paashaas
-
Items
44 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door paashaas
-
-
--
hoi clarcy
het lukt mij niet om het staatje te copieren zoals in het voorbeeld staat,
ik krijg hele tijd dit op de schijf.
ik zie alleen geel bij current pending sector count, dit is de schijf waar het besturingssysteem op
staat.
Bij die andere staan er 3 gele rondjes, mar dat lijkt me niet van toepassing.
Bij hdtune was 0,2% niet in orde.
gr ph
--------------------------------------------------------------------------
CrystalDiskInfo 6.5.2 © 2008-2015 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------OS : Windows 10 [10.0 Build 10586] (x86)
Date : 2016/03/23 21:27:05-- Controller Map ----------------------------------------------------------
+ Intel® 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0 [ATA]
+ ATA Channel 0 (0)
- TSSTcorp CDDVDW SH-S223C ATA Device
- ATA Channel 1 (1)
+ Intel® 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF [ATA]
+ ATA Channel 0 (0)
- Maxtor 6Y080L0 ATA Device
- WDC WD1600AAJB-22WRA0 ATA Device
- ATA Channel 1 (1)
- Controlefunctie voor opslagruimten van Microsoft [sCSI]-- Disk List ---------------------------------------------------------------
(1) WDC WD1600AAJB-22WRA0 : 160,0 GB [0/0/0, pd1] - wd
(2) Maxtor 6Y080L0 : 81,9 GB [1/0/1, pd1]----------------------------------------------------------------------------
(1) WDC WD1600AAJB-22WRA0
----------------------------------------------------------------------------
Model : WDC WD1600AAJB-22WRA0
Firmware : 58.01H58
Serial Number : WD-WCAS28830740
Disk Size : 160,0 GB (8,4/137,4/160,0/160,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 312581808
Rotation Rate : Unknown
Interface : Parallel ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : UDMA/100 | UDMA/100
Power On Hours : 10835 hours
Power On Count : 4326 count
Temperature : 43 C (109 F)
Health Status : Caution
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : 80FEh [OFF]-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 0000000008E0 Read Error Rate
03 150 149 _21 000000000D82 Spin-Up Time
04 _96 _96 __0 000000001109 Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 _51 000000000000 Seek Error Rate
09 _86 _86 __0 000000002A53 Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 _51 000000000000 Recalibration Retries
0C _96 _96 __0 0000000010E6 Power Cycle Count
C0 200 200 __0 0000000000E2 Power-off Retract Count
C1 199 199 __0 00000000110B Load/Unload Cycle Count
C2 100 _94 __0 00000000002B Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000007 Current Pending Sector Count
C6 200 200 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000001 UltraDMA CRC Error Count
C8 200 200 _51 000000000000 Write Error Rate-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4153 3238 3833 3037 3430
020: 0000 4000 0032 3538 2E30 3148 3538 5744 4320 5744
030: 3136 3030 4141 4A42 2D32 3257 5241 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 01FE 0000 746B 7F01 4123 7469 BC01 4123 203F 0014
090: 0014 0000 FFFE 603B 80FE 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 5001 4EE1
110: 015E 78DB 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 12A8 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 203F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0001 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 17A5----------------------------------------------------------------------------
(2) Maxtor 6Y080L0
----------------------------------------------------------------------------
Model : Maxtor 6Y080L0
Firmware : YAR41BW0
Serial Number : Y2AX4LZC
Disk Size : 81,9 GB (8,4/81,9/----/81,9)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 160086528
Rotation Rate : Unknown
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : UDMA/100 | UDMA/133
Power On Hours : 3 hours (?)
Power On Count : 6670 count
Temperature : 45 C (113 F)
Health Status : Caution
Features : S.M.A.R.T., APM, AAM
APM Level : 0000h [OFF]
AAM Level : C0FEh [ON]-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 225 224 _63 000000002264 Spin-Up Time
04 251 251 __0 000000001274 Start/Stop Count
05 253 253 _63 000000000003 Reallocated Sectors Count
06 253 253 100 000000000000 Read Channel Margin
07 253 249 __0 000000000000 Seek Error Rate
08 253 233 187 00000000D1A2 Seek Time Performance
09 216 216 __0 0000000000D4 Power-On Hours
0A 253 252 157 000000000000 Spin Retry Count
0B 253 252 223 000000000000 Recalibration Retries
0C 237 237 __0 000000001A0E Power Cycle Count
C0 253 253 __0 000000000000 Power-off Retract Count
C1 253 253 __0 000000000000 Load/Unload Cycle Count
C2 253 253 __0 00000000002D Temperature
C3 253 252 __0 0000000004B9 Hardware ECC recovered
C4 251 251 __0 000000000002 Reallocation Event Count
C5 253 253 __0 000000000001 Current Pending Sector Count
C6 238 238 __0 00000000000F Uncorrectable Sector Count
C7 199 199 __0 000000000000 UltraDMA CRC Error Count
C8 253 252 __0 000000000000 Write Error Rate
C9 253 252 __0 000000000004 Soft Read Error Rate
CA 253 252 __0 000000000000 Data Address Mark Error
CB 253 252 180 000000000003 Run Out Cancel
CC 253 252 __0 000000000000 Soft ECC Correction
CD 253 252 __0 000000000000 Thermal Asperity Rate
CF 253 252 __0 000000000000 Spin High Current
D0 253 252 __0 000000000000 Spin Buzz
D1 191 189 __0 000000000000 Offline Seek Performance
63 253 253 __0 000000000000 Vendor Specific
64 253 253 __0 000000000000 Vendor Specific
65 253 253 __0 000000000000 Vendor Specific-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5932 4158 344C 5A43 2020 2020 2020 2020 2020 2020
020: 0003 1000 0039 5941 5234 3142 5730 4D61 7874 6F72
030: 2036 5930 3830 4C30 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: BA00 098A 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 00FE 001E 7C6B 7B09 4003 7C69 3A01 4003 207F 0000
090: 0000 0000 FFFE 6B00 C0FE 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0AA5 -
-
Generated by Piriform Speccy v1.29.714
22 Mar 2016 @ 19:35OverzichtBesturingssysteemWindows 10 Home 32-bitProcessorIntel Pentium 4 531Prescott 90nm TechnologieRAM4,00GB Dual-Kanaal DDR2 @ 399MHz (6-6-6-18)MoederbordMSI G41TM-P31 (MS-7592) (CPU 1):41 °CGrafischSyncMaster (1024x768@64Hz)Intel G41 Express Chipset (MSI)Opslag149GB Western Digital WDC WD1600AAJB-22WRA0 ATA Device (ATA):35 °C76GB Maxtor 6Y080L0 ATA Device (ATA):36 °C7GB USB DISK 2.0 USB Device (USB)Optische schijvenTSSTcorp CDDVDW SH-S223C ATA DeviceGeluidVIAhopelijk is dit wat je gevraagd hebt, groetjes ph
-
officieel heb ik een systeemherstel gemaakt zonder dat documenten, bestanden verloren gaan, later ook nog een
herstelstation gemaakt tot op heden geen verbetering in computer.
Trouwens af en toe verschijnt een zwart schermpje in beeld, met daarop tekst "windows 32 taskhost".
De reden van een systeemherstel was dat de computer geen foto's van de fotocamera wilde inladen.
-
er zijn geen hertelpunten meer of ze werken niet.
-
hoi het wil niet zo goed lukken.
Er zijn herstelpunten meer te vinden, of ze werken niet.
er staat dat system 32/taskschd.dll. is niet geschikt voor windows
of bevat een fout. er staat verder dat ik het progamma opnieuw moet instaleren.
Dat wordt moeilijk want dit is een upgrade vanuit windows 7.
Weet u mischien nog een foefje of moet ik opnieuw
windows 7 istaleren?
groetjes paasei.
-
hallo luitjes
nadat ik windows 10 heb teruggezet naar fabrieksinstellingen, werken het startmenu, zoekmenu,
en taakweergavemenu niet meer.
Dwz als ik er met de muisop klik, zowel links als rechts, reageert hij niet.
Weet iemand waaraan dat ligt?
Ik heb een desktoppc.
alvast bedankt voor eventuele opkossingen.
-
het gaat nu beter, heb nu internet explorer geinstaleerd als startpagina, en chrome verwijderd, zie tot nu toe nog niets
vreemds.
-
goede vraag, heb alleen chrome,mischien een idee om van browser te wisselen.
-
hoi kape, progamma reageert niet meer als ik wil plakken, volgens het logje zitten er geen virussen in de computer, helaas zitten ze er nog wel.
Mooie boel dit, nog bedankt tot zover.
-
wordt vanavond laat.
-
het wordt al erger, dat virus staat me ook al niet meer toe om op jullie website te komen.
i.p.v. verschijnen steeds meer virussen, met texten dat mijn data beschadigd zijn etc, en ik progamma's daarvoor moet downloaden etc.
ongekend, nog nooit zoiets meegemaakt.
-
Logfile of random's system information tool 1.10 (written by random/random)
Run by cato at 2014-10-01 23:12:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 68 GB (45%) free of 153 GB
Total RAM: 2013 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:12:22, on 1-10-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\cato\Documents\Kies\KiesTrayAgent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\cato\Documents\Kies\Kies.exe
C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\cato\Downloads\RSIT.exe
C:\Program Files\trend micro\cato.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = msn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Users\cato\Documents\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [KiesPreload] C:\Users\cato\Documents\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_S97AC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5980 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-06 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-06 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"KiesTrayAgent"=C:\Users\cato\Documents\Kies\KiesTrayAgent.exe [2014-07-25 311616]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17880752]
"KiesPreload"=C:\Users\cato\Documents\Kies\Kies.exe [2014-07-25 1562264]
"Spotify Web Helper"=C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-03-07 1171968]
"EPSON Stylus DX7400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-09-25 4810520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-01 00:00:30 ----D---- C:\Program Files\ESET
2014-09-30 18:14:07 ----A---- C:\MBAM Scanlog.txt
2014-09-29 22:17:38 ----SHD---- C:\$RECYCLE.BIN
2014-09-29 22:13:42 ----A---- C:\Windows\zoek-delete.exe
2014-09-29 22:13:40 ----D---- C:\Windows\Temp
2014-09-28 10:24:52 ----D---- C:\zoek_backup
2014-09-27 17:09:16 ----D---- C:\rsit
2014-09-27 16:17:53 ----D---- C:\AdwCleaner
2014-09-27 15:54:55 ----D---- C:\Users\cato\AppData\Roaming\Nico Mak Computing
2014-09-27 15:54:42 ----D---- C:\ProgramData\Nico Mak Computing
2014-09-27 15:54:28 ----A---- C:\Windows\system32\wsusnative32.exe
2014-09-24 19:37:50 ----A---- C:\Windows\system32\tzres.dll
2014-09-24 19:32:43 ----A---- C:\Windows\system32\drivers\48230029.sys
2014-09-22 22:00:00 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-09-22 21:59:18 ----D---- C:\ProgramData\Malwarebytes
2014-09-22 21:59:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-09-20 13:35:06 ----AH---- C:\Program Files\.picasa.ini
2014-09-20 12:40:57 ----A---- C:\Program Files\picasa39-setup.exe
2014-09-12 15:30:36 ----A---- C:\Windows\system32\iesetup.dll
2014-09-12 15:30:28 ----A---- C:\Windows\system32\ieui.dll
2014-09-12 15:30:27 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-12 15:30:24 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-12 15:30:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 15:30:20 ----A---- C:\Windows\system32\msrating.dll
2014-09-12 15:30:19 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-12 15:30:18 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-12 15:30:18 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-12 15:30:17 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-12 15:30:17 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-12 15:30:16 ----A---- C:\Windows\system32\iernonce.dll
2014-09-12 15:30:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-12 15:30:15 ----A---- C:\Windows\system32\vbscript.dll
2014-09-12 15:30:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 15:30:12 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-12 15:30:12 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-12 15:30:12 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-12 15:30:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 15:30:09 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-12 15:30:09 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-12 15:30:08 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-12 15:30:02 ----A---- C:\Windows\system32\iertutil.dll
2014-09-12 15:30:00 ----A---- C:\Windows\system32\wininet.dll
2014-09-12 15:29:58 ----A---- C:\Windows\system32\jscript9.dll
2014-09-12 15:29:57 ----A---- C:\Windows\system32\urlmon.dll
2014-09-12 15:29:53 ----A---- C:\Windows\system32\mshtml.dll
2014-09-12 15:29:51 ----A---- C:\Windows\system32\ieframe.dll
2014-09-12 15:28:36 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 13:03:04 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-12 13:03:04 ----A---- C:\Windows\system32\kerberos.dll
2014-09-12 13:02:34 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-12 13:02:30 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-12 13:02:23 ----A---- C:\Windows\system32\aepdu.dll
2014-09-12 13:02:22 ----A---- C:\Windows\system32\aeinv.dll
2014-09-06 10:07:52 ----D---- C:\Users\cato\AppData\Roaming\Oracle
2014-09-06 10:06:36 ----A---- C:\Windows\system32\javaws.exe
2014-09-06 10:06:25 ----A---- C:\Windows\system32\javaw.exe
2014-09-06 10:06:25 ----A---- C:\Windows\system32\java.exe
2014-09-06 10:06:04 ----D---- C:\Program Files\Java
======List of files/folders modified in the last 1 month======
2014-10-01 23:12:18 ----D---- C:\Windows\Prefetch
2014-10-01 23:12:10 ----D---- C:\Program Files\trend micro
2014-10-01 20:51:04 ----D---- C:\Windows\system32\config
2014-10-01 20:39:48 ----SHD---- C:\System Volume Information
2014-10-01 19:54:12 ----D---- C:\Windows\system32\catroot
2014-10-01 19:45:55 ----D---- C:\Windows
2014-10-01 05:14:46 ----RD---- C:\Program Files
2014-09-30 20:19:40 ----D---- C:\Windows\SoftwareDistribution
2014-09-30 19:07:52 ----D---- C:\Windows\system32\catroot2
2014-09-30 19:06:00 ----D---- C:\Windows\system32\drivers
2014-09-30 19:06:00 ----D---- C:\Windows\Branding
2014-09-29 21:48:49 ----D---- C:\Windows\System32
2014-09-29 21:40:27 ----D---- C:\Windows\system32\wdi
2014-09-28 20:52:35 ----D---- C:\Windows\inf
2014-09-28 11:08:33 ----HD---- C:\ProgramData
2014-09-28 11:08:33 ----D---- C:\Windows\system32\Tasks
2014-09-27 13:12:55 ----D---- C:\Program Files\CCleaner
2014-09-27 11:52:26 ----D---- C:\Windows\nl-NL
2014-09-26 21:50:53 ----D---- C:\Users\cato\AppData\Roaming\Skype
2014-09-25 19:18:00 ----D---- C:\Windows\rescache
2014-09-24 23:49:34 ----D---- C:\Windows\winsxs
2014-09-24 23:49:27 ----D---- C:\Windows\system32\nl-NL
2014-09-24 19:36:33 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-09-22 22:18:51 ----D---- C:\Windows\Resources
2014-09-22 21:38:27 ----RD---- C:\Users
2014-09-22 08:41:56 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-22 08:24:58 ----D---- C:\Windows\debug
2014-09-20 20:39:08 ----D---- C:\Windows\Tasks
2014-09-20 20:36:40 ----HD---- C:\Windows\system32\GroupPolicy
2014-09-20 20:36:40 ----D---- C:\Program Files\Google
2014-09-20 13:13:09 ----D---- C:\Users\cato\AppData\Roaming\vlc
2014-09-19 08:55:54 ----SHD---- C:\Windows\Installer
2014-09-19 08:55:53 ----SHD---- C:\Config.Msi
2014-09-12 16:50:36 ----D---- C:\Windows\Microsoft.NET
2014-09-12 16:49:12 ----RSD---- C:\Windows\assembly
2014-09-12 16:34:54 ----D---- C:\Windows\system32\en-US
2014-09-12 16:34:52 ----D---- C:\Program Files\Internet Explorer
2014-09-12 15:28:32 ----D---- C:\Windows\system32\MRT
2014-09-12 15:18:11 ----A---- C:\Windows\system32\MRT.exe
2014-09-12 15:16:51 ----D---- C:\Program Files\Microsoft Security Client
2014-09-12 15:16:28 ----SD---- C:\Windows\system32\CompatTel
2014-09-12 15:11:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-07 19:06:39 ----D---- C:\Users\cato\AppData\Roaming\dvdcss
2014-09-06 10:06:13 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-10-01 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 51928]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 892cc6a3;Performance Optimizer; c:\progra~2\perfor~1\PerformanceOptimizerSvc.dll,service []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-17 1343400]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
ja, dat klopt, als ik bv. naar pchelpforum ga, opent zich tegelijkertijd ook een tabblad met antivrussoftware, ook veel financiele pagina's,
er staan wel 5 advertenties per pagina, en die groene ikoontjes die als je er op klikt ook een advertentie weergeven, bij geschiedenis staat cdncache-a.akamaihd.net als internetadresvoor die popups.
Ik snap ook niet waarom ze steeds terugkomen, weet ook niet waar ik moet zoeken, hoop dat je nog iets weet.
- - - Updated - - -
De besmetting krijg ik bij ieder progamma wat ik open.
-
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=63b481d869309845b76b025c3ea8a856
# engine=20376
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-01 03:15:25
# local_time=2014-10-01 05:15:25 (+0100, West-Europa (zomertijd))
# country="Netherlands"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1605514 35113719 0 0
# scanned=92665
# found=9
# cleaned=9
# scan_time=3530
sh=82D6689D84C5D50E1EEFDBFD18B7E4962CAEFA6D ft=1 fh=8ee7e6709c7ab98e vn="a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\WinZip Malware Protector\AppManager.exe.vir"
sh=68455014C9F982EB18796DB794CFFD040E2090F2 ft=1 fh=f4d54ce35c24d0a3 vn="a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\WinZip Malware Protector\filetypehelper.exe.vir"
sh=274CB4E7C8B3515060E7854F9B657977002FF8C1 ft=1 fh=5a43b5222c5838ce vn="a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\WinZip Malware Protector\scandll.dll.vir"
sh=7560ADB6881D658A46F52AD1DCDF667B615F6EDE ft=1 fh=19f14dde2ee67322 vn="a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe.vir"
sh=946D721C4655ADAC5B31FC0F05E06DCF32ACB04C ft=1 fh=c71c00112a768670 vn="a variant of Win32/SProtector.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\Performance Optimizer\PerformanceOptimizer.dll.vir"
sh=56552C077E44F408BA7CA8EB350E7E9C41DF2789 ft=1 fh=5994faeef62d7123 vn="a variant of Win32/AdWare.MultiPlug.CN application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\2014-07-10_19-30-18-jl.wmv.exe"
sh=328B0F49B27F0038AB09739112AFFDFA74BB2E5E ft=1 fh=5320e58612031249 vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files\cdbxp_setup_4.4.0.2905.exe"
sh=A981E3D6F03D3BD57D1472F33A4093A01533F8A8 ft=1 fh=7aaf7b3d0491af48 vn="a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_cato_wzmp_8.exe.vir"
sh=072972DCE4232CBD9640FFC07E42AE63B8077FDE ft=1 fh=c71c001126fafa63 vn="a variant of Win32/AdWare.MultiPlug.BN application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_YoutubeAdBloocKe\QKfpiwt0Gy1Von.dll"
hoi nog bedankt, dit is trouwens wel een hardnekkig virus, het is nog
niet weg, maar ik heb goede hoop. als het geen zin heeft om hier mee door te gaan laat het me dan weten, er zit niks anders op om
dan de harde schijf te formateren.
-
Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software
Scandatum: 30-9-2014
Scantijd: 17:48:40
Logbestand: MBAM Scanlog.txt
Beheerder: Ja
Versie: 2.00.2.1012
Malwaredatabase: v2014.09.30.05
Rootkitdatabase: v2014.09.19.01
Licentie: Proef
Malwarebescherming: Ingeschakeld
Kwaadaardige Website Bescherming: Ingeschakeld
Self-protection: Uitgeschakeld
Besturingssysteem: Windows 7 Service Pack 1
Processor: x86
Bestandssysteem: NTFS
Gebruiker: cato
Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten Gescand: 275309
Verstreken Tijd: 13 m, 47 s
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristics: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld
Processen: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registersleutels: 0
(No malicious items detected)
Registerwaardes: 0
(No malicious items detected)
Registerdata: 0
(No malicious items detected)
Mappen: 0
(No malicious items detected)
Bestanden: 2
PUP.Optional.Superfish.A, C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Verwijder-bij-Herstart, [6568aa494734f83eafc3f13a07fc26da],
PUP.Optional.Superfish.A, C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Verwijder-bij-Herstart, [636a45aeee8db77f6a08260525de7888],
Fysieke Sectoren: 0
(No malicious items detected)
(end)
-
ja nog steeds, dat groene icoontje is weg maar die advertenties zijn er nog,
nog bedankt tot zover.
-
Zoek.exe v5.0.0.0 Updated 27-09-2014
Tool run by cato on ma 29-09-2014 at 21:48:54,89.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\cato\Downloads\zoek.exe [scan all users] [script inserted]
==== Older Logs ======================
C:\zoek-results2014-09-28-092818.log 21872 bytes
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 18:22]
GOOSave - cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip
GOOSave - cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip
Google Wallet - cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GOOSave - cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip
==== Chromium Startpages ======================
C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "https://dub127.mail.live.com/?tid=cmAwYKYEVB5BGF2AAhWtbndg2&fid=flinbox", "https://support.google.com/chrome/answer/95440?p=settings_omnibox&rd=1", "http://google%20chrome/", "http://search.gboxapp.com/" ],
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{A5583D70-650A-4BB9-8AF8-4F1FC4B30EAA} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"
==== Reset Google Chrome ======================
C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Empty IE Cache ======================
C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1930Q01X will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=100 folders=28 177310829 bytes)
==== Empty Temp Folders ======================
C:\Users\cato\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\cato\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1930Q01X" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on ma 29-09-2014 at 22:17:34,79 ======================
-
bij de popups staat ad by GoSave/close, mischien zegt je dat iets
-
hoi kape
het gaat slecht, al die pop ups zijn weer terug, durf ook niet meer te internetbankieren.
overal verschijnen van die groene ikoontjes, een half rondje met een pijltje.
die bevatten allemaal popups, hopelijk weet je nog een oplossing.
alvast bedankt.
-
# AdwCleaner v3.310 - Rapport aangemaakt 28/09/2014 op 12:49:20
# Laatste Update 12/09/2014 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Gebruikersnaam : cato - CATO-PC
# Gestart vanuit : C:\Users\cato\Downloads\adwcleaner_3.310.exe
# Optie : Verwijderen
***** [ Services ] *****
***** [ Bestanden / Mappen ] *****
***** [ Taken ] *****
***** [ Snelkoppelingen ] *****
***** [ Register ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
-\\ Google Chrome v37.0.2062.120
[ Bestand : C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Verwijderd [search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740&q={searchTerms}
Verwijderd [search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740&q={searchTerms}
Verwijderd [startup_urls] : hxxp://search.gboxapp.com/
*************************
AdwCleaner[R0].txt - [4389 octets] - [27/09/2014 16:18:01]
AdwCleaner[R1].txt - [1002 octets] - [28/09/2014 12:43:37]
AdwCleaner[s0].txt - [3975 octets] - [27/09/2014 16:21:43]
AdwCleaner[s1].txt - [1254 octets] - [28/09/2014 12:49:20]
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1314 octets] ##########
- - - Updated - - -
voo# AdwCleaner v3.310 - Rapport aangemaakt 27/09/2014 op 16:18:01# Laatste Update 12/09/2014 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Gebruikersnaam : cato - CATO-PC
# Gestart vanuit : C:\Users\cato\adwcleaner_3.310.exe
# Optie : Scannen
***** [ Services ] *****
***** [ Bestanden / Mappen ] *****
Map Gevonden : C:\Program Files\NNeXtCoup
Map Gevonden : C:\Program Files\WinZip Malware Protector
Map Gevonden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
Map Gevonden : C:\ProgramData\NNeXtCoup
Map Gevonden : C:\ProgramData\Performance Optimizer
Map Gevonden : C:\ProgramData\Trusted Publisher
Map Gevonden : C:\Users\cato\AppData\Local\Chromatic Browser
Map Gevonden : C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiidkjdkhbhgkafcdllkbbjhppfhbjol
Map Gevonden : C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmohigdnpdbagcnpkbcfiiefgcinfgaj
Map Gevonden : C:\Users\cato\AppData\Local\torch
Map Gevonden : C:\Users\cato\AppData\Roaming\SkypEmoticons
Map Gevonden : C:\Users\cato\Documents\Optimizer Pro
***** [ Taken ] *****
***** [ Snelkoppelingen ] *****
Snelkoppeling Gevonden : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 )
Snelkoppeling Gevonden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 )
Snelkoppeling Gevonden : C:\Users\cato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 )
Snelkoppeling Gevonden : C:\Users\cato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 )
Snelkoppeling Gevonden : C:\Users\cato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 )
Snelkoppeling Gevonden : C:\Users\cato\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740 )
***** [ Register ] *****
Gegevens Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\perfor~1\perfor~1.dll
Sleutel Gevonden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Sleutel Gevonden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Sleutel Gevonden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Sleutel Gevonden : HKCU\Software\Optimizer Pro
Sleutel Gevonden : HKCU\Software\RegisteredApplicationsEx
Sleutel Gevonden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Sleutel Gevonden : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Sleutel Gevonden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-576482620
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17280
Instelling Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1411238370&from=wpc&uid=WDCXWD1600AAJB-22WRA0_WD-WCAS2883074030740&q={searchTerms}
-\\ Google Chrome v37.0.2062.120
[ Bestand : C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gevonden [startup_urls] : hxxp://search.gboxapp.com/
Gevonden [Extension] : hiidkjdkhbhgkafcdllkbbjhppfhbjol
Gevonden [Extension] : nmohigdnpdbagcnpkbcfiiefgcinfgaj
*************************
AdwCleaner[R0].txt - [4249 octets] - [27/09/2014 16:18:01]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4309 octets] ##########
r dat ik contact met jullie heb opgenomen heb ik ook nog een scan laten uitvoeren, hier het resultaat.
-
Zoek.exe v5.0.0.0 Updated 27-09-2014
Tool run by cato on zo 28-09-2014 at 10:25:06,49.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\cato\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]
==== System Restore Info ======================
28-9-2014 10:51:33 Zoek.exe System Restore Point Created Succesfully.
==== Empty Folders Check ======================
C:\Program Files\GaoSavee deleted successfully
C:\PROGRA~2\GaoSavee deleted successfully
C:\PROGRA~2\Oracle deleted successfully
C:\Users\cato\AppData\Local\MigWiz deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2306347899-3207702929-778101096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b} deleted successfully
HKEY_USERS\S-1-5-21-2306347899-3207702929-778101096-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b}]
==== Deleting Files \ Folders ======================
C:\ProgramData\GaoSavee not found
C:\Program Files\GaoSavee not found
C:\Program Files\YoutubeAdBloocKe deleted
C:\ProgramData\YoutubeAdBloocKe deleted
C:\ProgramData\e4cdde398fc7b44a deleted
C:\Users\cato\AppData\Roaming\Nico Mak Computing\WinZip Malware Protector deleted
C:\PROGRA~2\Nico Mak Computing\WinZip Malware Protector deleted
C:\PROGRA~2\FineDEalSaofat deleted
C:\Windows\system32\tasks\WinZip Malware Protector_startup deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Users\Public\Desktop\WinZip Malware Protector.lnk deleted
C:\Users\cato\adwcleaner_3.310.exe deleted
C:\Users\cato\HousecallLauncher.exe deleted
C:\Users\cato\RSIT.exe deleted
C:\Users\cato\wzmp_8.exe deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\cato\AppData\Local\Temp ====
2014-09-27 16:39:30 D5CFDE06873A24A7E04DBA14400EFC3C 246272 ----a-w- C:\Users\cato\AppData\Local\Temp\NL\install\unrar.exe
2014-09-27 11:47:55 CDE8B38D07251D52D440ECFEE62B4194 705584 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tscdll32.dll
2014-09-27 11:47:54 DA1297BB8BB34C4C31C95F4A5123AB00 1837616 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\vsapi32.dll
2014-09-27 11:47:54 5B0514235274FF4C84DC87DE7AF96294 91552 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\BPMNT.dll
2014-09-27 11:47:29 D910022DE6A001630B137A4A6170B422 1280512 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\libeay32.dll
2014-09-27 11:47:29 BBEC5ED32E8615E110CB43662C3822C1 38416 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\TMEBC32.sys
2014-09-27 11:47:29 656B71E5D44F1C92FE05717AD3D9AAF4 939536 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmufeng.dll
2014-09-27 11:47:29 4C6D311E0B13C4F469F717DB4AB4D0E7 263072 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmcomm.sys
2014-09-27 11:47:29 37BEF64E7D3E3297C8CDED259A23B017 339456 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\ssleay32.dll
2014-09-27 11:47:29 169B7467331FEAA1D3B2833022A79ADE 593920 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\libcurl.dll
2014-09-27 11:47:29 148D2019D0E7C718793F0E68A87F2FFA 58632 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\utilClientLoader.dll
2014-09-27 11:47:28 DECA60F8772002CB8A7F7215814DDF77 151552 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\libexpatw.dll
2014-09-27 11:47:28 CDCD97400D548C73F789B4C759397D67 1333808 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\ICRCHdler.dll
2014-09-27 11:47:28 BD682367064E396651EADC0BC61A11C0 550448 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmfbeng.dll
2014-09-27 11:47:28 A6D944F44B1C54871669BC2B42AA217B 182832 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\perfiCrcPerfMonMgr.dll
2014-09-27 11:47:28 37E62D137E9EB366FA525218234A5FB6 2569744 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\smv.dll
2014-09-27 11:47:28 0BC449E397A3A82FD48636BFFE19403E 263728 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\TmEngDrv.dll
2014-09-27 11:47:27 6C5879C4D104E99B9BFBC37AB62B066D 292864 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\plugin\downloader.plugin.dll
2014-09-27 11:47:27 5020DFD3D3CBBBA8B23165823793C63E 2462768 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\hc_core.dll
2014-09-27 11:47:06 15E72F9CD99A3F43E476E02F843001B4 3238288 ----a-w- C:\Users\cato\AppData\Local\Temp\HCBackup\hcpackage.exe
2014-09-22 11:57:34 EF45BEF20C26BCB41E7E87C72F19B8F8 1793584 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase\Inspect.exe
2014-09-22 11:56:36 35FED582B558D19C5E0351BC7EBA902A 1297968 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase\tmptfb.dll
2014-09-22 11:56:04 32C255FA59F3A1FC854A1ECD2D2FA035 376368 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase\PerfMonitor.exe
====== Java Cache =====
2014-09-27 19:46:06 FA4513EAD4867F7DF66822FCA1AFCDE3 19521 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\2ea66e94-56f37d7b
2014-09-27 19:46:04 F24246682A94BBEBBAD353AFAC982457 417 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\3ea4bc22-3200b4c91aa5ea8a52d9a00d01355dccfda2daa70b8f0690ecb829e5f3cd77f3-6.0.lap
2014-09-06 08:07:29 E8C80BF60938EE72EE77AB866EA40E2B 282048 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-654a0f56
2014-09-27 19:47:12 946C578AF5B50757DF869E8A3DF18F39 37103439 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\4b776d06-286ed115
2014-09-27 23:40:04 C14F12A1BEEDE672A24A48D7703EE7A8 62245738 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\60310bd-46b7f6fb
2014-09-06 08:07:28 0B23B3044AE9E02DCE26DB4D5E007252 848 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-3a59036e
2014-09-06 08:07:29 786375D181B50D547C918B63A2D00B98 445 ----a-w- C:\Users\cato\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap
====== C:\Windows\system32 =====
2014-09-27 13:54:28 6CB684788C8903F75B06BEDD88C00E8B 16384 ----a-w- C:\Windows\System32\wsusnative32.exe
2014-09-24 17:37:50 C263F3E7E0523556964D661BC7CB9565 2048 ----a-w- C:\Windows\System32\tzres.dll
====== C:\Windows\system32\drivers =====
2014-09-24 17:32:43 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\48230029.sys
2014-09-22 20:00:00 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-22 19:59:18 BD27D97297934FD4217A37FD28A7ABC7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-09-22 19:59:18 8683C1B450F4B3872839308D836E0F92 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-22 19:59:18 1AA835E8A0B8EDF3D676B4ED4BF5EF07 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-09-20 18:33:54 833024 ----a-w- C:\Program Files\2014-07-10_19-30-18-jl.wmv.exe
2014-09-20 11:35:06 0 ---ha-w- C:\Program Files\.picasa.ini
2014-09-20 10:40:57 17385800 ----a-w- C:\Program Files\picasa39-setup.exe
2014-09-06 08:06:04 -------- d-----w- C:\Program Files\Java
======= C: =====
====== C:\Users\cato\AppData\Roaming ======
2014-09-27 13:54:55 -------- d-----w- C:\Users\cato\AppData\Roaming\Nico Mak Computing
2014-09-27 13:45:44 4352D88A78AA39750BF70CD6F27BCAA5 4 ----a-w- C:\Users\cato\AppData\Roaming\appdataFr2.bin
2014-09-27 12:02:30 E74B4DDB429BB04562BFD8873F9E7CFE 83686 ----a-w- C:\Users\cato\AppData\Local\census.cache
2014-09-27 12:02:28 31D6318A9AEED38E6C62FCFF7A590FEB 121898 ----a-w- C:\Users\cato\AppData\Local\ars.cache
2014-09-27 11:59:15 C5C23BD5A3C4C155952735BC2F8464E1 10 ----a-w- C:\Users\cato\AppData\Local\sponge.last.runtime.cache
2014-09-27 11:47:05 986605492E7243A3FC2E87146A5234CD 36 ----a-w- C:\Users\cato\AppData\Local\housecall.guid.cache
2014-09-20 21:31:18 -------- d-sh--w- C:\Users\cato\AppData\Locallow\EmieUserList
2014-09-20 21:28:10 -------- d-sh--w- C:\Users\cato\AppData\Local\EmieUserList
2014-09-20 21:28:10 -------- d-sh--w- C:\Users\cato\AppData\Local\EmieSiteList
2014-09-20 21:27:29 -------- d-sh--w- C:\Users\cato\AppData\Locallow\EmieSiteList
2014-09-20 18:36:38 -------- d-----w- C:\Users\cato\AppData\Local\Comodo
2014-09-06 08:07:52 -------- d-----w- C:\Users\cato\AppData\Roaming\Oracle
2014-08-29 13:58:25 -------- d-----w- C:\Users\cato\AppData\Local\Programs
2014-08-29 13:57:43 -------- d-----w- C:\Users\cato\AppData\Roaming\Canneverbe Limited
====== C:\Users\cato ======
2014-09-27 19:50:22 9FF7F5E6052D8CF1738A4AECBD39D7D5 14848 --sha-w- C:\Users\cato\Thumbs.db
2014-09-27 16:39:09 7165B0AE78E91CC00D446656E0C0B4BC 2171857 ----a-w- C:\Users\cato\place2use4049place.nzb
2014-09-27 13:54:42 -------- d-----w- C:\ProgramData\Nico Mak Computing
2014-09-27 11:11:15 84A105621A2D7D79B7953372D8E4BA96 4964488 ----a-w- C:\Users\cato\Documents\ccsetup418.exe
2014-09-22 19:57:54 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\cato\Documents\mbam-setup-2.0.2.1012.exe
2014-09-20 18:36:41 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol
2014-09-20 10:45:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-08-29 13:57:55 -------- d-----w- C:\ProgramData\Canneverbe Limited
====== C: exe-files ==
2014-09-27 16:39:30 D5CFDE06873A24A7E04DBA14400EFC3C 246272 ----a-w- C:\Users\cato\AppData\Local\Temp\NL\install\unrar.exe
2014-09-27 13:54:28 6CB684788C8903F75B06BEDD88C00E8B 16384 ----a-w- C:\Windows\System32\wsusnative32.exe
2014-09-27 11:47:06 15E72F9CD99A3F43E476E02F843001B4 3238288 ----a-w- C:\Users\cato\AppData\Local\Temp\HCBackup\hcpackage.exe
2014-09-27 11:11:15 84A105621A2D7D79B7953372D8E4BA96 4964488 ----a-w- C:\Users\cato\Documents\ccsetup418.exe
2014-09-24 17:37:51 4D4DE14938C5BA12B70957F4AB1EEAF5 40448 ----a-w- C:\Windows\servicing\GC32\tzupd.exe
2014-09-22 19:57:54 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\cato\Documents\mbam-setup-2.0.2.1012.exe
2014-09-22 11:57:34 EF45BEF20C26BCB41E7E87C72F19B8F8 1793584 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase\Inspect.exe
2014-09-22 11:56:04 32C255FA59F3A1FC854A1ECD2D2FA035 376368 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase\PerfMonitor.exe
=== C: other files ==
2014-09-27 11:50:47 E0B8B63C6F55F3D169E7C806DB0031AE 1755361 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmase.zip
2014-09-27 11:47:29 BBEC5ED32E8615E110CB43662C3822C1 38416 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\TMEBC32.sys
2014-09-27 11:47:29 4CE8321591A5969A728021B53CBCC75E 2700 ----a-w- C:\Users\cato\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip
2014-09-27 11:47:29 4C6D311E0B13C4F469F717DB4AB4D0E7 263072 ----a-w- C:\Users\cato\AppData\Local\Temp\HouseCall\tmcomm.sys
2014-09-24 17:32:43 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\48230029.sys
2014-09-22 20:00:00 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-22 19:59:18 BD27D97297934FD4217A37FD28A7ABC7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-09-22 19:59:18 8683C1B450F4B3872839308D836E0F92 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-22 19:59:18 1AA835E8A0B8EDF3D676B4ED4BF5EF07 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-2306347899-3207702929-778101096-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"KiesPreload"="C:\Users\cato\Documents\Kies\Kies.exe /preload"
"Spotify Web Helper"="C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"EPSON Stylus DX7400 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU C:\Windows\TEMP\E_S97AC.tmp /EF HKCU"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"KiesTrayAgent"="C:\Users\cato\Documents\Kies\KiesTrayAgent.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"KiesPreload"="C:\Users\cato\Documents\Kies\Kies.exe /preload"
"Spotify Web Helper"="C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"EPSON Stylus DX7400 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU C:\Windows\TEMP\E_S97AC.tmp /EF HKCU"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24-09-2014 19:36]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe []
==== Other Scheduled Tasks ======================
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\{0A4BEB54-5553-4235-94FF-0C806BD99F22}" [C:\Program Files\OpenOffice 4\program\soffice.exe]
"C:\Windows\system32\tasks\{60F375F1-E181-404D-9C06-B470C84543B8}" [C:\Program Files\VideoLAN\VLC\vlc.exe]
"C:\Windows\system32\tasks\{AA49C1E3-AEDC-47EA-9401-1ACDB4D1258B}" [C:\Program Files\OpenOffice 4\program\soffice.exe]
"C:\Windows\system32\tasks\{F2136C1D-5A22-44F2-9273-F47B99FB70D1}" [C:\Program Files\OpenOffice 4\program\soffice.exe]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 18:22]
Minimal Memory - cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib
NNeXtCoup - cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hiidkjdkhbhgkafcdllkbbjhppfhbjol
GOOSave - cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip
WebbinG - cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmohigdnpdbagcnpkbcfiiefgcinfgaj
GOOSave - cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip
Google Wallet - cato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Minimal Memory - cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib
NNeXtCoup - cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hiidkjdkhbhgkafcdllkbbjhppfhbjol
GOOSave - cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kghpgeafnipmjoooepaeklnkciajeaip
WebbinG - cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmohigdnpdbagcnpkbcfiiefgcinfgaj
==== Chromium Startpages ======================
C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "https://dub127.mail.live.com/?tid=cmAwYKYEVB5BGF2AAhWtbndg2&fid=flinbox", "https://support.google.com/chrome/answer/95440?p=settings_omnibox&rd=1", "http://google%20chrome/", "http://search.gboxapp.com/" ],
==== Chromium Fix ======================
C:\Users\cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib deleted successfully
C:\Users\cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib deleted successfully
C:\Users\cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hiidkjdkhbhgkafcdllkbbjhppfhbjol deleted successfully
C:\Users\cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hiidkjdkhbhgkafcdllkbbjhppfhbjol deleted successfully
C:\Users\cato\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmohigdnpdbagcnpkbcfiiefgcinfgaj deleted successfully
C:\Users\cato\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmohigdnpdbagcnpkbcfiiefgcinfgaj deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{A5583D70-650A-4BB9-8AF8-4F1FC4B30EAA} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Malware Protector_is1 deleted successfully
==== Empty IE Cache ======================
C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50HZRQTZ will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\cato\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=99 folders=25 177310829 bytes)
==== Empty Temp Folders ======================
C:\Users\cato\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\cato\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\cato\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50HZRQTZ" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted
==== EOF on zo 28-09-2014 at 11:28:18,18 ======================
-
Logfile of random's system information tool 1.10 (written by random/random)
Run by cato at 2014-09-27 17:09:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 49 GB (32%) free of 153 GB
Total RAM: 2013 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:09:33, on 27-9-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\cato\Documents\Kies\KiesTrayAgent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\cato\Documents\Kies\Kies.exe
C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\cato\RSIT.exe
C:\Program Files\trend micro\cato.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: YoutubeAdBloocKe - {8b6ba6d2-cd00-4c3e-9417-0011ac41314b} - C:\Program Files\YoutubeAdBloocKe\QKfpiwt0Gy1Von.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Users\cato\Documents\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [KiesPreload] C:\Users\cato\Documents\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_S97AC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5809 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-06 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8b6ba6d2-cd00-4c3e-9417-0011ac41314b}]
YoutubeAdBloocKe - C:\Program Files\YoutubeAdBloocKe\QKfpiwt0Gy1Von.dll [2014-09-20 620032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-06 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"KiesTrayAgent"=C:\Users\cato\Documents\Kies\KiesTrayAgent.exe [2014-07-25 311616]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17880752]
"KiesPreload"=C:\Users\cato\Documents\Kies\Kies.exe [2014-07-25 1562264]
"Spotify Web Helper"=C:\Users\cato\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-03-07 1171968]
"EPSON Stylus DX7400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-09-25 4810520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-09-27 17:09:16 ----D---- C:\rsit
2014-09-27 16:17:53 ----D---- C:\AdwCleaner
2014-09-27 15:54:55 ----D---- C:\Users\cato\AppData\Roaming\Nico Mak Computing
2014-09-27 15:54:42 ----D---- C:\ProgramData\Nico Mak Computing
2014-09-27 15:54:28 ----A---- C:\Windows\system32\wsusnative32.exe
2014-09-24 19:37:50 ----A---- C:\Windows\system32\tzres.dll
2014-09-24 19:32:43 ----A---- C:\Windows\system32\drivers\48230029.sys
2014-09-22 22:00:00 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-09-22 21:59:18 ----D---- C:\ProgramData\Malwarebytes
2014-09-22 21:59:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-09-22 21:59:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-09-22 21:37:26 ----D---- C:\ProgramData\FineDEalSaofat
2014-09-20 20:37:46 ----D---- C:\ProgramData\YoutubeAdBloocKe
2014-09-20 20:37:37 ----D---- C:\Program Files\YoutubeAdBloocKe
2014-09-20 20:37:12 ----D---- C:\ProgramData\GaoSavee
2014-09-20 20:37:02 ----D---- C:\Program Files\GaoSavee
2014-09-20 20:36:40 ----D---- C:\ProgramData\e4cdde398fc7b44a
2014-09-20 20:33:54 ----A---- C:\Program Files\2014-07-10_19-30-18-jl.wmv.exe
2014-09-20 13:35:06 ----AH---- C:\Program Files\.picasa.ini
2014-09-20 12:40:57 ----A---- C:\Program Files\picasa39-setup.exe
2014-09-12 15:30:36 ----A---- C:\Windows\system32\iesetup.dll
2014-09-12 15:30:28 ----A---- C:\Windows\system32\ieui.dll
2014-09-12 15:30:27 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-12 15:30:24 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-12 15:30:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 15:30:20 ----A---- C:\Windows\system32\msrating.dll
2014-09-12 15:30:19 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-12 15:30:18 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-12 15:30:18 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-12 15:30:17 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-12 15:30:17 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-12 15:30:16 ----A---- C:\Windows\system32\iernonce.dll
2014-09-12 15:30:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-12 15:30:15 ----A---- C:\Windows\system32\vbscript.dll
2014-09-12 15:30:14 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 15:30:12 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-12 15:30:12 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-12 15:30:12 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-12 15:30:11 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 15:30:09 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-12 15:30:09 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-12 15:30:08 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-12 15:30:02 ----A---- C:\Windows\system32\iertutil.dll
2014-09-12 15:30:00 ----A---- C:\Windows\system32\wininet.dll
2014-09-12 15:29:58 ----A---- C:\Windows\system32\jscript9.dll
2014-09-12 15:29:57 ----A---- C:\Windows\system32\urlmon.dll
2014-09-12 15:29:53 ----A---- C:\Windows\system32\mshtml.dll
2014-09-12 15:29:51 ----A---- C:\Windows\system32\ieframe.dll
2014-09-12 15:28:36 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 13:03:04 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-12 13:03:04 ----A---- C:\Windows\system32\kerberos.dll
2014-09-12 13:02:34 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-12 13:02:30 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-12 13:02:23 ----A---- C:\Windows\system32\aepdu.dll
2014-09-12 13:02:22 ----A---- C:\Windows\system32\aeinv.dll
2014-09-06 10:07:52 ----D---- C:\Users\cato\AppData\Roaming\Oracle
2014-09-06 10:06:36 ----A---- C:\Windows\system32\javaws.exe
2014-09-06 10:06:25 ----A---- C:\Windows\system32\javaw.exe
2014-09-06 10:06:25 ----A---- C:\Windows\system32\java.exe
2014-09-06 10:06:04 ----D---- C:\Program Files\Java
2014-08-29 15:57:55 ----D---- C:\ProgramData\Canneverbe Limited
2014-08-29 15:57:43 ----D---- C:\Users\cato\AppData\Roaming\Canneverbe Limited
======List of files/folders modified in the last 1 month======
2014-09-27 17:09:33 ----D---- C:\Windows\Prefetch
2014-09-27 17:09:27 ----D---- C:\Program Files\trend micro
2014-09-27 17:08:41 ----D---- C:\Windows\Temp
2014-09-27 17:01:52 ----D---- C:\Windows\system32\config
2014-09-27 16:23:32 ----HD---- C:\ProgramData
2014-09-27 16:23:32 ----D---- C:\Windows
2014-09-27 16:21:48 ----RD---- C:\Program Files
2014-09-27 15:55:15 ----D---- C:\Windows\system32\Tasks
2014-09-27 15:54:28 ----D---- C:\Windows\System32
2014-09-27 14:24:40 ----D---- C:\Windows\system32\drivers
2014-09-27 13:50:01 ----D---- C:\Windows\inf
2014-09-27 13:12:55 ----D---- C:\Program Files\CCleaner
2014-09-27 11:52:26 ----D---- C:\Windows\nl-NL
2014-09-26 21:50:53 ----D---- C:\Users\cato\AppData\Roaming\Skype
2014-09-25 19:18:00 ----D---- C:\Windows\rescache
2014-09-24 23:49:34 ----D---- C:\Windows\winsxs
2014-09-24 23:49:27 ----D---- C:\Windows\system32\nl-NL
2014-09-24 23:49:12 ----SHD---- C:\System Volume Information
2014-09-24 19:36:42 ----D---- C:\Windows\system32\catroot
2014-09-24 19:36:33 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-09-22 22:18:51 ----D---- C:\Windows\Resources
2014-09-22 21:38:27 ----RD---- C:\Users
2014-09-22 08:41:56 ----N---- C:\Windows\system32\MpSigStub.exe
2014-09-22 08:24:58 ----D---- C:\Windows\debug
2014-09-20 20:39:08 ----D---- C:\Windows\Tasks
2014-09-20 20:36:40 ----HD---- C:\Windows\system32\GroupPolicy
2014-09-20 20:36:40 ----D---- C:\Program Files\Google
2014-09-20 13:13:09 ----D---- C:\Users\cato\AppData\Roaming\vlc
2014-09-19 08:55:54 ----SHD---- C:\Windows\Installer
2014-09-19 08:55:53 ----SHD---- C:\Config.Msi
2014-09-12 16:50:36 ----D---- C:\Windows\Microsoft.NET
2014-09-12 16:49:12 ----RSD---- C:\Windows\assembly
2014-09-12 16:34:54 ----D---- C:\Windows\system32\en-US
2014-09-12 16:34:52 ----D---- C:\Program Files\Internet Explorer
2014-09-12 15:31:17 ----D---- C:\Windows\system32\catroot2
2014-09-12 15:28:32 ----D---- C:\Windows\system32\MRT
2014-09-12 15:18:11 ----A---- C:\Windows\system32\MRT.exe
2014-09-12 15:16:51 ----D---- C:\Program Files\Microsoft Security Client
2014-09-12 15:16:28 ----SD---- C:\Windows\system32\CompatTel
2014-09-12 15:11:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-07 19:06:39 ----D---- C:\Users\cato\AppData\Roaming\dvdcss
2014-09-06 10:07:10 ----D---- C:\ProgramData\Oracle
2014-09-06 10:06:13 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-08-29 15:57:42 ----D---- C:\Program Files\CDBurnerXP
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-09-27 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 51928]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 892cc6a3;Performance Optimizer; c:\progra~2\perfor~1\PerformanceOptimizerSvc.dll,service []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-17 1343400]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF----------------
-
goede middag medewerkers
Sinds 2 dagen ongeveer bevind zich een irritant malware progamma op mijn computer, de naam is wxDownload en verspreid hinderlijke advertentie/popups
op mijn computer, op elke pagina die ik open laden zich ook groene symbooltjes met de daarbij behorende advertentie.
Vorige week had ik het progamma send space gedownload om een film binnen te halen, dit progamma zat ook al vol met malware.
vorige week eraf gehaald en tot gisteren geen last gehad van malware , totdat ik de computer opstarte en het inlog progamma voor mijn modem op
de startpagina verscheen.
Gisteren verder niets gebeurd, modem terug laten zetten naar fabrieksstand, maar sinds vandaag zit de computer vol met malware, heb ondertussen verschillende
antimalwareprogamma's gebruikt, maar het gaat niet weg.
Weet u mischien een manier om van deze malware af te komen.
alvast bedankt:rofl:
startmenu windows 10 werkt niet
in Archief Windows 10
Geplaatst:
hoi, heb inmiddels een andere pc op de kop kunnen tikken,
een hp compaq 6000 pro minitower, hopelijk gaat dat beter
werken, is net gereviseerd.
nog bedankt, en fijne paasdagen!