paashaas
-
Items
44 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door paashaas
-
hoi, heb inmiddels een andere pc op de kop kunnen tikken, een hp compaq 6000 pro minitower, hopelijk gaat dat beter werken, is net gereviseerd. nog bedankt, en fijne paasdagen!
-
-- hoi clarcy het lukt mij niet om het staatje te copieren zoals in het voorbeeld staat, ik krijg hele tijd dit op de schijf. ik zie alleen geel bij current pending sector count, dit is de schijf waar het besturingssysteem op staat. Bij die andere staan er 3 gele rondjes, mar dat lijkt me niet van toepassing. Bij hdtune was 0,2% niet in orde. gr ph -------------------------------------------------------------------------- CrystalDiskInfo 6.5.2 © 2008-2015 hiyohiyo Crystal Dew World : http://crystalmark.info/ ---------------------------------------------------------------------------- OS : Windows 10 [10.0 Build 10586] (x86) Date : 2016/03/23 21:27:05 -- Controller Map ---------------------------------------------------------- + Intel® 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0 [ATA] + ATA Channel 0 (0) - TSSTcorp CDDVDW SH-S223C ATA Device - ATA Channel 1 (1) + Intel® 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF [ATA] + ATA Channel 0 (0) - Maxtor 6Y080L0 ATA Device - WDC WD1600AAJB-22WRA0 ATA Device - ATA Channel 1 (1) - Controlefunctie voor opslagruimten van Microsoft [sCSI] -- Disk List --------------------------------------------------------------- (1) WDC WD1600AAJB-22WRA0 : 160,0 GB [0/0/0, pd1] - wd (2) Maxtor 6Y080L0 : 81,9 GB [1/0/1, pd1] ---------------------------------------------------------------------------- (1) WDC WD1600AAJB-22WRA0 ---------------------------------------------------------------------------- Model : WDC WD1600AAJB-22WRA0 Firmware : 58.01H58 Serial Number : WD-WCAS28830740 Disk Size : 160,0 GB (8,4/137,4/160,0/160,0) Buffer Size : 8192 KB Queue Depth : 1 # of Sectors : 312581808 Rotation Rate : Unknown Interface : Parallel ATA Major Version : ATA8-ACS Minor Version : ---- Transfer Mode : UDMA/100 | UDMA/100 Power On Hours : 10835 hours Power On Count : 4326 count Temperature : 43 C (109 F) Health Status : Caution Features : S.M.A.R.T., AAM, 48bit LBA APM Level : ---- AAM Level : 80FEh [OFF] -- S.M.A.R.T. -------------------------------------------------------------- ID Cur Wor Thr RawValues(6) Attribute Name 01 200 200 _51 0000000008E0 Read Error Rate 03 150 149 _21 000000000D82 Spin-Up Time 04 _96 _96 __0 000000001109 Start/Stop Count 05 200 200 140 000000000000 Reallocated Sectors Count 07 200 200 _51 000000000000 Seek Error Rate 09 _86 _86 __0 000000002A53 Power-On Hours 0A 100 100 _51 000000000000 Spin Retry Count 0B 100 100 _51 000000000000 Recalibration Retries 0C _96 _96 __0 0000000010E6 Power Cycle Count C0 200 200 __0 0000000000E2 Power-off Retract Count C1 199 199 __0 00000000110B Load/Unload Cycle Count C2 100 _94 __0 00000000002B Temperature C4 200 200 __0 000000000000 Reallocation Event Count C5 200 200 __0 000000000007 Current Pending Sector Count C6 200 200 __0 000000000000 Uncorrectable Sector Count C7 200 200 __0 000000000001 UltraDMA CRC Error Count C8 200 200 _51 000000000000 Write Error Rate -- IDENTIFY_DEVICE --------------------------------------------------------- 0 1 2 3 4 5 6 7 8 9 000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000 010: 2020 2020 2057 442D 5743 4153 3238 3833 3037 3430 020: 0000 4000 0032 3538 2E30 3148 3538 5744 4320 5744 030: 3136 3030 4141 4A42 2D32 3257 5241 3020 2020 2020 040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00 050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110 060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000 070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 080: 01FE 0000 746B 7F01 4123 7469 BC01 4123 203F 0014 090: 0014 0000 FFFE 603B 80FE 0000 0000 0000 0000 0000 100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 5001 4EE1 110: 015E 78DB 0000 0000 0000 0000 0000 0000 0000 4010 120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000 130: 0000 0000 0000 12A8 0000 0000 0000 0000 0000 0000 140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000 150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 200: 0000 0000 0000 0000 0000 0000 203F 0000 0000 0000 210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 220: 0000 0000 0001 0000 0000 0000 0000 0000 0000 0000 230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000 240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 250: 0000 0000 0000 0000 0000 17A5 ---------------------------------------------------------------------------- (2) Maxtor 6Y080L0 ---------------------------------------------------------------------------- Model : Maxtor 6Y080L0 Firmware : YAR41BW0 Serial Number : Y2AX4LZC Disk Size : 81,9 GB (8,4/81,9/----/81,9) Buffer Size : 2048 KB Queue Depth : 1 # of Sectors : 160086528 Rotation Rate : Unknown Interface : Parallel ATA Major Version : ATA/ATAPI-7 Minor Version : ATA/ATAPI-7 T13 1532D version 0 Transfer Mode : UDMA/100 | UDMA/133 Power On Hours : 3 hours (?) Power On Count : 6670 count Temperature : 45 C (113 F) Health Status : Caution Features : S.M.A.R.T., APM, AAM APM Level : 0000h [OFF] AAM Level : C0FEh [ON] -- S.M.A.R.T. -------------------------------------------------------------- ID Cur Wor Thr RawValues(6) Attribute Name 03 225 224 _63 000000002264 Spin-Up Time 04 251 251 __0 000000001274 Start/Stop Count 05 253 253 _63 000000000003 Reallocated Sectors Count 06 253 253 100 000000000000 Read Channel Margin 07 253 249 __0 000000000000 Seek Error Rate 08 253 233 187 00000000D1A2 Seek Time Performance 09 216 216 __0 0000000000D4 Power-On Hours 0A 253 252 157 000000000000 Spin Retry Count 0B 253 252 223 000000000000 Recalibration Retries 0C 237 237 __0 000000001A0E Power Cycle Count C0 253 253 __0 000000000000 Power-off Retract Count C1 253 253 __0 000000000000 Load/Unload Cycle Count C2 253 253 __0 00000000002D Temperature C3 253 252 __0 0000000004B9 Hardware ECC recovered C4 251 251 __0 000000000002 Reallocation Event Count C5 253 253 __0 000000000001 Current Pending Sector Count C6 238 238 __0 00000000000F Uncorrectable Sector Count C7 199 199 __0 000000000000 UltraDMA CRC Error Count C8 253 252 __0 000000000000 Write Error Rate C9 253 252 __0 000000000004 Soft Read Error Rate CA 253 252 __0 000000000000 Data Address Mark Error CB 253 252 180 000000000003 Run Out Cancel CC 253 252 __0 000000000000 Soft ECC Correction CD 253 252 __0 000000000000 Thermal Asperity Rate CF 253 252 __0 000000000000 Spin High Current D0 253 252 __0 000000000000 Spin Buzz D1 191 189 __0 000000000000 Offline Seek Performance 63 253 253 __0 000000000000 Vendor Specific 64 253 253 __0 000000000000 Vendor Specific 65 253 253 __0 000000000000 Vendor Specific -- IDENTIFY_DEVICE --------------------------------------------------------- 0 1 2 3 4 5 6 7 8 9 000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000 010: 5932 4158 344C 5A43 2020 2020 2020 2020 2020 2020 020: 0003 1000 0039 5941 5234 3142 5730 4D61 7874 6F72 030: 2036 5930 3830 4C30 2020 2020 2020 2020 2020 2020 040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00 050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110 060: BA00 098A 0000 0007 0003 0078 0078 0078 0078 0000 070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 080: 00FE 001E 7C6B 7B09 4003 7C69 3A01 4003 207F 0000 090: 0000 0000 FFFE 6B00 C0FE 0000 0000 0000 0000 0000 100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000 130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 150: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000 160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 250: 0000 0000 0000 0000 0000 0AA5
-
http://speccy.piriform.com/results/SxMrB0fjKHEULzZGfqEHFFb deze goed?
-
Generated by Piriform Speccy v1.29.714 22 Mar 2016 @ 19:35 Overzicht Besturingssysteem Windows 10 Home 32-bit Processor Intel Pentium 4 531 Prescott 90nm Technologie RAM 4,00GB Dual-Kanaal DDR2 @ 399MHz (6-6-6-18) Moederbord MSI G41TM-P31 (MS-7592) (CPU 1): 41 °C Grafisch SyncMaster (1024x768@64Hz) Intel G41 Express Chipset (MSI) Opslag 149GB Western Digital WDC WD1600AAJB-22WRA0 ATA Device (ATA): 35 °C 76GB Maxtor 6Y080L0 ATA Device (ATA): 36 °C 7GB USB DISK 2.0 USB Device (USB) Optische schijven TSSTcorp CDDVDW SH-S223C ATA Device Geluid VIA hopelijk is dit wat je gevraagd hebt, groetjes ph
-
officieel heb ik een systeemherstel gemaakt zonder dat documenten, bestanden verloren gaan, later ook nog een herstelstation gemaakt tot op heden geen verbetering in computer. Trouwens af en toe verschijnt een zwart schermpje in beeld, met daarop tekst "windows 32 taskhost". De reden van een systeemherstel was dat de computer geen foto's van de fotocamera wilde inladen.
-
er zijn geen hertelpunten meer of ze werken niet.
-
hoi het wil niet zo goed lukken. Er zijn herstelpunten meer te vinden, of ze werken niet. er staat dat system 32/taskschd.dll. is niet geschikt voor windows of bevat een fout. er staat verder dat ik het progamma opnieuw moet instaleren. Dat wordt moeilijk want dit is een upgrade vanuit windows 7. Weet u mischien nog een foefje of moet ik opnieuw windows 7 istaleren? groetjes paasei.
-
hallo luitjes nadat ik windows 10 heb teruggezet naar fabrieksinstellingen, werken het startmenu, zoekmenu, en taakweergavemenu niet meer. Dwz als ik er met de muisop klik, zowel links als rechts, reageert hij niet. Weet iemand waaraan dat ligt? Ik heb een desktoppc. alvast bedankt voor eventuele opkossingen.
-
het gaat nu beter, heb nu internet explorer geinstaleerd als startpagina, en chrome verwijderd, zie tot nu toe nog niets vreemds.
-
goede vraag, heb alleen chrome,mischien een idee om van browser te wisselen.
-
hoi kape, progamma reageert niet meer als ik wil plakken, volgens het logje zitten er geen virussen in de computer, helaas zitten ze er nog wel. Mooie boel dit, nog bedankt tot zover.
-
wordt vanavond laat.
-
het wordt al erger, dat virus staat me ook al niet meer toe om op jullie website te komen. i.p.v. verschijnen steeds meer virussen, met texten dat mijn data beschadigd zijn etc, en ik progamma's daarvoor moet downloaden etc. ongekend, nog nooit zoiets meegemaakt.
-
Logfile of random's system information tool 1.10 (written by random/random) Run by cato at 2014-10-01 23:12:02 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 68 GB (45%) free of 153 GB Total RAM: 2013 MB (27% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:12:22, on 1-10-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17280) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Users\cato\Documents\Kies\KiesTrayAgent.exe C:\Program Files\Skype\Phone\Skype.exe C:\Users\cato\Documents\Kies\Kies.exe C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\CCleaner\CCleaner.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\cato\Downloads\RSIT.exe C:\Program Files\trend micro\cato.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = msn R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Users\cato\Documents\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [KiesPreload] C:\Users\cato\Documents\Kies\Kies.exe /preload O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_S97AC.tmp" /EF "HKCU" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 5980 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-06 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-06 171944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] "KiesTrayAgent"=C:\Users\cato\Documents\Kies\KiesTrayAgent.exe [2014-07-25 311616] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17880752] "KiesPreload"=C:\Users\cato\Documents\Kies\Kies.exe [2014-07-25 1562264] "Spotify Web Helper"=C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-03-07 1171968] "EPSON Stylus DX7400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-09-25 4810520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-02-11 228864] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.FFDS"=ff_vfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-10-01 00:00:30 ----D---- C:\Program Files\ESET 2014-09-30 18:14:07 ----A---- C:\MBAM Scanlog.txt 2014-09-29 22:17:38 ----SHD---- C:\$RECYCLE.BIN 2014-09-29 22:13:42 ----A---- C:\Windows\zoek-delete.exe 2014-09-29 22:13:40 ----D---- C:\Windows\Temp 2014-09-28 10:24:52 ----D---- C:\zoek_backup 2014-09-27 17:09:16 ----D---- C:\rsit 2014-09-27 16:17:53 ----D---- C:\AdwCleaner 2014-09-27 15:54:55 ----D---- C:\Users\cato\AppData\Roaming\Nico Mak Computing 2014-09-27 15:54:42 ----D---- C:\ProgramData\Nico Mak Computing 2014-09-27 15:54:28 ----A---- C:\Windows\system32\wsusnative32.exe 2014-09-24 19:37:50 ----A---- C:\Windows\system32\tzres.dll 2014-09-24 19:32:43 ----A---- C:\Windows\system32\drivers\48230029.sys 2014-09-22 22:00:00 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-09-22 21:59:18 ----D---- C:\ProgramData\Malwarebytes 2014-09-22 21:59:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware 2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mwac.sys 2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-09-20 13:35:06 ----AH---- C:\Program Files\.picasa.ini 2014-09-20 12:40:57 ----A---- C:\Program Files\picasa39-setup.exe 2014-09-12 15:30:36 ----A---- C:\Windows\system32\iesetup.dll 2014-09-12 15:30:28 ----A---- C:\Windows\system32\ieui.dll 2014-09-12 15:30:27 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-09-12 15:30:24 ----A---- C:\Windows\system32\jscript9diag.dll 2014-09-12 15:30:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-09-12 15:30:20 ----A---- C:\Windows\system32\msrating.dll 2014-09-12 15:30:19 ----A---- C:\Windows\system32\mshtmled.dll 2014-09-12 15:30:18 ----A---- C:\Windows\system32\jsproxy.dll 2014-09-12 15:30:18 ----A---- C:\Windows\system32\ieapfltr.dll 2014-09-12 15:30:17 ----A---- C:\Windows\system32\ieUnatt.exe 2014-09-12 15:30:17 ----A---- C:\Windows\system32\dxtmsft.dll 2014-09-12 15:30:16 ----A---- C:\Windows\system32\iernonce.dll 2014-09-12 15:30:16 ----A---- C:\Windows\system32\dxtrans.dll 2014-09-12 15:30:15 ----A---- C:\Windows\system32\vbscript.dll 2014-09-12 15:30:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-12 15:30:12 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-09-12 15:30:12 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-09-12 15:30:12 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-09-12 15:30:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-12 15:30:09 ----A---- C:\Windows\system32\msfeeds.dll 2014-09-12 15:30:09 ----A---- C:\Windows\system32\ie4uinit.exe 2014-09-12 15:30:08 ----A---- C:\Windows\system32\iedkcs32.dll 2014-09-12 15:30:02 ----A---- C:\Windows\system32\iertutil.dll 2014-09-12 15:30:00 ----A---- C:\Windows\system32\wininet.dll 2014-09-12 15:29:58 ----A---- C:\Windows\system32\jscript9.dll 2014-09-12 15:29:57 ----A---- C:\Windows\system32\urlmon.dll 2014-09-12 15:29:53 ----A---- C:\Windows\system32\mshtml.dll 2014-09-12 15:29:51 ----A---- C:\Windows\system32\ieframe.dll 2014-09-12 15:28:36 ----A---- C:\Windows\system32\msmpeg2vdec.dll 2014-09-12 13:03:04 ----A---- C:\Windows\system32\lsasrv.dll 2014-09-12 13:03:04 ----A---- C:\Windows\system32\kerberos.dll 2014-09-12 13:02:34 ----A---- C:\Windows\system32\d3d10warp.dll 2014-09-12 13:02:30 ----A---- C:\Windows\system32\TSWorkspace.dll 2014-09-12 13:02:23 ----A---- C:\Windows\system32\aepdu.dll 2014-09-12 13:02:22 ----A---- C:\Windows\system32\aeinv.dll 2014-09-06 10:07:52 ----D---- C:\Users\cato\AppData\Roaming\Oracle 2014-09-06 10:06:36 ----A---- C:\Windows\system32\javaws.exe 2014-09-06 10:06:25 ----A---- C:\Windows\system32\javaw.exe 2014-09-06 10:06:25 ----A---- C:\Windows\system32\java.exe 2014-09-06 10:06:04 ----D---- C:\Program Files\Java ======List of files/folders modified in the last 1 month====== 2014-10-01 23:12:18 ----D---- C:\Windows\Prefetch 2014-10-01 23:12:10 ----D---- C:\Program Files\trend micro 2014-10-01 20:51:04 ----D---- C:\Windows\system32\config 2014-10-01 20:39:48 ----SHD---- C:\System Volume Information 2014-10-01 19:54:12 ----D---- C:\Windows\system32\catroot 2014-10-01 19:45:55 ----D---- C:\Windows 2014-10-01 05:14:46 ----RD---- C:\Program Files 2014-09-30 20:19:40 ----D---- C:\Windows\SoftwareDistribution 2014-09-30 19:07:52 ----D---- C:\Windows\system32\catroot2 2014-09-30 19:06:00 ----D---- C:\Windows\system32\drivers 2014-09-30 19:06:00 ----D---- C:\Windows\Branding 2014-09-29 21:48:49 ----D---- C:\Windows\System32 2014-09-29 21:40:27 ----D---- C:\Windows\system32\wdi 2014-09-28 20:52:35 ----D---- C:\Windows\inf 2014-09-28 11:08:33 ----HD---- C:\ProgramData 2014-09-28 11:08:33 ----D---- C:\Windows\system32\Tasks 2014-09-27 13:12:55 ----D---- C:\Program Files\CCleaner 2014-09-27 11:52:26 ----D---- C:\Windows\nl-NL 2014-09-26 21:50:53 ----D---- C:\Users\cato\AppData\Roaming\Skype 2014-09-25 19:18:00 ----D---- C:\Windows\rescache 2014-09-24 23:49:34 ----D---- C:\Windows\winsxs 2014-09-24 23:49:27 ----D---- C:\Windows\system32\nl-NL 2014-09-24 19:36:33 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-09-22 22:18:51 ----D---- C:\Windows\Resources 2014-09-22 21:38:27 ----RD---- C:\Users 2014-09-22 08:41:56 ----N---- C:\Windows\system32\MpSigStub.exe 2014-09-22 08:24:58 ----D---- C:\Windows\debug 2014-09-20 20:39:08 ----D---- C:\Windows\Tasks 2014-09-20 20:36:40 ----HD---- C:\Windows\system32\GroupPolicy 2014-09-20 20:36:40 ----D---- C:\Program Files\Google 2014-09-20 13:13:09 ----D---- C:\Users\cato\AppData\Roaming\vlc 2014-09-19 08:55:54 ----SHD---- C:\Windows\Installer 2014-09-19 08:55:53 ----SHD---- C:\Config.Msi 2014-09-12 16:50:36 ----D---- C:\Windows\Microsoft.NET 2014-09-12 16:49:12 ----RSD---- C:\Windows\assembly 2014-09-12 16:34:54 ----D---- C:\Windows\system32\en-US 2014-09-12 16:34:52 ----D---- C:\Program Files\Internet Explorer 2014-09-12 15:28:32 ----D---- C:\Windows\system32\MRT 2014-09-12 15:18:11 ----A---- C:\Windows\system32\MRT.exe 2014-09-12 15:16:51 ----D---- C:\Program Files\Microsoft Security Client 2014-09-12 15:16:28 ----SD---- C:\Windows\system32\CompatTel 2014-09-12 15:11:59 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-09-07 19:06:39 ----D---- C:\Users\cato\AppData\Roaming\dvdcss 2014-09-06 10:06:13 ----A---- C:\Windows\system32\WindowsAccessBridge.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800] R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 23256] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-10-01 110296] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 51928] S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120] S2 892cc6a3;Performance Optimizer; c:\progra~2\perfor~1\PerformanceOptimizerSvc.dll,service [] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-17 1343400] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------
-
ja, dat klopt, als ik bv. naar pchelpforum ga, opent zich tegelijkertijd ook een tabblad met antivrussoftware, ook veel financiele pagina's, er staan wel 5 advertenties per pagina, en die groene ikoontjes die als je er op klikt ook een advertentie weergeven, bij geschiedenis staat cdncache-a.akamaihd.net als internetadresvoor die popups. Ik snap ook niet waarom ze steeds terugkomen, weet ook niet waar ik moet zoeken, hoop dat je nog iets weet. - - - Updated - - - De besmetting krijg ik bij ieder progamma wat ik open.
-
ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=63b481d869309845b76b025c3ea8a856 # engine=20376 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-10-01 03:15:25 # local_time=2014-10-01 05:15:25 (+0100, West-Europa (zomertijd)) # country="Netherlands" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Microsoft Security Essentials' # compatibility_mode=5895 16777213 100 100 1605514 35113719 0 0 # scanned=92665 # found=9 # cleaned=9 # scan_time=3530 sh=82D6689D84C5D50E1EEFDBFD18B7E4962CAEFA6D ft=1 fh=8ee7e6709c7ab98e vn="a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\WinZip Malware Protector\AppManager.exe.vir" sh=68455014C9F982EB18796DB794CFFD040E2090F2 ft=1 fh=f4d54ce35c24d0a3 vn="a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\WinZip Malware Protector\filetypehelper.exe.vir" sh=274CB4E7C8B3515060E7854F9B657977002FF8C1 ft=1 fh=5a43b5222c5838ce vn="a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\WinZip Malware Protector\scandll.dll.vir" sh=7560ADB6881D658A46F52AD1DCDF667B615F6EDE ft=1 fh=19f14dde2ee67322 vn="a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe.vir" sh=946D721C4655ADAC5B31FC0F05E06DCF32ACB04C ft=1 fh=c71c00112a768670 vn="a variant of Win32/SProtector.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\Performance Optimizer\PerformanceOptimizer.dll.vir" sh=56552C077E44F408BA7CA8EB350E7E9C41DF2789 ft=1 fh=5994faeef62d7123 vn="a variant of Win32/AdWare.MultiPlug.CN application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\2014-07-10_19-30-18-jl.wmv.exe" sh=328B0F49B27F0038AB09739112AFFDFA74BB2E5E ft=1 fh=5320e58612031249 vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files\cdbxp_setup_4.4.0.2905.exe" sh=A981E3D6F03D3BD57D1472F33A4093A01533F8A8 ft=1 fh=7aaf7b3d0491af48 vn="a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_cato_wzmp_8.exe.vir" sh=072972DCE4232CBD9640FFC07E42AE63B8077FDE ft=1 fh=c71c001126fafa63 vn="a variant of Win32/AdWare.MultiPlug.BN application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_YoutubeAdBloocKe\QKfpiwt0Gy1Von.dll" hoi nog bedankt, dit is trouwens wel een hardnekkig virus, het is nog niet weg, maar ik heb goede hoop. als het geen zin heeft om hier mee door te gaan laat het me dan weten, er zit niks anders op om dan de harde schijf te formateren.
-
Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Scandatum: 30-9-2014 Scantijd: 17:48:40 Logbestand: MBAM Scanlog.txt Beheerder: Ja Versie: 2.00.2.1012 Malwaredatabase: v2014.09.30.05 Rootkitdatabase: v2014.09.19.01 Licentie: Proef Malwarebescherming: Ingeschakeld Kwaadaardige Website Bescherming: Ingeschakeld Self-protection: Uitgeschakeld Besturingssysteem: Windows 7 Service Pack 1 Processor: x86 Bestandssysteem: NTFS Gebruiker: cato Scantype: Bedreigingsscan Resultaat: Voltooid Objecten Gescand: 275309 Verstreken Tijd: 13 m, 47 s Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Ingeschakeld Archieven: Ingeschakeld Rootkits: Uitgeschakeld Heuristics: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registersleutels: 0 (No malicious items detected) Registerwaardes: 0 (No malicious items detected) Registerdata: 0 (No malicious items detected) Mappen: 0 (No malicious items detected) Bestanden: 2 PUP.Optional.Superfish.A, C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Verwijder-bij-Herstart, [6568aa494734f83eafc3f13a07fc26da], PUP.Optional.Superfish.A, C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Verwijder-bij-Herstart, [636a45aeee8db77f6a08260525de7888], Fysieke Sectoren: 0 (No malicious items detected) (end)
-
ja nog steeds, dat groene icoontje is weg maar die advertenties zijn er nog, nog bedankt tot zover.
-
Zoek.exe v5.0.0.0 Updated 27-09-2014 Tool run by cato on ma 29-09-2014 at 21:48:54,89. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\cato\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-09-28-092818.log 21872 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 18:22] GOOSave - cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip GOOSave - cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip Google Wallet - cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda GOOSave - cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip ==== Chromium Startpages ====================== C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Preferences "startup_urls": [ "https://dub127.mail.live.com/?tid=cmAwYKYEVB5BGF2AAhWtbndg2&fid=flinbox", "https://support.google.com/chrome/answer/95440?p=settings_omnibox&rd=1", "http://google%20chrome/", "http://search.gboxapp.com/" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {A5583D70-650A-4BB9-8AF8-4F1FC4B30EAA} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Empty IE Cache ====================== C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1930Q01X will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=100 folders=28 177310829 bytes) ==== Empty Temp Folders ====================== C:\Users\cato\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\cato\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1930Q01X" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on ma 29-09-2014 at 22:17:34,79 ======================
-
bij de popups staat ad by GoSave/close, mischien zegt je dat iets
-
hoi kape het gaat slecht, al die pop ups zijn weer terug, durf ook niet meer te internetbankieren. overal verschijnen van die groene ikoontjes, een half rondje met een pijltje. die bevatten allemaal popups, hopelijk weet je nog een oplossing. alvast bedankt.
-
# AdwCleaner v3.310 - Rapport aangemaakt 28/09/2014 op 12:49:20 # Laatste Update 12/09/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits) # Gebruikersnaam : cato - CATO-PC # Gestart vanuit : C:\Users\cato\Downloads\adwcleaner_3.310.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** ***** [ Taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17280 -\\ Google Chrome v37.0.2062.120 [ Bestand : C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\preferences ] Verwijderd [search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740&q={searchTerms} Verwijderd [search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740&q={searchTerms} Verwijderd [startup_urls] : hxxp://search.gboxapp.com/ ************************* AdwCleaner[R0].txt - [4389 octets] - [27/09/2014 16:18:01] AdwCleaner[R1].txt - [1002 octets] - [28/09/2014 12:43:37] AdwCleaner[s0].txt - [3975 octets] - [27/09/2014 16:21:43] AdwCleaner[s1].txt - [1254 octets] - [28/09/2014 12:49:20] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1314 octets] ########## - - - Updated - - - voo# AdwCleaner v3.310 - Rapport aangemaakt 27/09/2014 op 16:18:01# Laatste Update 12/09/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits) # Gebruikersnaam : cato - CATO-PC # Gestart vanuit : C:\Users\cato\adwcleaner_3.310.exe # Optie : Scannen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Gevonden : C:\Program Files\NNeXtCoup Map Gevonden : C:\Program Files\WinZip Malware Protector Map Gevonden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector Map Gevonden : C:\ProgramData\NNeXtCoup Map Gevonden : C:\ProgramData\Performance Optimizer Map Gevonden : C:\ProgramData\Trusted Publisher Map Gevonden : C:\Users\cato\AppData\Local\Chromatic Browser Map Gevonden : C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiidkjdkhbhgkafcdllkbbjhppfhbjol Map Gevonden : C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmohigdnpdbagcnpkbcfiiefgcinfgaj Map Gevonden : C:\Users\cato\AppData\Local\torch Map Gevonden : C:\Users\cato\AppData\Roaming\SkypEmoticons Map Gevonden : C:\Users\cato\Documents\Optimizer Pro ***** [ Taken ] ***** ***** [ Snelkoppelingen ] ***** Snelkoppeling Gevonden : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 ) Snelkoppeling Gevonden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 ) Snelkoppeling Gevonden : C:\Users\cato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 ) Snelkoppeling Gevonden : C:\Users\cato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 ) Snelkoppeling Gevonden : C:\Users\cato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 ) Snelkoppeling Gevonden : C:\Users\cato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 ) ***** [ Register ] ***** Gegevens Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\perfor~1\perfor~1.dll Sleutel Gevonden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Sleutel Gevonden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Sleutel Gevonden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} Sleutel Gevonden : HKCU\Software\Optimizer Pro Sleutel Gevonden : HKCU\Software\RegisteredApplicationsEx Sleutel Gevonden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Sleutel Gevonden : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B} Sleutel Gevonden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-576482620 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17280 Instelling Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740&q={searchTerms} -\\ Google Chrome v37.0.2062.120 [ Bestand : C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\preferences ] Gevonden [startup_urls] : hxxp://search.gboxapp.com/ Gevonden [Extension] : hiidkjdkhbhgkafcdllkbbjhppfhbjol Gevonden [Extension] : nmohigdnpdbagcnpkbcfiiefgcinfgaj ************************* AdwCleaner[R0].txt - [4249 octets] - [27/09/2014 16:18:01] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4309 octets] ########## r dat ik contact met jullie heb opgenomen heb ik ook nog een scan laten uitvoeren, hier het resultaat.
-
Zoek.exe v5.0.0.0 Updated 27-09-2014 Tool run by cato on zo 28-09-2014 at 10:25:06,49. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\cato\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 28-9-2014 10:51:33 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\GaoSavee deleted successfully C:\PROGRA~2\GaoSavee deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\Users\cato\AppData\Local\MigWiz deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2306347899-3207702929-778101096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b} deleted successfully HKEY_USERS\S-1-5-21-2306347899-3207702929-778101096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b}] ==== Deleting Files \ Folders ====================== C:\ProgramData\GaoSavee not found C:\Program Files\GaoSavee not found C:\Program Files\YoutubeAdBloocKe deleted C:\ProgramData\YoutubeAdBloocKe deleted C:\ProgramData\e4cdde398fc7b44a deleted C:\Users\cato\AppData\Roaming\Nico Mak Computing\WinZip Malware Protector deleted C:\PROGRA~2\Nico Mak Computing\WinZip Malware Protector deleted C:\PROGRA~2\FineDEalSaofat deleted C:\Windows\system32\tasks\WinZip Malware Protector_startup deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Users\Public\Desktop\WinZip Malware Protector.lnk deleted C:\Users\cato\adwcleaner_3.310.exe deleted C:\Users\cato\HousecallLauncher.exe deleted C:\Users\cato\RSIT.exe deleted C:\Users\cato\wzmp_8.exe deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\cato\AppData\Local\Temp ==== 2014-09-27 16:39:30 D5CFDE06873A24A7E04DBA14400EFC3C 246272 ----a-w- C:\Users\cato\AppData\Local\Temp\NL\install\unrar.exe 2014-09-27 11:47:55 CDE8B38D07251D52D440ECFEE62B4194 705584 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tscdll32.dll 2014-09-27 11:47:54 DA1297BB8BB34C4C31C95F4A5123AB00 1837616 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\vsapi32.dll 2014-09-27 11:47:54 5B0514235274FF4C84DC87DE7AF96294 91552 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\BPMNT.dll 2014-09-27 11:47:29 D910022DE6A001630B137A4A6170B422 1280512 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\libeay32.dll 2014-09-27 11:47:29 BBEC5ED32E8615E110CB43662C3822C1 38416 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\TMEBC32.sys 2014-09-27 11:47:29 656B71E5D44F1C92FE05717AD3D9AAF4 939536 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmufeng.dll 2014-09-27 11:47:29 4C6D311E0B13C4F469F717DB4AB4D0E7 263072 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmcomm.sys 2014-09-27 11:47:29 37BEF64E7D3E3297C8CDED259A23B017 339456 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\ssleay32.dll 2014-09-27 11:47:29 169B7467331FEAA1D3B2833022A79ADE 593920 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\libcurl.dll 2014-09-27 11:47:29 148D2019D0E7C718793F0E68A87F2FFA 58632 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\utilClientLoader.dll 2014-09-27 11:47:28 DECA60F8772002CB8A7F7215814DDF77 151552 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\libexpatw.dll 2014-09-27 11:47:28 CDCD97400D548C73F789B4C759397D67 1333808 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\ICRCHdler.dll 2014-09-27 11:47:28 BD682367064E396651EADC0BC61A11C0 550448 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmfbeng.dll 2014-09-27 11:47:28 A6D944F44B1C54871669BC2B42AA217B 182832 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\perfiCrcPerfMonMgr.dll 2014-09-27 11:47:28 37E62D137E9EB366FA525218234A5FB6 2569744 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\smv.dll 2014-09-27 11:47:28 0BC449E397A3A82FD48636BFFE19403E 263728 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\TmEngDrv.dll 2014-09-27 11:47:27 6C5879C4D104E99B9BFBC37AB62B066D 292864 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\plugin\downloader.plugin.dll 2014-09-27 11:47:27 5020DFD3D3CBBBA8B23165823793C63E 2462768 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\hc_core.dll 2014-09-27 11:47:06 15E72F9CD99A3F43E476E02F843001B4 3238288 ----a-w- C:\Users\cato\AppData\Local\Temp\HCBackup\hcpackage.exe 2014-09-22 11:57:34 EF45BEF20C26BCB41E7E87C72F19B8F8 1793584 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase\Inspect.exe 2014-09-22 11:56:36 35FED582B558D19C5E0351BC7EBA902A 1297968 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase\tmptfb.dll 2014-09-22 11:56:04 32C255FA59F3A1FC854A1ECD2D2FA035 376368 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase\PerfMonitor.exe ====== Java Cache ===== 2014-09-27 19:46:06 FA4513EAD4867F7DF66822FCA1AFCDE3 19521 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\2ea66e94-56f37d7b 2014-09-27 19:46:04 F24246682A94BBEBBAD353AFAC982457 417 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\3ea4bc22-3200b4c91aa5ea8a52d9a00d01355dccfda2daa70b8f0690ecb829e5f3cd77f3-6.0.lap 2014-09-06 08:07:29 E8C80BF60938EE72EE77AB866EA40E2B 282048 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-654a0f56 2014-09-27 19:47:12 946C578AF5B50757DF869E8A3DF18F39 37103439 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\4b776d06-286ed115 2014-09-27 23:40:04 C14F12A1BEEDE672A24A48D7703EE7A8 62245738 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\60310bd-46b7f6fb 2014-09-06 08:07:28 0B23B3044AE9E02DCE26DB4D5E007252 848 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-3a59036e 2014-09-06 08:07:29 786375D181B50D547C918B63A2D00B98 445 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap ====== C:\Windows\system32 ===== 2014-09-27 13:54:28 6CB684788C8903F75B06BEDD88C00E8B 16384 ----a-w- C:\Windows\System32\wsusnative32.exe 2014-09-24 17:37:50 C263F3E7E0523556964D661BC7CB9565 2048 ----a-w- C:\Windows\System32\tzres.dll ====== C:\Windows\system32\drivers ===== 2014-09-24 17:32:43 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\48230029.sys 2014-09-22 20:00:00 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-09-22 19:59:18 BD27D97297934FD4217A37FD28A7ABC7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-09-22 19:59:18 8683C1B450F4B3872839308D836E0F92 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-09-22 19:59:18 1AA835E8A0B8EDF3D676B4ED4BF5EF07 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-20 18:33:54 833024 ----a-w- C:\Program Files\2014-07-10_19-30-18-jl.wmv.exe 2014-09-20 11:35:06 0 ---ha-w- C:\Program Files\.picasa.ini 2014-09-20 10:40:57 17385800 ----a-w- C:\Program Files\picasa39-setup.exe 2014-09-06 08:06:04 -------- d-----w- C:\Program Files\Java ======= C: ===== ====== C:\Users\cato\AppData\Roaming ====== 2014-09-27 13:54:55 -------- d-----w- C:\Users\cato\AppData\Roaming\Nico Mak Computing 2014-09-27 13:45:44 4352D88A78AA39750BF70CD6F27BCAA5 4 ----a-w- C:\Users\cato\AppData\Roaming\appdataFr2.bin 2014-09-27 12:02:30 E74B4DDB429BB04562BFD8873F9E7CFE 83686 ----a-w- C:\Users\cato\AppData\Local\census.cache 2014-09-27 12:02:28 31D6318A9AEED38E6C62FCFF7A590FEB 121898 ----a-w- C:\Users\cato\AppData\Local\ars.cache 2014-09-27 11:59:15 C5C23BD5A3C4C155952735BC2F8464E1 10 ----a-w- C:\Users\cato\AppData\Local\sponge.last.runtime.cache 2014-09-27 11:47:05 986605492E7243A3FC2E87146A5234CD 36 ----a-w- C:\Users\cato\AppData\Local\housecall.guid.cache 2014-09-20 21:31:18 -------- d-sh--w- C:\Users\cato\AppData\Locallow\EmieUserList 2014-09-20 21:28:10 -------- d-sh--w- C:\Users\cato\AppData\Local\EmieUserList 2014-09-20 21:28:10 -------- d-sh--w- C:\Users\cato\AppData\Local\EmieSiteList 2014-09-20 21:27:29 -------- d-sh--w- C:\Users\cato\AppData\Locallow\EmieSiteList 2014-09-20 18:36:38 -------- d-----w- C:\Users\cato\AppData\Local\Comodo 2014-09-06 08:07:52 -------- d-----w- C:\Users\cato\AppData\Roaming\Oracle 2014-08-29 13:58:25 -------- d-----w- C:\Users\cato\AppData\Local\Programs 2014-08-29 13:57:43 -------- d-----w- C:\Users\cato\AppData\Roaming\Canneverbe Limited ====== C:\Users\cato ====== 2014-09-27 19:50:22 9FF7F5E6052D8CF1738A4AECBD39D7D5 14848 --sha-w- C:\Users\cato\Thumbs.db 2014-09-27 16:39:09 7165B0AE78E91CC00D446656E0C0B4BC 2171857 ----a-w- C:\Users\cato\place2use4049place.nzb 2014-09-27 13:54:42 -------- d-----w- C:\ProgramData\Nico Mak Computing 2014-09-27 11:11:15 84A105621A2D7D79B7953372D8E4BA96 4964488 ----a-w- C:\Users\cato\Documents\ccsetup418.exe 2014-09-22 19:57:54 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\cato\Documents\mbam-setup-2.0.2.1012.exe 2014-09-20 18:36:41 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol 2014-09-20 10:45:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2014-08-29 13:57:55 -------- d-----w- C:\ProgramData\Canneverbe Limited ====== C: exe-files == 2014-09-27 16:39:30 D5CFDE06873A24A7E04DBA14400EFC3C 246272 ----a-w- C:\Users\cato\AppData\Local\Temp\NL\install\unrar.exe 2014-09-27 13:54:28 6CB684788C8903F75B06BEDD88C00E8B 16384 ----a-w- C:\Windows\System32\wsusnative32.exe 2014-09-27 11:47:06 15E72F9CD99A3F43E476E02F843001B4 3238288 ----a-w- C:\Users\cato\AppData\Local\Temp\HCBackup\hcpackage.exe 2014-09-27 11:11:15 84A105621A2D7D79B7953372D8E4BA96 4964488 ----a-w- C:\Users\cato\Documents\ccsetup418.exe 2014-09-24 17:37:51 4D4DE14938C5BA12B70957F4AB1EEAF5 40448 ----a-w- C:\Windows\servicing\GC32\tzupd.exe 2014-09-22 19:57:54 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\cato\Documents\mbam-setup-2.0.2.1012.exe 2014-09-22 11:57:34 EF45BEF20C26BCB41E7E87C72F19B8F8 1793584 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase\Inspect.exe 2014-09-22 11:56:04 32C255FA59F3A1FC854A1ECD2D2FA035 376368 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase\PerfMonitor.exe === C: other files == 2014-09-27 11:50:47 E0B8B63C6F55F3D169E7C806DB0031AE 1755361 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase.zip 2014-09-27 11:47:29 BBEC5ED32E8615E110CB43662C3822C1 38416 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\TMEBC32.sys 2014-09-27 11:47:29 4CE8321591A5969A728021B53CBCC75E 2700 ----a-w- C:\Users\cato\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip 2014-09-27 11:47:29 4C6D311E0B13C4F469F717DB4AB4D0E7 263072 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmcomm.sys 2014-09-24 17:32:43 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\48230029.sys 2014-09-22 20:00:00 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-09-22 19:59:18 BD27D97297934FD4217A37FD28A7ABC7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-09-22 19:59:18 8683C1B450F4B3872839308D836E0F92 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-09-22 19:59:18 1AA835E8A0B8EDF3D676B4ED4BF5EF07 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2306347899-3207702929-778101096-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "KiesPreload"="C:\Users\cato\Documents\Kies\Kies.exe /preload" "Spotify Web Helper"="C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "EPSON Stylus DX7400 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU C:\Windows\TEMP\E_S97AC.tmp /EF HKCU" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "KiesTrayAgent"="C:\Users\cato\Documents\Kies\KiesTrayAgent.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "KiesPreload"="C:\Users\cato\Documents\Kies\Kies.exe /preload" "Spotify Web Helper"="C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "EPSON Stylus DX7400 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU C:\Windows\TEMP\E_S97AC.tmp /EF HKCU" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24-09-2014 19:36] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\{0A4BEB54-5553-4235-94FF-0C806BD99F22}" [C:\Program Files\OpenOffice 4\program\soffice.exe] "C:\Windows\system32\tasks\{60F375F1-E181-404D-9C06-B470C84543B8}" [C:\Program Files\VideoLAN\VLC\vlc.exe] "C:\Windows\system32\tasks\{AA49C1E3-AEDC-47EA-9401-1ACDB4D1258B}" [C:\Program Files\OpenOffice 4\program\soffice.exe] "C:\Windows\system32\tasks\{F2136C1D-5A22-44F2-9273-F47B99FB70D1}" [C:\Program Files\OpenOffice 4\program\soffice.exe] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 18:22] Minimal Memory - cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib NNeXtCoup - cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hiidkjdkhbhgkafcdllkbbjhppfhbjol GOOSave - cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip WebbinG - cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmohigdnpdbagcnpkbcfiiefgcinfgaj GOOSave - cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip Google Wallet - cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Minimal Memory - cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib NNeXtCoup - cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hiidkjdkhbhgkafcdllkbbjhppfhbjol GOOSave - cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip WebbinG - cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmohigdnpdbagcnpkbcfiiefgcinfgaj ==== Chromium Startpages ====================== C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Preferences "startup_urls": [ "https://dub127.mail.live.com/?tid=cmAwYKYEVB5BGF2AAhWtbndg2&fid=flinbox", "https://support.google.com/chrome/answer/95440?p=settings_omnibox&rd=1", "http://google%20chrome/", "http://search.gboxapp.com/" ], ==== Chromium Fix ====================== C:\Users\cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib deleted successfully C:\Users\cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib deleted successfully C:\Users\cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hiidkjdkhbhgkafcdllkbbjhppfhbjol deleted successfully C:\Users\cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hiidkjdkhbhgkafcdllkbbjhppfhbjol deleted successfully C:\Users\cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmohigdnpdbagcnpkbcfiiefgcinfgaj deleted successfully C:\Users\cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmohigdnpdbagcnpkbcfiiefgcinfgaj deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {A5583D70-650A-4BB9-8AF8-4F1FC4B30EAA} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Malware Protector_is1 deleted successfully ==== Empty IE Cache ====================== C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50HZRQTZ will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=99 folders=25 177310829 bytes) ==== Empty Temp Folders ====================== C:\Users\cato\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\cato\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50HZRQTZ" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on zo 28-09-2014 at 11:28:18,18 ======================
-
Logfile of random's system information tool 1.10 (written by random/random) Run by cato at 2014-09-27 17:09:16 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 49 GB (32%) free of 153 GB Total RAM: 2013 MB (35% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:09:33, on 27-9-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17280) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Users\cato\Documents\Kies\KiesTrayAgent.exe C:\Program Files\Skype\Phone\Skype.exe C:\Users\cato\Documents\Kies\Kies.exe C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\cato\RSIT.exe C:\Program Files\trend micro\cato.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: YoutubeAdBloocKe - {8b6ba6d2-cd00-4c3e-9417-0011ac41314b} - C:\Program Files\YoutubeAdBloocKe\QKfpiwt0Gy1Von.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Users\cato\Documents\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [KiesPreload] C:\Users\cato\Documents\Kies\Kies.exe /preload O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_S97AC.tmp" /EF "HKCU" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 5809 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-06 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b}] YoutubeAdBloocKe - C:\Program Files\YoutubeAdBloocKe\QKfpiwt0Gy1Von.dll [2014-09-20 620032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-06 171944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176] "KiesTrayAgent"=C:\Users\cato\Documents\Kies\KiesTrayAgent.exe [2014-07-25 311616] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17880752] "KiesPreload"=C:\Users\cato\Documents\Kies\Kies.exe [2014-07-25 1562264] "Spotify Web Helper"=C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-03-07 1171968] "EPSON Stylus DX7400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-09-25 4810520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-02-11 228864] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.FFDS"=ff_vfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-09-27 17:09:16 ----D---- C:\rsit 2014-09-27 16:17:53 ----D---- C:\AdwCleaner 2014-09-27 15:54:55 ----D---- C:\Users\cato\AppData\Roaming\Nico Mak Computing 2014-09-27 15:54:42 ----D---- C:\ProgramData\Nico Mak Computing 2014-09-27 15:54:28 ----A---- C:\Windows\system32\wsusnative32.exe 2014-09-24 19:37:50 ----A---- C:\Windows\system32\tzres.dll 2014-09-24 19:32:43 ----A---- C:\Windows\system32\drivers\48230029.sys 2014-09-22 22:00:00 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2014-09-22 21:59:18 ----D---- C:\ProgramData\Malwarebytes 2014-09-22 21:59:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware 2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mwac.sys 2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-09-22 21:37:26 ----D---- C:\ProgramData\FineDEalSaofat 2014-09-20 20:37:46 ----D---- C:\ProgramData\YoutubeAdBloocKe 2014-09-20 20:37:37 ----D---- C:\Program Files\YoutubeAdBloocKe 2014-09-20 20:37:12 ----D---- C:\ProgramData\GaoSavee 2014-09-20 20:37:02 ----D---- C:\Program Files\GaoSavee 2014-09-20 20:36:40 ----D---- C:\ProgramData\e4cdde398fc7b44a 2014-09-20 20:33:54 ----A---- C:\Program Files\2014-07-10_19-30-18-jl.wmv.exe 2014-09-20 13:35:06 ----AH---- C:\Program Files\.picasa.ini 2014-09-20 12:40:57 ----A---- C:\Program Files\picasa39-setup.exe 2014-09-12 15:30:36 ----A---- C:\Windows\system32\iesetup.dll 2014-09-12 15:30:28 ----A---- C:\Windows\system32\ieui.dll 2014-09-12 15:30:27 ----A---- C:\Windows\system32\MshtmlDac.dll 2014-09-12 15:30:24 ----A---- C:\Windows\system32\jscript9diag.dll 2014-09-12 15:30:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-09-12 15:30:20 ----A---- C:\Windows\system32\msrating.dll 2014-09-12 15:30:19 ----A---- C:\Windows\system32\mshtmled.dll 2014-09-12 15:30:18 ----A---- C:\Windows\system32\jsproxy.dll 2014-09-12 15:30:18 ----A---- C:\Windows\system32\ieapfltr.dll 2014-09-12 15:30:17 ----A---- C:\Windows\system32\ieUnatt.exe 2014-09-12 15:30:17 ----A---- C:\Windows\system32\dxtmsft.dll 2014-09-12 15:30:16 ----A---- C:\Windows\system32\iernonce.dll 2014-09-12 15:30:16 ----A---- C:\Windows\system32\dxtrans.dll 2014-09-12 15:30:15 ----A---- C:\Windows\system32\vbscript.dll 2014-09-12 15:30:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-12 15:30:12 ----A---- C:\Windows\system32\mshtmlmedia.dll 2014-09-12 15:30:12 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-09-12 15:30:12 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-09-12 15:30:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-12 15:30:09 ----A---- C:\Windows\system32\msfeeds.dll 2014-09-12 15:30:09 ----A---- C:\Windows\system32\ie4uinit.exe 2014-09-12 15:30:08 ----A---- C:\Windows\system32\iedkcs32.dll 2014-09-12 15:30:02 ----A---- C:\Windows\system32\iertutil.dll 2014-09-12 15:30:00 ----A---- C:\Windows\system32\wininet.dll 2014-09-12 15:29:58 ----A---- C:\Windows\system32\jscript9.dll 2014-09-12 15:29:57 ----A---- C:\Windows\system32\urlmon.dll 2014-09-12 15:29:53 ----A---- C:\Windows\system32\mshtml.dll 2014-09-12 15:29:51 ----A---- C:\Windows\system32\ieframe.dll 2014-09-12 15:28:36 ----A---- C:\Windows\system32\msmpeg2vdec.dll 2014-09-12 13:03:04 ----A---- C:\Windows\system32\lsasrv.dll 2014-09-12 13:03:04 ----A---- C:\Windows\system32\kerberos.dll 2014-09-12 13:02:34 ----A---- C:\Windows\system32\d3d10warp.dll 2014-09-12 13:02:30 ----A---- C:\Windows\system32\TSWorkspace.dll 2014-09-12 13:02:23 ----A---- C:\Windows\system32\aepdu.dll 2014-09-12 13:02:22 ----A---- C:\Windows\system32\aeinv.dll 2014-09-06 10:07:52 ----D---- C:\Users\cato\AppData\Roaming\Oracle 2014-09-06 10:06:36 ----A---- C:\Windows\system32\javaws.exe 2014-09-06 10:06:25 ----A---- C:\Windows\system32\javaw.exe 2014-09-06 10:06:25 ----A---- C:\Windows\system32\java.exe 2014-09-06 10:06:04 ----D---- C:\Program Files\Java 2014-08-29 15:57:55 ----D---- C:\ProgramData\Canneverbe Limited 2014-08-29 15:57:43 ----D---- C:\Users\cato\AppData\Roaming\Canneverbe Limited ======List of files/folders modified in the last 1 month====== 2014-09-27 17:09:33 ----D---- C:\Windows\Prefetch 2014-09-27 17:09:27 ----D---- C:\Program Files\trend micro 2014-09-27 17:08:41 ----D---- C:\Windows\Temp 2014-09-27 17:01:52 ----D---- C:\Windows\system32\config 2014-09-27 16:23:32 ----HD---- C:\ProgramData 2014-09-27 16:23:32 ----D---- C:\Windows 2014-09-27 16:21:48 ----RD---- C:\Program Files 2014-09-27 15:55:15 ----D---- C:\Windows\system32\Tasks 2014-09-27 15:54:28 ----D---- C:\Windows\System32 2014-09-27 14:24:40 ----D---- C:\Windows\system32\drivers 2014-09-27 13:50:01 ----D---- C:\Windows\inf 2014-09-27 13:12:55 ----D---- C:\Program Files\CCleaner 2014-09-27 11:52:26 ----D---- C:\Windows\nl-NL 2014-09-26 21:50:53 ----D---- C:\Users\cato\AppData\Roaming\Skype 2014-09-25 19:18:00 ----D---- C:\Windows\rescache 2014-09-24 23:49:34 ----D---- C:\Windows\winsxs 2014-09-24 23:49:27 ----D---- C:\Windows\system32\nl-NL 2014-09-24 23:49:12 ----SHD---- C:\System Volume Information 2014-09-24 19:36:42 ----D---- C:\Windows\system32\catroot 2014-09-24 19:36:33 ----A---- C:\Windows\system32\FlashPlayerApp.exe 2014-09-22 22:18:51 ----D---- C:\Windows\Resources 2014-09-22 21:38:27 ----RD---- C:\Users 2014-09-22 08:41:56 ----N---- C:\Windows\system32\MpSigStub.exe 2014-09-22 08:24:58 ----D---- C:\Windows\debug 2014-09-20 20:39:08 ----D---- C:\Windows\Tasks 2014-09-20 20:36:40 ----HD---- C:\Windows\system32\GroupPolicy 2014-09-20 20:36:40 ----D---- C:\Program Files\Google 2014-09-20 13:13:09 ----D---- C:\Users\cato\AppData\Roaming\vlc 2014-09-19 08:55:54 ----SHD---- C:\Windows\Installer 2014-09-19 08:55:53 ----SHD---- C:\Config.Msi 2014-09-12 16:50:36 ----D---- C:\Windows\Microsoft.NET 2014-09-12 16:49:12 ----RSD---- C:\Windows\assembly 2014-09-12 16:34:54 ----D---- C:\Windows\system32\en-US 2014-09-12 16:34:52 ----D---- C:\Program Files\Internet Explorer 2014-09-12 15:31:17 ----D---- C:\Windows\system32\catroot2 2014-09-12 15:28:32 ----D---- C:\Windows\system32\MRT 2014-09-12 15:18:11 ----A---- C:\Windows\system32\MRT.exe 2014-09-12 15:16:51 ----D---- C:\Program Files\Microsoft Security Client 2014-09-12 15:16:28 ----SD---- C:\Windows\system32\CompatTel 2014-09-12 15:11:59 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-09-07 19:06:39 ----D---- C:\Users\cato\AppData\Roaming\dvdcss 2014-09-06 10:07:10 ----D---- C:\ProgramData\Oracle 2014-09-06 10:06:13 ----A---- C:\Windows\system32\WindowsAccessBridge.dll 2014-08-29 15:57:42 ----D---- C:\Program Files\CDBurnerXP ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800] R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 23256] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-09-27 110296] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 51928] S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352] S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120] S2 892cc6a3;Performance Optimizer; c:\progra~2\perfor~1\PerformanceOptimizerSvc.dll,service [] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-17 1343400] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF----------------
-
goede middag medewerkers Sinds 2 dagen ongeveer bevind zich een irritant malware progamma op mijn computer, de naam is wxDownload en verspreid hinderlijke advertentie/popups op mijn computer, op elke pagina die ik open laden zich ook groene symbooltjes met de daarbij behorende advertentie. Vorige week had ik het progamma send space gedownload om een film binnen te halen, dit progamma zat ook al vol met malware. vorige week eraf gehaald en tot gisteren geen last gehad van malware , totdat ik de computer opstarte en het inlog progamma voor mijn modem op de startpagina verscheen. Gisteren verder niets gebeurd, modem terug laten zetten naar fabrieksstand, maar sinds vandaag zit de computer vol met malware, heb ondertussen verschillende antimalwareprogamma's gebruikt, maar het gaat niet weg. Weet u mischien een manier om van deze malware af te komen. alvast bedankt:rofl:
