervangen,[acdaeb5fcfbbaf87f42743aa7f8611ef]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=h...52515_B0738828, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/?type=h...828),Vervangen,[563054f67b0fe74f1cff14d930d5738d]
    PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}),Vervangen,[3254c98155352511918a0ce1f312b749]
    PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Goed: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Slecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Vervangen,[b9cd3b0f58320333819538c1e22302fe]
    PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mystartsearch.com/?type=h...52515_B0738828, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/?type=h...828),Vervangen,[8105e6643f4b6dc971ab34b9e81d53ad]
    PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-2755389905-846533760-1136847600-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.mystartsearch.com/?type=h...52515_B0738828, Goed: (www.google.com), Slecht: (http://www.mystartsearch.com/?type=h...828),Vervangen,[51352f1bdab0102665b7faf336cfdc24]

    Mappen: 16
    PUP.Optional.MultiPlug.A, C:\ProgramData\ekedpdfknoimmillmgnhjkmigjgfomkf, In Quarantaine, [20662426236745f16b402726f1141ee2],
    PUP.Optional.MultiPlug.A, C:\ProgramData\epegnfnockeplomidfnpielippgfpnlc, In Quarantaine, [3650ee5c325884b207a4301d43c2a858],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\content, In Quarantaine, [ec9a65e5b2d86accd4dc232ac045936d],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected], In Quarantaine, [ec9a65e5b2d86accd4dc232ac045936d],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\content, In Quarantaine, [0e788dbd63279f97c7e9004d07fe4cb4],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected], In Quarantaine, [0e788dbd63279f97c7e9004d07fe4cb4],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\habdflddkbkcmiglihdemgpijopehham\193, In Quarantaine, [6323aaa065256dc915a0a9a48580aa56],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\habdflddkbkcmiglihdemgpijopehham, In Quarantaine, [6323aaa065256dc915a0a9a48580aa56],
    PUP.Optional.Multiplug, C:\Program Files (x86)\youtubeadblocker, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.SalePlus.A, C:\Program Files (x86)\SalePlus, In Quarantaine, [86002e1cc2c839fdcad5e6bbe81bf709],
    PUP.Optional.EzDownloader.A, C:\Users\standaard\AppData\Roaming\EZDownloader, In Quarantaine, [aed81337f09ae155a83cc1ea0201e41c],
    PUP.Optional.EzDownloader.A, C:\Users\standaard\AppData\Roaming\EZDownloader\Errors, In Quarantaine, [aed81337f09ae155a83cc1ea0201e41c],
    PUP.Optional.SearchEngine.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected], In Quarantaine, [b2d4db6fdeac84b213825a568b78728e],
    PUP.Optional.SearchEngine.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\chrome, In Quarantaine, [b2d4db6fdeac84b213825a568b78728e],
    PUP.Optional.SearchEngine.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\chrome\content, In Quarantaine, [b2d4db6fdeac84b213825a568b78728e],
    PUP.Optional.SearchEngine.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\chrome\skin, In Quarantaine, [b2d4db6fdeac84b213825a568b78728e],

    Bestanden: 51
    PUP.Optional.SProtector, C:\Program Files (x86)\TerminusMaker\TerminusMaker.dll, Verwijder-bij-Herstart, [b2d4de6c4f3bdc5a705f70c1649ea55b],
    PUP.Optional.Unizeto, C:\ProgramData\{5444e75a-833c-5f2e-5444-4e75a8339d6a}\AnzhiRoot_U9508.exe, Verwijder-bij-Herstart, [226487c3a2e8360051456fcc7a88a45c],
    PUP.Optional.Multiplug, C:\Program Files (x86)\SalePlus\pVWx99tDbqlT48.x64.dll, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, C:\Program Files (x86)\SalePlus\pVWx99tDbqlT48.dll, In Quarantaine, [e4a2be8c0e7c14226d90ce6d16ec7e82],
    PUP.Optional.Multiplug, C:\Program Files (x86)\youtubeadblocker\CuYsMng83Smtv4.x64.dll, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, C:\Program Files (x86)\youtubeadblocker\CuYsMng83Smtv4.dll, In Quarantaine, [602648023357b680de1f8ead9d65be42],
    PUP.Optional.Multiplug, C:\Users\standaard\AppData\Local\Temp\4E48\temp\AnzhiRoot_U9508.exe, In Quarantaine, [95f156f4ed9dbb7bc92d63c68d76d828],
    PUP.Optional.Multiplug.A, C:\Program Files (x86)\Currency Converter\Currency Converter.exe, In Quarantaine, [1f67f753e1a983b330877bb4e022cb35],
    PUP.Optional.Multiplug.A, C:\Program Files (x86)\youtubeadblocker\CuYsMng83Smtv4.exe, In Quarantaine, [5c2a7fcba0ea0a2c61560c23af53916f],
    PUP.Optional.Multiplug.A, C:\Program Files (x86)\SaalePilUs\SaalePilUs.exe, In Quarantaine, [ff87e56589019d99d8df260961a1649c],
    PUP.Optional.Multiplug.A, C:\Program Files (x86)\SalePlus\pVWx99tDbqlT48.exe, In Quarantaine, [671fa7a34f3bcc6a8334fd32e121966a],
    PUP.Optional.SkyTech.A, C:\Users\standaard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5SDUI6XI\1[1].zip, In Quarantaine, [d2b4004acac055e10389ec1601012fd1],
    PUP.Optional.Unizeto, C:\Users\standaard\AppData\Local\Temp\2040\temp\AnzhiRoot_U9508.exe, In Quarantaine, [dfa7bc8ebfcb74c21581f04b788a36ca],
    PUP.Optional.EZDownloader.A, C:\Users\standaard\AppData\Local\Temp\2040\temp\EzDownloader_setup.exe, In Quarantaine, [8204b09a9cee3bfbe5382af6dc24d32d],
    PUP.Optional.MyStartSearch.A, C:\Users\standaard\AppData\Local\Temp\2040\temp\wpc_mystartsearch.exe, In Quarantaine, [295d42088efc4ee8624a8da4976ff50b],
    PUP.Optional.MyStartSearch.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\searchplugins\mystartsearch.xml, In Quarantaine, [aadca6a4484293a33c81e0ec758e49b7],
    PUP.Optional.MultiPlug.A, C:\ProgramData\ekedpdfknoimmillmgnhjkmigjgfomkf\lsdb.js, In Quarantaine, [20662426236745f16b402726f1141ee2],
    PUP.Optional.MultiPlug.A, C:\ProgramData\ekedpdfknoimmillmgnhjkmigjgfomkf\background.html, In Quarantaine, [20662426236745f16b402726f1141ee2],
    PUP.Optional.MultiPlug.A, C:\ProgramData\ekedpdfknoimmillmgnhjkmigjgfomkf\content.js, In Quarantaine, [20662426236745f16b402726f1141ee2],
    PUP.Optional.MultiPlug.A, C:\ProgramData\ekedpdfknoimmillmgnhjkmigjgfomkf\manifest.json, In Quarantaine, [20662426236745f16b402726f1141ee2],
    PUP.Optional.MultiPlug.A, C:\ProgramData\ekedpdfknoimmillmgnhjkmigjgfomkf\p7.js, In Quarantaine, [20662426236745f16b402726f1141ee2],
    PUP.Optional.MultiPlug.A, C:\ProgramData\epegnfnockeplomidfnpielippgfpnlc\lsdb.js, In Quarantaine, [3650ee5c325884b207a4301d43c2a858],
    PUP.Optional.MultiPlug.A, C:\ProgramData\epegnfnockeplomidfnpielippgfpnlc\background.html, In Quarantaine, [3650ee5c325884b207a4301d43c2a858],
    PUP.Optional.MultiPlug.A, C:\ProgramData\epegnfnockeplomidfnpielippgfpnlc\content.js, In Quarantaine, [3650ee5c325884b207a4301d43c2a858],
    PUP.Optional.MultiPlug.A, C:\ProgramData\epegnfnockeplomidfnpielippgfpnlc\manifest.json, In Quarantaine, [3650ee5c325884b207a4301d43c2a858],
    PUP.Optional.MultiPlug.A, C:\ProgramData\epegnfnockeplomidfnpielippgfpnlc\RGPQWs.js, In Quarantaine, [3650ee5c325884b207a4301d43c2a858],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\content\bg.js, In Quarantaine, [ec9a65e5b2d86accd4dc232ac045936d],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\bootstrap.js, In Quarantaine, [ec9a65e5b2d86accd4dc232ac045936d],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\chrome.manifest, In Quarantaine, [ec9a65e5b2d86accd4dc232ac045936d],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\install.rdf, In Quarantaine, [ec9a65e5b2d86accd4dc232ac045936d],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\content\bg.js, In Quarantaine, [0e788dbd63279f97c7e9004d07fe4cb4],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\bootstrap.js, In Quarantaine, [0e788dbd63279f97c7e9004d07fe4cb4],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\chrome.manifest, In Quarantaine, [0e788dbd63279f97c7e9004d07fe4cb4],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\install.rdf, In Quarantaine, [0e788dbd63279f97c7e9004d07fe4cb4],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\habdflddkbkcmiglihdemgpijopehham\193\lsdb.js, In Quarantaine, [6323aaa065256dc915a0a9a48580aa56],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\habdflddkbkcmiglihdemgpijopehham\193\background.html, In Quarantaine, [6323aaa065256dc915a0a9a48580aa56],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\habdflddkbkcmiglihdemgpijopehham\193\content.js, In Quarantaine, [6323aaa065256dc915a0a9a48580aa56],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\habdflddkbkcmiglihdemgpijopehham\193\I39nR.js, In Quarantaine, [6323aaa065256dc915a0a9a48580aa56],
    PUP.Optional.MultiPlug.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Extensions\habdflddkbkcmiglihdemgpijopehham\193\manifest.json, In Quarantaine, [6323aaa065256dc915a0a9a48580aa56],
    PUP.Optional.Multiplug, C:\Program Files (x86)\youtubeadblocker\CuYsMng83Smtv4.dat, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.Multiplug, C:\Program Files (x86)\youtubeadblocker\CuYsMng83Smtv4.tlb, In Quarantaine, [cbbb71d9c4c6e155a41c384259aaf20e],
    PUP.Optional.SalePlus.A, C:\Program Files (x86)\SalePlus\pVWx99tDbqlT48.dat, In Quarantaine, [86002e1cc2c839fdcad5e6bbe81bf709],
    PUP.Optional.SalePlus.A, C:\Program Files (x86)\SalePlus\pVWx99tDbqlT48.tlb, In Quarantaine, [86002e1cc2c839fdcad5e6bbe81bf709],
    PUP.Optional.SearchEngine.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\chrome.manifest, In Quarantaine, [b2d4db6fdeac84b213825a568b78728e],
    PUP.Optional.SearchEngine.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\install.rdf, In Quarantaine, [b2d4db6fdeac84b213825a568b78728e],
    PUP.Optional.SearchEngine.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\chrome\content\toolbar.js, In Quarantaine, [b2d4db6fdeac84b213825a568b78728e],
    PUP.Optional.SearchEngine.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\chrome\content\toolbar.xul, In Quarantaine, [b2d4db6fdeac84b213825a568b78728e],
    PUP.Optional.SearchEngine.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\[email protected]\chrome\skin\icon.png, In Quarantaine, [b2d4db6fdeac84b213825a568b78728e],
    PUP.Optional.MyStartSearch.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Preferences, Goed: (), Slecht: ( "homepage": "http://www.mystartsearch.com/?type=hp&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828",), Vervangen,[f2941b2f840657dfb84072c1c14524dc]
    PUP.Optional.MyStartSearch.A, C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Preferences, Goed: (), Slecht: ( "startup_urls": [ "http://www.mystartsearch.com/?type=hp&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828" ],), Vervangen,[dfa778d2246626108c6ecc670df90af6]
    PUP.Optional.MyStartSearch.A, C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\search.json, Goed: (), Slecht: (mystartsearch), Vervangen,[b4d2bb8f6c1ea78f7922d26144c2c739]

    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)


    (end)
    Last edited by Muzzy; 28-03-15, 05:51.

  • #2
    # AdwCleaner v4.113 - Logbestand aangemaakt 28/03/2015 op 06:00:03
    # Laatste update 22/03/2015 door Xplode
    # Database : 2015-03-27.1 [Server]
    # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (x64)
    # Gebruikersnaam : standaard - STANDAARD-PC
    # Gestart vanuit : C:\Users\standaard\Desktop\adwcleaner_4.113.exe
    # Optie : Verwijderen

    ***** [ Services ] *****


    ***** [ Bestanden / Mappen ] *****

    Map Verwijderd : C:\Program Files (x86)\DriverToolkit
    Map Verwijderd : C:\Program Files (x86)\Best Flash Save
    Map Verwijderd : C:\Program Files (x86)\SaalePilUs
    Map Verwijderd : C:\Program Files (x86)\uniSaleso
    Map Verwijderd : C:\Program Files (x86)\unisialoesu
    Map Verwijderd : C:\Users\standaard\AppData\Local\DriverToolkit

    ***** [ Geplande taken ] *****


    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****

    Sleutel Verwijderd : HKCU\Software\Mozilla\Extends
    Sleutel Verwijderd : HKLM\SOFTWARE\89a069e1-d39e-d21d-6381-c6e24a6c51f1
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{39bfb656}
    Sleutel Verwijderd : HKCU\Software\APN PIP
    Sleutel Verwijderd : HKCU\Software\simplytech
    Sleutel Verwijderd : HKCU\Software\DriverToolkit
    Sleutel Verwijderd : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    Sleutel Verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Sleutel Verwijderd : HKLM\SOFTWARE\AskPartnerNetwork
    Sleutel Verwijderd : HKLM\SOFTWARE\Conduit
    Sleutel Verwijderd : HKLM\SOFTWARE\SearchProtect
    Sleutel Verwijderd : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    Sleutel Verwijderd : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

    ***** [ Webbrowsers ] *****

    -\\ Internet Explorer v11.0.9600.17689


    -\\ Mozilla Firefox v36.0.4 (x86 nl)

    [u7ac9uhz.default-1417213510283\prefs.js] - Regel Verwijderd : user_pref("browser.search.hiddenOneOffs", "mystartsearch");
    [u7ac9uhz.default-1417213510283\prefs.js] - Regel Verwijderd : user_pref("browser.search.searchengine.alias", "mystartsearch");
    [u7ac9uhz.default-1417213510283\prefs.js] - Regel Verwijderd : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
    [u7ac9uhz.default-1417213510283\prefs.js] - Regel Verwijderd : user_pref("browser.search.searchengine.name", "mystartsearch");
    [u7ac9uhz.default-1417213510283\prefs.js] - Regel Verwijderd : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}");
    [u7ac9uhz.default-1417213510283\prefs.js] - Regel Verwijderd : user_pref("browser.search.selectedEngine", "mystartsearch");
    [u7ac9uhz.default-1417213510283\prefs.js] - Regel Verwijderd : user_pref("extensions.idbysLdrf6JFmk3u.scode", "(function(){try{if(window.self.location.href.indexOf(\"rjk8rjs5rjUHqTw9rdUFrjYHqTY\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\
    [u7ac9uhz.default-1417213510283\prefs.js] - Regel Verwijderd : user_pref("extensions.wzYOtqavqAHYcSz7.scode", "(function(){try{if(window.self.location.href.indexOf(\"rjk8rjs5rjUHqTw9rdUFrjYHqTY\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\

    -\\ Google Chrome v38.0.2125.111

    [C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}
    [C:\Users\standaard\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1427296027&from=wpc&uid=395049983_1052515_B0738828&q={searchTerms}

    *************************

    AdwCleaner[R0].txt - [1859 bytes] - [03/11/2014 16:44:13]
    AdwCleaner[R1].txt - [2517 bytes] - [28/11/2014 21:49:38]
    AdwCleaner[R2].txt - [1738 bytes] - [09/01/2015 20:11:33]
    AdwCleaner[R3].txt - [4453 bytes] - [28/03/2015 05:54:49]
    AdwCleaner[S0].txt - [1894 bytes] - [03/11/2014 16:49:52]
    AdwCleaner[S1].txt - [2459 bytes] - [28/11/2014 21:51:27]
    AdwCleaner[S2].txt - [1816 bytes] - [09/01/2015 20:14:16]
    AdwCleaner[S3].txt - [4361 bytes] - [28/03/2015 06:00:03]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [4420 bytes] ##########
    Last edited by Muzzy; 28-03-15, 06:05.

    Comment


    • #3
      DDS (Ver_2012-11-20.01) - NTFS_AMD64
      Internet Explorer: 11.0.9600.17689 BrowserJavaVersion: 11.31.2
      Run by standaard at 6:03:45 on 2015-03-28
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2047.866 [GMT 1:00]
      .
      AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
      SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      ============== Running Processes ===============
      .
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\svchost.exe -k RPCSS
      C:\Program Files\Microsoft Security Client\MsMpEng.exe
      C:\Windows\system32\atiesrxx.exe
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Windows\system32\atieclxx.exe
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Windows\system32\taskhost.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\Explorer.EXE
      C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      C:\Program Files\Microsoft Security Client\msseces.exe
      C:\Program Files\CCleaner\CCleaner64.exe
      C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
      C:\Windows\system32\NOTEPAD.EXE
      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
      C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
      C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
      C:\Windows\system32\svchost.exe -k imgsvc
      C:\Program Files (x86)\Popcorn Time\Updater.exe
      C:\Windows\system32\SearchIndexer.exe
      C:\Program Files\Microsoft Security Client\NisSrv.exe
      C:\Windows\system32\SearchProtocolHost.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Windows\System32\WUDFHost.exe
      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      C:\Windows\system32\sppsvc.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\System32\cscript.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = www.google.com
      uDefault_Page_URL = www.google.com
      mStart Page = www.google.com
      mSearch Page = www.google.com
      mDefault_Page_URL = www.google.com
      mDefault_Search_URL = www.google.com
      BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll
      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
      BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\urlredir.dll
      BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
      uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      uRunOnce: [Adobe Speed Launcher] 1427518873
      mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      mRun: [ASUS Sync Loader] "C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe" -startup
      mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.130.270\AsusWSPanel.exe /S
      StartupFolder: C:\Users\STANDA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ANZHIR~1.LNK - C:\ProgramData\{5444e75a-833c-5f2e-5444-4e75a8339d6a}\AnzhiRoot_U9508.exe
      uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
      uPolicies-Explorer: NoDrives = dword:0
      mPolicies-Explorer: NoDrives = dword:0
      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
      mPolicies-System: ConsentPromptBehaviorUser = dword:3
      mPolicies-System: EnableLUA = dword:0
      mPolicies-System: EnableUIADesktopToggle = dword:0
      IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
      IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
      IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\onbttnie.dll
      IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ochelper.dll
      IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
      DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
      TCP: NameServer = 192.168.1.1 192.168.1.1
      TCP: Interfaces\{ED1144B2-33C2-41A8-9708-DA068DD7AF26} : DHCPNameServer = 192.168.1.1 192.168.1.1
      Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\msosb.dll
      SSODL: WebCheck - <orphaned>
      mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
      x64-mStart Page = www.google.com
      x64-mSearch Page = www.google.com
      x64-mDefault_Page_URL = www.google.com
      x64-mDefault_Search_URL = www.google.com
      x64-mSearchAssistant = www.google.com
      x64-mCustomizeSearch = www.google.com
      x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
      x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
      x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
      x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
      x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
      x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
      x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
      x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
      x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
      x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
      x64-SSODL: WebCheck - <orphaned>
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\
      FF - prefs.js: browser.startup.homepage - http://www.nu.nl|psv.netwerk.to|hotm...w.facebook.com
      FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
      FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
      FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
      FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
      FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
      FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL
      FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
      FF - plugin: C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2.dll
      FF - plugin: C:\Users\standaard\AppData\Roaming\Mozilla\Firefox\Profiles\u7ac9uhz.default-1417213510283\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2_x64.dll
      FF - plugin: C:\Users\standaard\AppData\Roaming\TorrentStream\player\npts_plugin.dll
      FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll
      FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-11-15 274696]
      R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
      R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-11-1 2714800]
      R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 124560]
      R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2011-12-21 529768]
      R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-1-4 743688]
      R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-8-7 609056]
      R2 Update service;Update service;C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-11-1 179200]
      R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-3-27 25816]
      R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-1-30 366512]
      S2 39bfb656;TerminusMaker;C:\Windows\System32\rundll32.exe [2009-7-14 45568]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
      S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-3-27 1080120]
      S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
      S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2015-1-4 110336]
      S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
      S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-3-11 114688]
      S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-3-27 136408]
      S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-3-27 63704]
      S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-9-25 178760]
      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-3-11 20992]
      S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2015-1-4 206080]
      S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-11-18 88960]
      S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
      S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
      S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
      S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-18 1255736]
      .
      =============== Created Last 30 ================
      .
      2015-03-27 21:25:35 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
      2015-03-27 21:25:05 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
      2015-03-27 21:25:05 107736 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
      2015-03-27 21:25:04 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
      2015-03-27 21:25:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
      2015-03-27 08:46:35 12002392 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{181E1FA4-E26D-46FA-8D59-9796115AEA4E}\mpengine.dll
      2015-03-26 08:11:17 1187344 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC24A93A-CB73-4DF8-B8F9-5138881710B2}\gapaengine.dll
      2015-03-26 08:10:30 12002392 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
      2015-03-25 15:27:15 -------- d-----w- C:\Users\standaard\AppData\Roaming\ERoot
      2015-03-25 15:06:28 -------- d-----w- C:\Program Files (x86)\TerminusMaker
      2015-03-25 15:05:46 -------- d-----w- C:\Program Files (x86)\Currency Converter
      2015-03-25 15:05:03 -------- d-----w- C:\ProgramData\6415608617184494044
      2015-03-25 15:04:04 -------- d-----w- C:\ProgramData\{5444e75a-833c-5f2e-5444-4e75a8339d6a}
      2015-03-25 13:48:32 -------- d-----w- C:\Users\standaard\AppData\Roaming\Tencent
      2015-03-25 13:48:03 -------- d-----w- C:\Users\standaard\AppData\Roaming\Shuame
      2015-03-25 07:22:48 943616 ----a-w- C:\Windows\System32\appraiser.dll
      2015-03-25 07:22:48 760832 ----a-w- C:\Windows\System32\invagent.dll
      2015-03-25 07:22:48 677888 ----a-w- C:\Windows\System32\generaltel.dll
      2015-03-25 07:22:48 30720 ----a-w- C:\Windows\System32\acmigration.dll
      2015-03-25 07:22:48 1107456 ----a-w- C:\Windows\System32\aeinv.dll
      2015-03-25 07:22:47 414720 ----a-w- C:\Windows\System32\devinv.dll
      2015-03-25 07:22:47 227328 ----a-w- C:\Windows\System32\aepdu.dll
      2015-03-25 07:22:47 192000 ----a-w- C:\Windows\System32\aepic.dll
      2015-03-11 08:39:36 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
      2015-03-11 08:38:47 215552 ----a-w- C:\Windows\System32\ubpm.dll
      .
      ==================== Find3M ====================
      .
      2015-03-16 07:21:53 778928 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2015-03-16 07:21:53 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2015-03-06 05:38:53 95672 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
      2015-03-06 05:38:53 155576 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
      2015-03-06 05:33:03 210944 ----a-w- C:\Windows\System32\wdigest.dll
      2015-03-06 05:33:02 86528 ----a-w- C:\Windows\System32\TSpkg.dll
      2015-03-06 05:33:01 29184 ----a-w- C:\Windows\System32\sspisrv.dll
      2015-03-06 05:33:01 136192 ----a-w- C:\Windows\System32\sspicli.dll
      2015-03-06 05:32:59 342016 ----a-w- C:\Windows\System32\schannel.dll
      2015-03-06 05:32:59 28160 ----a-w- C:\Windows\System32\secur32.dll
      2015-03-06 05:32:56 309760 ----a-w- C:\Windows\System32\ncrypt.dll
      2015-03-06 05:32:55 315904 ----a-w- C:\Windows\System32\msv1_0.dll
      2015-03-06 05:32:52 729600 ----a-w- C:\Windows\System32\kerberos.dll
      2015-03-06 05:32:52 1464832 ----a-w- C:\Windows\System32\lsasrv.dll
      2015-03-06 05:32:47 22016 ----a-w- C:\Windows\System32\credssp.dll
      2015-03-06 05:32:46 463872 ----a-w- C:\Windows\System32\certcli.dll
      2015-03-06 05:32:14 31232 ----a-w- C:\Windows\System32\lsass.exe
      2015-03-06 05:32:00 64000 ----a-w- C:\Windows\System32\auditpol.exe
      2015-03-06 05:29:59 60416 ----a-w- C:\Windows\System32\msobjs.dll
      2015-03-06 05:29:44 146432 ----a-w- C:\Windows\System32\msaudite.dll
      2015-03-06 05:27:29 690688 ----a-w- C:\Windows\System32\adtschema.dll
      2015-03-06 05:12:05 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
      2015-03-06 05:12:02 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
      2015-03-06 05:11:59 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
      2015-03-06 05:11:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
      2015-03-06 05:11:55 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
      2015-03-06 05:11:54 260096 ----a-w- C:\Windows\SysWow64\msv1_0.dll
      2015-03-06 05:11:49 551424 ----a-w- C:\Windows\SysWow64\kerberos.dll
      2015-03-06 05:11:43 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
      2015-03-06 05:11:42 342528 ----a-w- C:\Windows\SysWow64\certcli.dll
      2015-03-06 05:11:02 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
      2015-03-06 05:10:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
      2015-03-06 05:09:04 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
      2015-03-06 05:08:54 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
      2015-03-06 05:07:26 690688 ----a-w- C:\Windows\SysWow64\adtschema.dll
      2015-03-03 13:17:35 295552 ------w- C:\Windows\System32\MpSigStub.exe
      2015-02-26 03:25:44 3204096 ----a-w- C:\Windows\System32\win32k.sys
      2015-02-20 05:25:24 41984 ----a-w- C:\Windows\System32\lpk.dll
      2015-02-20 05:25:22 100864 ----a-w- C:\Windows\System32\fontsub.dll
      2015-02-20 05:25:20 14336 ----a-w- C:\Windows\System32\dciman32.dll
      2015-02-20 05:25:18 46080 ----a-w- C:\Windows\System32\atmlib.dll
      2015-02-20 05:17:28 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
      2015-02-20 05:17:25 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
      2015-02-20 05:14:48 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
      2015-02-20 03:50:09 299008 ----a-w- C:\Windows\SysWow64\atmfd.dll
      2015-02-20 03:46:06 372224 ----a-w- C:\Windows\System32\atmfd.dll
      2015-02-20 03:06:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
      2015-02-20 03:05:49 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
      2015-02-20 02:50:14 66560 ----a-w- C:\Windows\System32\iesetup.dll
      2015-02-20 02:49:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
      2015-02-20 02:49:19 584192 ----a-w- C:\Windows\System32\vbscript.dll
      2015-02-20 02:47:56 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
      2015-02-20 02:35:17 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
      2015-02-20 02:35:05 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
      2015-02-20 02:34:24 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
      2015-02-20 02:32:34 6035456 ----a-w- C:\Windows\System32\jscript9.dll
      2015-02-20 02:26:12 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
      2015-02-20 02:22:35 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
      2015-02-20 02:13:57 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
      2015-02-20 02:09:08 503296 ----a-w- C:\Windows\SysWow64\vbscript.dll
      2015-02-20 02:08:59 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
      2015-02-20 02:08:13 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
      2015-02-20 02:06:44 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
      2015-02-20 01:56:54 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
      2015-02-20 01:56:07 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
      2015-02-20 01:47:06 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
      2015-02-20 01:46:45 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
      2015-02-20 01:41:52 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
      2015-02-20 01:30:39 4300288 ----a-w- C:\Windows\SysWow64\jscript9.dll
      2015-02-20 01:28:25 2358784 ----a-w- C:\Windows\System32\wininet.dll
      2015-02-20 01:24:21 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
      2015-02-20 01:23:19 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
      2015-02-20 01:01:25 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
      2015-02-04 03:16:35 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
      2015-02-04 02:54:09 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
      2015-02-03 03:55:40 693176 ----a-w- C:\Windows\System32\winload.efi
      2015-02-03 03:55:40 5553600 ----a-w- C:\Windows\System32\ntoskrnl.exe
      2015-02-03 03:55:38 95160 ----a-w- C:\Windows\System32\drivers\mountmgr.sys
      2015-02-03 03:53:17 617376 ----a-w- C:\Windows\System32\winresume.efi
      2015-02-03 03:51:25 229376 ----a-w- C:\Windows\System32\wintrust.dll
      2015-02-03 03:51:10 503808 ----a-w- C:\Windows\System32\srcore.dll
      2015-02-03 03:51:10 50176 ----a-w- C:\Windows\System32\srclient.dll
      2015-02-03 03:51:09 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
      2015-02-03 03:51:04 11264 ----a-w- C:\Windows\System32\msmmsp.dll
      2015-02-03 03:51:02 4121600 ----a-w- C:\Windows\System32\mf.dll
      2015-02-03 03:51:02 206848 ----a-w- C:\Windows\System32\mfps.dll
      2015-02-03 03:50:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
      2015-02-03 03:50:56 190976 ----a-w- C:\Windows\System32\cryptsvc.dll
      2015-02-03 03:50:56 1480704 ----a-w- C:\Windows\System32\crypt32.dll
      2015-02-03 03:50:56 142336 ----a-w- C:\Windows\System32\cryptnet.dll
      2015-02-03 03:50:55 58880 ----a-w- C:\Windows\System32\appidapi.dll
      2015-02-03 03:50:55 34304 ----a-w- C:\Windows\System32\appidsvc.dll
      2015-02-03 03:50:41 112640 ----a-w- C:\Windows\System32\smss.exe
      2015-02-03 03:50:33 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
      2015-02-03 03:50:33 296960 ----a-w- C:\Windows\System32\rstrui.exe
      2015-02-03 03:50:24 24576 ----a-w- C:\Windows\System32\mfpmp.exe
      2015-02-03 03:50:09 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
      2015-02-03 03:50:09 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
      2015-02-03 03:45:31 2048 ----a-w- C:\Windows\System32\mferror.dll
      2015-02-03 03:44:29 6656 ----a-w- C:\Windows\System32\apisetschema.dll
      .
      ============= FINISH: 6:04:27,33 ===============

      Comment


      • #4
        GMER 2.1.19357 - http://www.gmer.net
        Rootkit scan 2015-03-28 06:12:40
        Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000056 SAMSUNG_ rev.1AA0 698,64GB
        Running: dtlcdk8k.exe; Driver: C:\Users\STANDA~1\AppData\Local\Temp\pwldyuob.sys


        ---- Threads - GMER 2.1 ----

        Thread C:\Windows\System32\svchost.exe [1008:2900] 000007fef29a20c0
        Thread C:\Windows\System32\svchost.exe [1008:2928] 000007fef29a26a8
        Thread C:\Windows\System32\svchost.exe [1008:2932] 000007fef29514a0
        Thread C:\Windows\System32\svchost.exe [1008:2952] 000007fef29a29dc
        Thread C:\Windows\System32\svchost.exe [1008:3248] 000007fef20ea2b0
        Thread C:\Windows\System32\svchost.exe [1008:3840] 000007fef41689b8
        Thread C:\Windows\System32\svchost.exe [1008:2672] 000007fef3f144e0
        Thread C:\Windows\System32\svchost.exe [1008:2388] 000007fef3f38730
        Thread C:\Windows\System32\svchost.exe [1008:2980] 000007fef3f2d710
        Thread C:\Windows\system32\svchost.exe [328:3132] 000007fef2154f84
        Thread C:\Windows\system32\svchost.exe [1116:1156] 000007fef91b341c
        Thread C:\Windows\system32\svchost.exe [1116:1168] 000007fef91b3a2c
        Thread C:\Windows\system32\svchost.exe [1116:1172] 000007fef91b5c20
        Thread C:\Windows\system32\svchost.exe [1116:1176] 000007fef91b3768
        Thread C:\Windows\system32\svchost.exe [1116:2296] 000007fef41ebd70
        Thread C:\Windows\system32\svchost.exe [1116:2472] 000007fef3eb83d8
        Thread C:\Windows\system32\svchost.exe [1116:2476] 000007fef3eb83d8
        Thread C:\Windows\system32\svchost.exe [1116:2620] 000007fef3703f84
        Thread C:\Windows\system32\svchost.exe [1116:2624] 000007fef36d1a38
        Thread C:\Windows\system32\svchost.exe [1116:2636] 000007fef3505388
        Thread C:\Windows\system32\svchost.exe [1116:2640] 000007fef34e7738
        Thread C:\Windows\system32\svchost.exe [1116:2656] 000007fef34a1f90
        Thread C:\Windows\system32\svchost.exe [1116:3160] 000007fef7a75170
        Thread C:\Windows\system32\svchost.exe [1116:3584] 000007fef4145124
        Thread C:\Windows\system32\svchost.exe [1116:3756] 000007fef91b3900
        Thread C:\Windows\System32\spoolsv.exe [1288:1536] 000007fef87b10c8
        Thread C:\Windows\System32\spoolsv.exe [1288:1540] 000007fef877616c
        Thread C:\Windows\System32\spoolsv.exe [1288:1544] 000007fef8565fd0
        Thread C:\Windows\System32\spoolsv.exe [1288:1548] 000007fef8553438
        Thread C:\Windows\System32\spoolsv.exe [1288:1552] 000007fef85663ec
        Thread C:\Windows\System32\spoolsv.exe [1288:1560] 000007fef8a45e5c
        Thread C:\Windows\System32\spoolsv.exe [1288:1564] 000007fef8af5084
        Thread C:\Windows\system32\svchost.exe [1316:2072] 000007fef4ca35c0
        Thread C:\Windows\system32\svchost.exe [1316:2076] 000007fef4ca5600
        Thread C:\Windows\system32\svchost.exe [1316:2896] 000007fef29c2940
        Thread C:\Windows\system32\svchost.exe [1316:2944] 000007fef2922888
        Thread C:\Windows\system32\svchost.exe [2052:2144] 000007fef8565fd0
        Thread C:\Windows\system32\svchost.exe [2052:2148] 000007fef85663ec
        Thread C:\Windows\system32\svchost.exe [2052:3552] 000007fef1a78470
        Thread C:\Windows\system32\svchost.exe [2052:3568] 000007fef1a82418
        Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3104:3696] 000007fefb172c38
        Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3104:3284] 000007fef4145124
        Thread C:\Windows\System32\WUDFHost.exe [3364:3448] 000007fef1a324a0

        ---- EOF - GMER 2.1 ----

        Comment


        • #5
          Je hebt Gmer laten runnen vanuit een temp.
          Op die manier bekom je geen goed resultaat. Voer uit wat er beschreven staat in de handleiding aub.


          Download of Update Ccleaner

          Start CCleaner op.
          • Run Ccleaner en klik in de linkse kolom op Opties
          • Selecteer het tabblad Geavanceerd
          • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
          • Selecteer het tabblad Instellingen
          • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
          • Klik in de linkse kolom op Cleaner.
          • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
          • Klik vervolgens in de linkse kolom op Register
          • Klik op Scan naar problemen.
          • Op de vraag of je een backup wil maken van het register, klik je "Ja".
          • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

          .


          Misschien een goed idee om eens te veranderen van antivirus tool. MSE is niet je het van het (zoals blijkt).


          Hoe is het nu?
          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

          Comment


          • #6
            Ik weet even niet wat ik fout doe bij GMER. Ik heb de stappen nog een keer uitgevoerd.

            GMER 2.1.19357 - http://www.gmer.net
            Rootkit scan 2015-03-28 11:34:19
            Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000056 SAMSUNG_ rev.1AA0 698,64GB
            Running: dtlcdk8k.exe; Driver: C:\Users\STANDA~1\AppData\Local\Temp\pwldyuob.sys


            ---- Threads - GMER 2.1 ----

            Thread C:\Windows\System32\svchost.exe [1004:2800] 000007fef2a520c0
            Thread C:\Windows\System32\svchost.exe [1004:3088] 000007fef2a526a8
            Thread C:\Windows\System32\svchost.exe [1004:3092] 000007fef2a529dc
            Thread C:\Windows\System32\svchost.exe [1004:3096] 000007fef28a14a0
            Thread C:\Windows\System32\svchost.exe [1004:3512] 000007fef126a2b0
            Thread C:\Windows\System32\svchost.exe [1004:3844] 000007fef3f344e0
            Thread C:\Windows\system32\svchost.exe [1108:1148] 000007fef93f341c
            Thread C:\Windows\system32\svchost.exe [1108:1152] 000007fef93f3a2c
            Thread C:\Windows\system32\svchost.exe [1108:1156] 000007fef93f3768
            Thread C:\Windows\system32\svchost.exe [1108:1160] 000007fef93f5c20
            Thread C:\Windows\system32\svchost.exe [1108:2828] 000007fef42bbd70
            Thread C:\Windows\system32\svchost.exe [1108:3044] 000007fef3ed83d8
            Thread C:\Windows\system32\svchost.exe [1108:3048] 000007fef3ed83d8
            Thread C:\Windows\system32\svchost.exe [1108:1768] 000007fef3603f84
            Thread C:\Windows\system32\svchost.exe [1108:1776] 000007fef35d1a38
            Thread C:\Windows\system32\svchost.exe [1108:1716] 000007fef3515388
            Thread C:\Windows\system32\svchost.exe [1108:2176] 000007fef34f7738
            Thread C:\Windows\system32\svchost.exe [1108:1856] 000007fef34e1f90
            Thread C:\Windows\system32\svchost.exe [1108:3556] 000007fef7e25170
            Thread C:\Windows\system32\svchost.exe [1108:3896] 000007fef4215124
            Thread C:\Windows\system32\svchost.exe [1108:4056] 000007fef93f3900
            Thread C:\Windows\System32\spoolsv.exe [1252:1632] 000007fef89510c8
            Thread C:\Windows\System32\spoolsv.exe [1252:1640] 000007fef88f616c
            Thread C:\Windows\System32\spoolsv.exe [1252:1652] 000007fef86e5fd0
            Thread C:\Windows\System32\spoolsv.exe [1252:1656] 000007fef86d3438
            Thread C:\Windows\System32\spoolsv.exe [1252:1672] 000007fef86e63ec
            Thread C:\Windows\System32\spoolsv.exe [1252:1724] 000007fef8c15e5c
            Thread C:\Windows\System32\spoolsv.exe [1252:1728] 000007fef8cc5084
            Thread C:\Windows\system32\svchost.exe [1340:1364] 000007fefc791a70
            Thread C:\Windows\system32\svchost.exe [1340:1368] 000007fefc791a70
            Thread C:\Windows\system32\svchost.exe [1340:1380] 000007fefc791a70
            Thread C:\Windows\system32\svchost.exe [1340:1388] 000007fef8f02c70
            Thread C:\Windows\system32\svchost.exe [1340:1416] 000007fef8f0fb40
            Thread C:\Windows\system32\svchost.exe [1340:1440] 000007fef8f21d20
            Thread C:\Windows\system32\svchost.exe [1340:1444] 000007fef8f0f6f0
            Thread C:\Windows\system32\svchost.exe [1340:2672] 000007fef4d635c0
            Thread C:\Windows\system32\svchost.exe [1340:2748] 000007fef4d65600
            Thread C:\Windows\system32\svchost.exe [1340:3124] 000007fef2772888
            Thread C:\Windows\system32\svchost.exe [1340:3324] 000007fef23e2940
            Thread C:\Windows\system32\svchost.exe [1340:1420] 000007fef2772a40
            Thread C:\Windows\system32\taskhost.exe [1500:1600] 000007fef8dd2740
            Thread C:\Windows\system32\taskhost.exe [1500:1684] 000007fef8691010
            Thread C:\Windows\system32\taskhost.exe [1500:1712] 000007fef8671f38
            Thread C:\Windows\system32\taskhost.exe [1500:1796] 000007feff1d92c0
            Thread C:\Windows\system32\taskhost.exe [1500:2040] 000007fef7e25170
            Thread C:\Windows\system32\svchost.exe [2664:2852] 000007fef86e5fd0
            Thread C:\Windows\system32\svchost.exe [2664:2868] 000007fef86e63ec
            Thread C:\Windows\system32\svchost.exe [2664:3848] 000007fef4f48470
            Thread C:\Windows\system32\svchost.exe [2664:3868] 000007fef4f52418
            Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3388:4000] 000007fefb362c38
            Thread C:\Windows\System32\WUDFHost.exe [3564:3652] 000007fef0e624a0

            ---- EOF - GMER 2.1 ----

            Comment


            • #7
              De problemen lijken opgelost. Welke antivirus programma adviseer je mij?

              Comment


              • #8
                Zelf gebruik ik Bitdefender Free.
                Installeren, registreren en geen kijken naar

                http://www.bitdefender.nl/toolbox/freeapps/desktop/




                1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                4) Allerlei tips en hints kan je hier raadplegen.


                Ik zet het topic op opgelost.

                Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
                naar de sectie "Afgesloten topics virusinfecties en is een reactie niet meer mogelijk
                Dit is gedaan om het forum netjes en overzichtelijk te houden.

                Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                Emphyrio
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X