Pagina 2 van 2 EersteEerste 12
Weergegeven resultaten: 11 t/m 20 van 20

Discussie: Sharkmancoupon

  1. #11
    Gevorderd   Sofiekebieke's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    Blankenberge
    Berichten
    407
    Bedankjes
    367
    Bedankt
    45 keer in 31 posts
    Zoek.exe v5.0.0.0 Updated 03-November-2014
    Tool run by Admin on ma 03/11/2014 at 19:47:37,96.
    Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
    Running in: Normal Mode Internet Access Detected
    Launched: E:\1TB schijf 2014\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]
    ==== Older Logs ======================
    C:\zoek-results2014-11-03-175731.log 16314 bytes
    C:\zoek-results2014-11-03-180918.log 21759 bytes
    ==== Running Processes ======================
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\SysWOW64\afasrv64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe
    C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
    C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox .exe
    C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
    C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
    C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.e xe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\Macromed\Flash\FlashUtil64_15_ 0_0_189_ActiveX.exe
    E:\1TB schijf 2014\Downloads\zoek.exe
    C:\Windows\system32\conhost.exe
    ==== Deleting CLSID Registry Keys ======================

    ==== Deleting CLSID Registry Values ======================

    ==== Deleting Services ======================

    ==== Files Recently Created / Modified ======================
    ====== C:\Windows ====
    ====== C:\Users\Admin\AppData\Local\Temp ====
    2014-11-03 18:12:00 4E566FEA83FCEEAF2873702806B55006 43008 ----a-w- C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_e xt.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjpku1t.dll
    ====== Java Cache =====
    ====== C:\Windows\SysWOW64 =====
    2014-10-25 19:43:52 11996C1FD2D437347654E660DE9144A7 609240 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe
    2014-10-25 19:41:31 8999F18D38D55E34D356796507FFD639 192000 ----a-w- C:\Windows\SysWOW64\rdpendp_winip.dll
    ====== C:\Windows\SysWOW64\drivers =====
    ====== C:\Windows\Sysnative =====
    2014-10-26 10:17:50 E9CB5F138943D383DB67F29AAB60453F 3179520 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
    2014-10-26 10:17:49 2147C5330F983D76A36B73F4A804F778 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll
    2014-10-25 19:43:19 B55FA6AD6C4A74AFC85433490E97C0DE 3826628 ----a-w- C:\Windows\Sysnative\nvcoproc.bin
    2014-10-25 19:41:31 D346E07D62E3D4BEAB040939744EC31B 228864 ----a-w- C:\Windows\Sysnative\rdpendp_winip.dll
    2014-10-25 19:41:31 AD4D0AEDB5993EDA31EB80A54EDBC344 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll
    ====== C:\Windows\Sysnative\drivers =====
    2014-10-25 19:41:32 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys
    2014-10-17 09:15:55 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
    2014-10-16 10:22:06 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys
    2014-10-16 10:22:02 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
    ====== C:\Windows\Tasks ======
    ====== C:\Windows\Temp ======
    ======= C:\Program Files =====
    ======= C:\PROGRA~2 =====
    ======= C: =====
    ====== C:\Users\Admin\AppData\Roaming ======
    2014-10-25 19:58:21 4352D88A78AA39750BF70CD6F27BCAA5 4 ----a-w- C:\Users\Admin\AppData\Roaming\appdataFr2.bin
    2014-10-15 14:20:24 3F784960D883E07B7BB34814FFDED261 110688 ----a-w- C:\Windows\sysWoW64\config\systemprofile\AppData\L ocal\GDIPFONTCACHEV1.DAT
    2014-10-07 18:23:28 -------- d-----w- C:\Users\Admin\AppData\Local\sabnzbd
    ====== C:\Users\Admin ======
    2014-10-25 20:12:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    ====== C: exe-files ==
    === C: other files ==
    2014-11-03 18:02:17 EAEEA223DD0C5672DDDF88D14506E098 456886 ----a-w- C:\Users\Admin\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Low\Content.IE5\CLSDWK9E\silverlightmediaele ment[1].zip
    2014-11-03 18:01:47 81092F7AF3400291C02CAB6E54D61B71 172220 ----a-w- C:\Users\Admin\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Low\Content.IE5\CGI4AW91\RegisterDevice[1].zip
    ==== Startup Registry Enabled ======================
    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
    [HKEY_USERS\S-1-5-21-4162061662-3345863227-1776897274-1000\Software\Microsoft\Windows\CurrentVersion\Run]
    "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"
    "WSHelperSetup.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOn ce]
    "mctadmin"="C:\Windows\System32\mctadmin.exe"
    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOn ce]
    "mctadmin"="C:\Windows\System32\mctadmin.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    "ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup"
    "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    "WSHelperSetup.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
    "Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
    "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
    "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"
    "WSHelperSetup.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"="c:\\progra~2\\citrix\\icacli~1\\rs hook.dll"
    ==== Startup Registry Enabled x64 ======================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "GENIE"="C:\Program Files (x86)\NETGEAR\A6200\A6200.exe -s"
    "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
    ==== Startup Registry Disabled x64 ======================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"=""
    "hkey"="HKCU"
    "command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\Ki esPDLR.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="Adobe ARM"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="ApnTBMon"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files (x86)\\AskPartnerNetwork\\Toolbar\\Updater\\TBNoti fier.exe\""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppleIEDAV]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="AppleIEDAV"
    "hkey"="HKCU"
    "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\AppleIEDAV.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="ApplePhotoStreams"
    "hkey"="HKCU"
    "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="APSDaemon"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beid]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="beid"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files (x86)\\Belgium Identity Card\\beid35gui.exe\" /startup"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrowserPlugInHelper]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="BrowserPlugInHelper"
    "hkey"="HKLM"
    "command"="C:\\Program Files (x86)\\Wondershare\\Video Converter Ultimate\\BrowserPlugInHelper.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\com.apple.dav.bookmarks. daemon]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="com.apple.dav.bookmarks.daemon"
    "hkey"="HKCU"
    "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\BookmarkDAV_client.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConnectionCenter]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="ConnectionCenter"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files (x86)\\Citrix\\ICA Client\\concentr.exe\" /startup"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DBAgent]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="DBAgent"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files (x86)\\Seagate\\Seagate Dashboard 2.0\\DBAgent.exe\" /WinStart"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="HP Software Update"
    "hkey"="HKLM"
    "command"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="hpqSRMon"
    "hkey"="HKLM"
    "command"="C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="iCloudServices"
    "hkey"="HKCU"
    "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="iTunesHelper"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesAirMessage]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="KiesAirMessage"
    "hkey"="HKCU"
    "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesAirMessage.exe -startup"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="KiesPreload"
    "hkey"="HKCU"
    "command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="KiesTrayAgent"
    "hkey"="HKLM"
    "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanuchApp]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="LanuchApp"
    "hkey"="HKLM"
    "command"="C:\\Program Files (x86)\\NETGEAR\\A6200\\LanuchApp.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="QuickTime Task"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="SunJavaUpdateSched"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="swg"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolba rNotifier.exe\""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uploader]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="Uploader"
    "hkey"="HKCU"
    "command"="C:\\Program Files (x86)\\Seagate\\Seagate Dashboard 2.0\\Seagate.Dashboard.Uploader.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USBestCR]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="USBestCR"
    "hkey"="HKLM"
    "command"="C:\\Program Files (x86)\\Sitecom MD-020 SIM Editor\\iconcs11004138.exe RunFromReg"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wondershare Helper Compact.exe]
    "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\ CurrentVersion\\Run"
    "item"="Wondershare Helper Compact.exe"
    "hkey"="HKLM"
    "command"="C:\\Program Files (x86)\\Common Files\\Wondershare\\Wondershare Helper Compact\\WSHelper.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Micros oft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
    "path"="C:\\ProgramData\\Microsoft\\Windows\\S tart Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk"
    "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup"
    "backupExtension"=".CommonStartup"
    "command"="C:\\PROGRA~2\\HP\\DIGITA~1\\bin\\hpqtra 08.exe "
    "item"="HP Digital Imaging Monitor"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Micros oft^Windows^Start Menu^Programs^Startup^Sitecom Wireless Utility.lnk]
    "path"="C:\\ProgramData\\Microsoft\\Windows\\S tart Menu\\Programs\\Startup\\Sitecom Wireless Utility.lnk"
    "backup"="C:\\Windows\\pss\\Sitecom Wireless Utility.lnk.CommonStartup"
    "backupExtension"=".CommonStartup"
    "command"="C:\\PROGRA~2\\Sitecom\\Common\\RaUI .exe -s"
    "item"="Sitecom Wireless Utility"

    ==== Startup Folders ======================
    2014-09-14 16:01:15 1046 ----a-w- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\Dropbox.lnk
    ==== Task Scheduler Jobs ======================
    C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [01/11/2014 11:48]
    C:\Windows\tasks\AutoKMSCustom.job --a------ C:\Windows\AutoKMS\AutoKMS.exe [20/02/2013 14:51]
    ==== Other Scheduled Tasks ======================
    "C:\Windows\SysNative\tasks\Admin DBAgent 2 0" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"]
    "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe]
    "C:\Windows\SysNative\tasks\AutoKMSCustom" [C:\Windows\AutoKMS\AutoKMS.exe]
    "C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"]
    "C:\Windows\SysNative\tasks\CreateChoiceProcessTas k" [C:\Windows\System32\browserchoice.exe]
    "C:\Windows\SysNative\tasks\Seagate_Install_Launch " [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe]
    "C:\Windows\SysNative\tasks\{52D18B42-EB86-4EFC-90BE-3F444C9BB6A4}" [C:\Users\Admin\Documents\nec_usb3_1.020.1\nec_usb3 _1.020.1\nec_usb3_1.020.1\nec_usb3_1.020.1.exe]
    "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpd ate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
    "C:\Windows\SysNative\tasks\OfficeSoftwareProtecti onPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
    ==== Firefox Extensions Registry ======================
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Fi refox\Extensions]
    "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []
    [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensi ons]
    "{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}"="C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt" []
    ==== Firefox Extensions ======================
    ExtDir: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Pro files\extensions
    - MP3 Rocket Downloader - %ExtDir%\mp3rocketdownloader@mp3rocket.me.xpi
    AppDir: C:\Program Files (x86)\Mozilla Firefox
    - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
    ==== Firefox Plugins ======================

    ==== Chromium Look ======================
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensio ns
    chgdeabpmphfhkoemjjglmilajldekbp - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx[]
    ==== Set IE to Default ======================
    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://google.be/"
    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://google.be/"
    ==== All HKCU SearchScopes ======================
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={search...ox&FORM=IESR02"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found"
    ==== Reset Google Chrome ======================
    Nothing found to reset
    ==== Deleting CLSID Registry Keys ======================
    HKEY_USERS\S-1-5-21-4162061662-3345863227-1776897274-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
    ==== Deleting CLSID Registry Values ======================

    ==== Deleting Registry Keys ======================
    HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\ Windows\CurrentVersion\Uninstall\dcc4ee87-6a34-4339-9241-34e0eee5fca0 deleted successfully
    HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\G oogle deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chr ome\Extensions\chgdeabpmphfhkoemjjglmilajldekbp deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beid deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserPlugInHelper deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\com.apple.dav.bookmarks. daemon deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully
    ==== Empty IE Cache ======================
    C:\Windows\system32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Admin\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5 emptied successfully
    C:\Users\Admin\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Low\Content.IE5 emptied successfully
    C:\Users\Admin\AppData\Local\Temp\acrord32_sbx\Tem porary Internet Files\Content.IE5 emptied successfully
    C:\Users\Admin\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\SysNative\config\systemprofile\AppData\ Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\sysWoW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\ Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Lo cal\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\sysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    ==== Empty FireFox Cache ======================
    No FireFox Cache found
    ==== Empty Chrome Cache ======================
    No Chrome User Data found
    ==== Empty All Flash Cache ======================
    Flash Cache Emptied Successfully
    ==== Empty All Java Cache ======================
    Java Cache cleared successfully
    ==== C:\zoek_backup content ======================
    C:\zoek_backup (files=1104 folders=91 244721434 bytes)
    ==== Empty Temp Folders ======================
    C:\Users\Admin\AppData\Local\Temp will be emptied at reboot
    C:\Users\Default\AppData\Local\Temp emptied successfully
    C:\Users\Default User\AppData\Local\Temp emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\ Local\Temp emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Lo cal\Temp emptied successfully
    C:\Windows\Temp will be emptied at reboot
    ==== After Reboot ======================
    ==== Empty Temp Folders ======================
    C:\Windows\Temp successfully emptied
    C:\Users\Admin\AppData\Local\Temp successfully emptied
    ==== Empty Recycle Bin ======================
    C:\$RECYCLE.BIN successfully emptied
    ==== EOF on ma 03/11/2014 at 20:05:41,88 ======================

  2. #12
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    En, nog problemen nu?

  3. De volgende gebruiker bedankt Rosty voor deze nuttige post:

    Sofiekebieke ( 4 November 2014)

  4. #13
    Gevorderd   Sofiekebieke's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    Blankenberge
    Berichten
    407
    Bedankjes
    367
    Bedankt
    45 keer in 31 posts
    Beste Rosty,

    nee lijkt me volledig opgelost.
    Mijn dochter heeft hetzelfde probleem. Volg ik dezelfde stappen, zonder logfiles te sturen naar jou?
    Bedankt nog eens,

  5. #14
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Je mag dezelfde stappen volgen hoor voor je dochter. Maar post de logjes toch even ter controle.

  6. De volgende gebruiker bedankt Rosty voor deze nuttige post:

    Sofiekebieke ( 7 November 2014)

  7. #15
    Gevorderd   Sofiekebieke's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    Blankenberge
    Berichten
    407
    Bedankjes
    367
    Bedankt
    45 keer in 31 posts
    Beste Rosty, pc van mijn dochter

    # AdwCleaner v4.101 - Rapport aangemaakt 11/11/2014 op 18:28:35
    # Laatste Update 09/11/2014 door Xplode
    # Database : 2014-11-10.9 [Live]
    # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits)
    # Gebruikersnaam : Sofie - WINDOWS-OJS04FH
    # Gestart vanuit : C:\Users\Sofie\Downloads\adwcleaner_4.101.exe
    # Optie : Verwijderen
    ***** [ Services ] *****
    Service Verwijderd : f1f78e38
    [#] Service Verwijderd : globalUpdate
    [#] Service Verwijderd : globalUpdatem
    Service Verwijderd : {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw
    ***** [ Bestanden / Mappen ] *****
    Map Verwijderd : C:\ProgramData\2308189059
    Map Verwijderd : C:\ProgramData\WinSpeed
    Map Verwijderd : C:\ProgramData\CoolSaleCoupon
    Map Verwijderd : C:\ProgramData\SaveItCoupons
    Map Verwijderd : C:\ProgramData\saVeitkeeeep
    Map Verwijderd : C:\ProgramData\saviengitoyou
    Map Verwijderd : C:\ProgramData\SavveerAddioen
    Map Verwijderd : C:\ProgramData\soaFerwueba
    Map Verwijderd : C:\ProgramData\1ca8fb9203e59f37
    Map Verwijderd : C:\Program Files\globalUpdate
    Map Verwijderd : C:\Program Files\predm
    Map Verwijderd : C:\Program Files\ToggleMark
    Map Verwijderd : C:\Program Files\HDPlus-V1.9
    Map Verwijderd : C:\Program Files\di1BlockAndSurf
    Map Verwijderd : C:\Users\Sofie\AppData\Local\globalUpdate
    Map Verwijderd : C:\Users\Sofie\AppData\Roaming\OpenCandy
    Map Verwijderd : C:\Users\Sofie\Documents\Optimizer Pro
    Map Verwijderd : C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpapojfaigcamaeiljpgckpbeb cdhfkd
    Bestand Verwijderd : C:\Windows\system32\\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw.sys
    Bestand Verwijderd : C:\Users\Sofie\AppData\Roaming\aps.uninstall.scan. results
    Bestand Verwijderd : C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
    Bestand Verwijderd : C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
    Bestand Verwijderd : C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
    Bestand Verwijderd : C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
    ***** [ Taken ] *****
    Taak Verwijderd : APSnotifierPP1
    Taak Verwijderd : APSnotifierPP2
    Taak Verwijderd : APSnotifierPP3
    Taak Verwijderd : globalUpdateUpdateTaskMachineCore
    Taak Verwijderd : globalUpdateUpdateTaskMachineUA
    Taak Verwijderd : Optimizer Pro Schedule
    Taak Verwijderd : c9d77c59-0ff5-4036-8806-71115fd01f45-1
    Taak Verwijderd : c9d77c59-0ff5-4036-8806-71115fd01f45-11
    Taak Verwijderd : c9d77c59-0ff5-4036-8806-71115fd01f45-2
    Taak Verwijderd : c9d77c59-0ff5-4036-8806-71115fd01f45-3
    Taak Verwijderd : c9d77c59-0ff5-4036-8806-71115fd01f45-4
    Taak Verwijderd : c9d77c59-0ff5-4036-8806-71115fd01f45-5
    Taak Verwijderd : c9d77c59-0ff5-4036-8806-71115fd01f45-5_user
    Taak Verwijderd : c9d77c59-0ff5-4036-8806-71115fd01f45-6
    Taak Verwijderd : c9d77c59-0ff5-4036-8806-71115fd01f45-7
    ***** [ Snelkoppelingen ] *****

    ***** [ Register ] *****
    Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhk dhoafpjfnlhfpfgnpldfl
    Sleutel Verwijderd : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
    Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcess LauncherMachine
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcess LauncherMachine.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebContr ol.4
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateA sync
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateA sync.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass .1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachi neClass
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachi neClass.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Credentia lDialogMachine
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Credentia lDialogMachine.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandC OMClassMachine
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandC OMClassMachine.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandC OMClassMachineFallback
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandC OMClassMachineFallback.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandC OMClassSvc
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandC OMClassSvc.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLa uncher
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLa uncher.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3CO MClassService
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3CO MClassService.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3We bMachine
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3We bMachine.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3We bMachineFallback
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3We bMachineFallback.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3We bSvc
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3We bSvc.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
    Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SaverAdadON.SaverAdadON
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\SaverAdadON.SaverAdadON.4.7
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Safeurweb.Safeurweb
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Safeurweb.Safeurweb.1.8
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CoolSaleCoupon.CoolSaleCoupo n
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CoolSaleCoupon.CoolSaleCoupo n.9
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\.
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\..9
    Sleutel Verwijderd : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{f1f78e38}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0059570.BHO
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0059570.BHO.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0059570.Sandbox
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CrossriderApp0059570.Sandbox .1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8876C7E5-9B27-B1E9-4879-F674BE7A265A}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{94D6804E-24C4-CD71-FC27-9F871AB6DD79}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{ae6297d9-0247-42c2-964d-ec015a8a6e84}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{ba341327-0134-4191-b06b-9aee5ab1153e}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{be7bbe76-07d8-426e-928b-073417d6fc09}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951170}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952270}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955570}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956670}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544954470}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{8876C7E5-9B27-B1E9-4879-F674BE7A265A}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{94D6804E-24C4-CD71-FC27-9F871AB6DD79}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{ae6297d9-0247-42c2-964d-ec015a8a6e84}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{ba341327-0134-4191-b06b-9aee5ab1153e}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{be7bbe76-07d8-426e-928b-073417d6fc09}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951170}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{8876C7E5-9B27-B1E9-4879-F674BE7A265A}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{94D6804E-24C4-CD71-FC27-9F871AB6DD79}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{ae6297d9-0247-42c2-964d-ec015a8a6e84}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{ba341327-0134-4191-b06b-9aee5ab1153e}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{be7bbe76-07d8-426e-928b-073417d6fc09}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{11111111-1111-1111-1111-110511951170}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{8876C7E5-9B27-B1E9-4879-F674BE7A265A}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{94D6804E-24C4-CD71-FC27-9F871AB6DD79}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{ae6297d9-0247-42c2-964d-ec015a8a6e84}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{ba341327-0134-4191-b06b-9aee5ab1153e}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{be7bbe76-07d8-426e-928b-073417d6fc09}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{11111111-1111-1111-1111-110511951170}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{8876C7E5-9B27-B1E9-4879-F674BE7A265A}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{94D6804E-24C4-CD71-FC27-9F871AB6DD79}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{ae6297d9-0247-42c2-964d-ec015a8a6e84}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{ba341327-0134-4191-b06b-9aee5ab1153e}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{be7bbe76-07d8-426e-928b-073417d6fc09}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
    Sleutel Verwijderd : HKCU\Software\AnyProtect
    Sleutel Verwijderd : HKCU\Software\FreeSoftToday
    Sleutel Verwijderd : HKCU\Software\GlobalUpdate
    Sleutel Verwijderd : HKCU\Software\InstalledBrowserExtensions
    Sleutel Verwijderd : HKCU\Software\Optimizer Pro
    Sleutel Verwijderd : HKCU\Software\SmartBar
    Sleutel Verwijderd : HKCU\Software\Softonic
    Sleutel Verwijderd : HKCU\Software\TutoTag
    Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\BlockAndSurf
    Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\HDPlus-V1.9
    Sleutel Verwijderd : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Sleutel Verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Sleutel Verwijderd : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Sleutel Verwijderd : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Sleutel Verwijderd : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
    Sleutel Verwijderd : HKLM\SOFTWARE\FreeSoftToday
    Sleutel Verwijderd : HKLM\SOFTWARE\GlobalUpdate
    Sleutel Verwijderd : HKLM\SOFTWARE\InstalledBrowserExtensions
    Sleutel Verwijderd : HKLM\SOFTWARE\SearchProtect
    Sleutel Verwijderd : HKLM\SOFTWARE\ToggleMark
    Sleutel Verwijderd : HKLM\SOFTWARE\Tutorials
    Sleutel Verwijderd : HKLM\SOFTWARE\HDPlus-V1.9
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{5F488658-35A7-2AB8-A756-560BA8F103C3}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{614925F9-841A-53FE-A28F-DC30FA07239B}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{0C516764-8CFC-C2FE-7BB0-A50A646E4DCD}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{10A0E600-D246-BD63-F465-4C849C688998}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{A2616871-3463-BCEE-5AFA-73773317A381}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\HDPlus-V1.9
    Gegevens Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\searchprotect\searchprotect\bin\spvc32 loader.dll
    Gegevens Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\winspeed\winspeed.dll
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
    ***** [ Browsers ] *****
    -\\ Internet Explorer v11.0.9600.17344
    Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
    Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
    Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
    Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
    Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
    Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
    Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
    Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
    -\\ Google Chrome v
    [C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [Search Provider] : hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8aKoyk0zToSi7W1nLkLG69zNM3OUeBo-m-iP3K3m7ntJ_cgE1nmmB45FqJtTdI0SNLDienhyucZ9UXJreVFo ACZPiE8qn1Oz9kdLsYlsGC4wDri4HR1tkk3BiLxkZnF5_yLG_b bPVODrLe2vM2etc,&q={searchTerms}
    [C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
    [C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Extension] : kpapojfaigcamaeiljpgckpbebcdhfkd
    [C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\preferences] - Verwijderd [Homepage] : hxxp://search.gboxapp.com/
    *************************
    AdwCleaner[R0].txt - [20509 octets] - [11/11/2014 18:27:06]
    AdwCleaner[S0].txt - [18864 octets] - [11/11/2014 18:28:35]
    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18925 octets] ##########

  8. #16
    Gevorderd   Sofiekebieke's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    Blankenberge
    Berichten
    407
    Bedankjes
    367
    Bedankt
    45 keer in 31 posts
    Malwarebytes Anti-Malware
    www.malwarebytes.org
    Scan Date: 11-11-2014
    Scan Time: 18:38:53
    Logfile: Malwarebytes log.txt
    Administrator: Yes
    Version: 2.00.3.1025
    Malware Database: v2014.11.11.06
    Rootkit Database: v2014.11.10.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled
    OS: Windows 7 Service Pack 1
    CPU: x86
    File System: NTFS
    User: Sofie
    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 463284
    Time Elapsed: 1 hr, 19 min, 45 sec
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
    Processes: 0
    (No malicious items detected)
    Modules: 1
    PUP.Optional.MultiPlug, C:\ProgramData\savernet\YagPNbosnzHFyf.dll, Delete-on-Reboot, [a97687b3bcc09b9bcb9cab13f30e8b75],
    Registry Keys: 10
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{acd4925d-ca35-411a-a902-59da687db2e0}, Quarantined, [a97687b3bcc09b9bcb9cab13f30e8b75],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXP LORER\BROWSER HELPER OBJECTS\{ACD4925D-CA35-411A-A902-59DA687DB2E0}, Quarantined, [a97687b3bcc09b9bcb9cab13f30e8b75],
    PUP.Optional.MultiPlug, HKU\S-1-5-21-3656978789-4053311993-1158336851-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SE TTINGS\{ACD4925D-CA35-411A-A902-59DA687DB2E0}, Quarantined, [a97687b3bcc09b9bcb9cab13f30e8b75],
    PUP.Optional.MultiPlug, HKU\S-1-5-21-3656978789-4053311993-1158336851-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\ST ATS\{ACD4925D-CA35-411A-A902-59DA687DB2E0}, Quarantined, [a97687b3bcc09b9bcb9cab13f30e8b75],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT \PREAPPROVED\{ACD4925D-CA35-411A-A902-59DA687DB2E0}, Quarantined, [a97687b3bcc09b9bcb9cab13f30e8b75],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\CLSID\{ACD4925D-CA35-411A-A902-59DA687DB2E0}\INPROCSERVER32, Quarantined, [a97687b3bcc09b9bcb9cab13f30e8b75],
    PUP.Optional.Snapdo.T, HKU\S-1-5-21-3656978789-4053311993-1158336851-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [db442614f8847bbb5c7c668a1ce6ec14],
    PUP.Optional.SuperFish.A, HKU\S-1-5-21-3656978789-4053311993-1158336851-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [3ee1f644f6862d09657f7fc983808e72],
    PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.DealsFactor.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNI NSTALL\{37476589-E48E-439E-A706-56189E2ED4C4}_is1, Quarantined, [3ce3bf7bc5b770c6ebb7ef3655ae4cb4],
    Registry Values: 2
    PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN |fst_be_54, Quarantined, [899681b9b2cacf67f53cd089679cd22e],
    PUP.Optional.Snapdo.T, HKU\S-1-5-21-3656978789-4053311993-1158336851-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [9f8016245e1e60d64bd1e75e1ae950b0]
    Registry Data: 6
    PUP.Optional.SafeFinder.A, HKU\S-1-5-21-3656978789-4053311993-1158336851-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.safefinder.com/?p=mKO_Aw...q={searchTerms}, Good: (www.google.com), Bad: (http://feed.safefinder.com/?p=mKO_Aw...ms}),Replaced,[e837d862fe7e67cf209896a2996c629e]
    PUP.Optional.SafeFinder.A, HKU\S-1-5-21-3656978789-4053311993-1158336851-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.safefinder.com/?p=mKO_Aw...gYnN3cwxZQ10wU,, Good: (www.google.com), Bad: (http://feed.safefinder.com/?p=mKO_Aw...wU,),Replaced,[1c0388b2790369cdd6df7dbbc83dda26]
    PUP.Optional.SafeFinder.A, HKU\S-1-5-21-3656978789-4053311993-1158336851-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.safefinder.com/?p=mKO_Aw...q={searchTerms}, Good: (www.google.com), Bad: (http://feed.safefinder.com/?p=mKO_Aw...ms}),Replaced,[e03f12286f0def47b2082c0cde275ca4]
    PUP.Optional.SafeFinder.A, HKU\S-1-5-21-3656978789-4053311993-1158336851-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.safefinder.com/?p=mKO_Aw...q={searchTerms}, Good: (www.google.com), Bad: (http://feed.safefinder.com/?p=mKO_Aw...ms}),Replaced,[8a959b9f95e7ae882d900b2dde2754ac]
    PUP.Optional.SafeFinder.A, HKU\S-1-5-21-3656978789-4053311993-1158336851-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.safefinder.com/?p=mKO_Aw...q={searchTerms}, Good: (www.google.com), Bad: (http://feed.safefinder.com/?p=mKO_Aw...ms}),Replaced,[140b69d1c5b7300604ba4cec16ef8878]
    PUP.Optional.SafeFinder.A, HKU\S-1-5-21-3656978789-4053311993-1158336851-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.safefinder.com/?p=mKO_Aw...q={searchTerms}, Good: (www.google.com), Bad: (http://feed.safefinder.com/?p=mKO_Aw...ms}),Replaced,[66b9a49615675ed8c7f9300863a2df21]
    Folders: 4
    PUP.Optional.Extutil.A, C:\Users\Sofie\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Quarantined, [e63952e83b41330333b5a3750bf8e020],
    PUP.Optional.Managera.A, C:\Users\Sofie\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Quarantined, [4dd23406e993ef477f6a6dab758e26da],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.DealsFactor.A, C:\ProgramData\DealsFactor, Quarantined, [3ce3bf7bc5b770c6ebb7ef3655ae4cb4],
    Files: 54
    PUP.Optional.MultiPlug, C:\ProgramData\savernet\YagPNbosnzHFyf.dll, Delete-on-Reboot, [a97687b3bcc09b9bcb9cab13f30e8b75],
    PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-3.exe.vir, Quarantined, [54cb01394b31bd79e67f71e417e9fb05],
    PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-11.exe.vir, Quarantined, [3be4d367710b91a5e4815005b84812ee],
    PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files\HDPlus-V1.9\utils.exe.vir, Quarantined, [e33ca595314b30060905043c1ee2c040],
    PUP.Optional.ToggleMark.A, C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\utilToggleMark.exe.vir, Quarantined, [24fb48f29edeab8b80fa6a1a907144bc],
    PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\plugins\ToggleMark.BroStats.d ll.vir, Quarantined, [39e6db5f97e5053178d6aa1a1ce507f9],
    PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\plugins\ToggleMark.BrowserAda pterS.dll.vir, Quarantined, [20ff48f2df9d45f10da7ebb33ec316ea],
    PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files\ToggleMark\bin\plugins\ToggleMark.IEUpdate.d ll.vir, Quarantined, [1708a1997408280eb298a71d5da413ed],
    PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\CoolSaleCou pon\ollqSTWl9rlKrg.dll.vir, Quarantined, [9f801228c0bcc6705413c8f647baa060],
    PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\saVeitkeeee p\WR7wyE9XXBAVYL.dll.vir, Quarantined, [de41bd7d1963a096a4c34e70ba47629e],
    PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\saviengitoy ou\5CP9KFf01ka6pi.dll.vir, Quarantined, [24fb46f4a5d763d3580ff4ca11f0cc34],
    PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\SavveerAddi oen\VHr4gYGx.dll.vir, Quarantined, [c9562e0c82fa3cfa45224c72f60b05fb],
    PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\SavveerAddi oen\VHr4gYGx.exe.vir, Quarantined, [36e958e265171521115788369e639070],
    PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\soaFerwueba \qpa.dll.vir, Quarantined, [2ef1281280fcaf872c3bb40adf226a96],
    PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\soaFerwueba \qpa.exe.vir, Quarantined, [6fb081b923596dc91652447aa55cc937],
    Trojan.SProtector, C:\AdwCleaner\Quarantine\C\ProgramData\WinSpeed\Wi nSpeed.dll.vir, Quarantined, [32ed1624b7c5d0661da0e3ddf809f709],
    PUP.Optional.Revizer, C:\Users\Sofie\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5\AKK4GE1N\BlockAndSurf_2222-5510[1].exe, Quarantined, [938c3bffd4a8cc6ab84cb79ade229868],
    PUP.Optional.InstallMonetizer.NS, C:\Users\Sofie\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5\E3YKP7LU\VuuPC_VO2_8907[1].exe, Quarantined, [0619df5b7b0173c39a788e241ce523dd],
    PUP.Optional.InstallCore, C:\Users\Sofie\AppData\Local\Temp\nsb2943.tmp, Quarantined, [55ca4af0d8a462d436c7ffb668995ea2],
    PUP.Optional.InstallCore, C:\Users\Sofie\AppData\Local\Temp\nsb7D1D.tmp, Quarantined, [eb34ed4d3d3fa690728b2590946d33cd],
    PUP.Optional.InstallCore, C:\Users\Sofie\AppData\Local\Temp\nsdC70B.tmp, Quarantined, [e03ff644473549ed2fce14a12cd56a96],
    PUP.Optional.SearchProtect.A, C:\Users\Sofie\AppData\Local\Temp\nshC04.tmp, Quarantined, [170833072d4fbe78f0887e27936ee41c],
    PUP.Optional.Conduit.A, C:\Users\Sofie\AppData\Local\Temp\nsmB8E7.exe, Quarantined, [e83753e782fad26499c1287326db0000],
    PUP.Optional.Conduit.A, C:\Users\Sofie\AppData\Local\Temp\nsrB1B5.exe, Quarantined, [39e62b0f720a67cfd585009bca3733cd],
    PUP.Optional.Conduit.A, C:\Users\Sofie\AppData\Local\Temp\nssA17.exe, Quarantined, [c15e58e2c1bb54e2352567345aa7659b],
    PUP.Optional.Conduit.A, C:\Users\Sofie\AppData\Local\Temp\nsx249.exe, Quarantined, [fe21b189403c0432b0aa0b9014ed14ec],
    PUP.Optional.InstallCore, C:\Users\Sofie\AppData\Local\Temp\nsx5F8F.tmp, Quarantined, [8699e05aadcf94a26e8fcfe638c9b14f],
    PUP.Optional.CrossRider, C:\Users\Sofie\AppData\Local\Temp\setup.exe, Quarantined, [df4087b3bac259dde32eb3020ef332ce],
    PUP.Optional.Softonic.A, C:\Users\Sofie\Documents\downloads\SoftonicDownloa der_voor_windows-live-messenger-2009.exe, Quarantined, [2bf4aa90a7d5d0661ac910285fa2f20e],
    PUP.Optional.Bandoo, C:\Users\Sofie\Documents\downloads\iLvSetup-r267-n-bc.exe, Quarantined, [ba6590aaaad2c0764244061c12ef8779],
    PUP.Optional.Softonic.A, C:\Users\Sofie\Downloads\SoftonicDownloader_voor_b ittorrent.exe, Quarantined, [021d60daf18b39fd8c575fd9bf42ac54],
    PUP.Optional.OpenCandy, C:\Users\Sofie\Downloads\bullshit\mp3rocket (1).exe, Quarantined, [8c930832aecee452585f5d0c62a3a858],
    PUP.Optional.OpenCandy, C:\Users\Sofie\Downloads\bullshit\Niet bevestigd 77195.crdownload, Quarantined, [43dc1e1c601cb4825562472257aef40c],
    PUP.Optional.Softonic.A, C:\Users\Sofie\Downloads\bullshit\SoftonicDownload er_voor_windows-live-messenger-2009.exe, Quarantined, [958af941611bf73f6a790c2c5ea39b65],
    PUP.Optional.InstallCore.A, C:\Users\Sofie\Downloads\bullshit\windows-live-messenger-2009.exe, Quarantined, [35ea9e9c295371c5656a857d9e6736ca],
    PUP.Optional.SmartBar, C:\Windows\Installer\MSI2C67.tmp-\Smartbar.Installer.CustomActions.dll, Quarantined, [d847d961aeceea4c7ed0230be11f5da3],
    PUP.Optional.SmartBar, C:\Windows\Installer\MSI8F4E.tmp-\Smartbar.Installer.CustomActions.dll, Quarantined, [c15e2e0cfe7e85b1e965a18ddf21f10f],
    PUP.Optional.SmartBar, C:\Windows\Installer\MSID476.tmp-\Smartbar.Installer.CustomActions.dll, Quarantined, [011e6dcd5725fc3a27272e00ab5547b9],
    PUP.Optional.Extutil.A, C:\Users\Sofie\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, Quarantined, [e63952e83b41330333b5a3750bf8e020],
    PUP.Optional.Extutil.A, C:\Users\Sofie\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, Quarantined, [e63952e83b41330333b5a3750bf8e020],
    PUP.Optional.Extutil.A, C:\Users\Sofie\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, Quarantined, [e63952e83b41330333b5a3750bf8e020],
    PUP.Optional.Managera.A, C:\Users\Sofie\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, Quarantined, [4dd23406e993ef477f6a6dab758e26da],
    PUP.Optional.Managera.A, C:\Users\Sofie\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, Quarantined, [4dd23406e993ef477f6a6dab758e26da],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788\Goog leCrashHandler.exe, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788\Goog leUpdate.exe, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788\Goog leUpdateBroker.exe, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788\Goog leUpdateHelper.msi, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788\Goog leUpdateOnDemand.exe, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788\goop date.dll, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788\goop dateres_en.dll, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788\npGo ogleUpdate4.dll, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788\psma chine.dll, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.GlobalUpdate.A, C:\Users\Sofie\AppData\Local\Temp\comh.175788\psus er.dll, Quarantined, [3ce357e35f1da49286604ecc4bb88080],
    PUP.Optional.DealsFactor.A, C:\ProgramData\DealsFactor\DealsFactor.exe, Quarantined, [3ce3bf7bc5b770c6ebb7ef3655ae4cb4],

  9. #17
    Gevorderd   Sofiekebieke's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    Blankenberge
    Berichten
    407
    Bedankjes
    367
    Bedankt
    45 keer in 31 posts
    Zoek.exe v5.0.0.0 Updated 10-November-2014
    Tool run by Sofie on di 11-11-2014 at 20:29:30,10.
    Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Sofie\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]
    ==== Running Processes ======================
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\Hpservice.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdate Svc.exe
    C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\System32\MsSpellCheckingFacility.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\Sofie\Downloads\zoek.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    ==== System Restore Info ======================
    11-11-2014 20:31:26 Zoek.exe System Restore Point Created Succesfully.
    ==== Deleting CLSID Registry Keys ======================

    ==== Deleting CLSID Registry Values ======================

    ==== Deleting Services ======================

    ==== Deleting Files \ Folders ======================
    C:\PROGRA~2\savernet deleted
    C:\Users\Sofie\AppData\Local\nsl1087.tmp deleted
    C:\Windows\system32\drivers\Msft_Kernel_webinstr_0 1009.Wdf deleted
    C:\Windows\system32\GroupPolicy\Machine deleted
    C:\Windows\system32\GroupPolicy\User deleted
    C:\Windows\system32\GroupPolicy\gpt.ini deleted
    ==== Files Recently Created / Modified ======================
    ====== C:\Windows ====
    ====== C:\Users\Sofie\AppData\Local\Temp ====
    2014-11-08 08:47:13 5C73E64374D9BA37AC5569D1F7DE5C9B 665682 ----a-w- C:\Users\Sofie\AppData\Local\Temp\sqlite3.dll
    2014-11-08 08:33:34 7AAB90847C56E6F7E922BB29D5B3EA8A 601088 ----a-w- C:\Users\Sofie\AppData\Local\Temp\Quarantine.exe
    ====== Java Cache =====
    ====== C:\Windows\system32 =====
    ====== C:\Windows\system32\drivers =====
    2014-11-11 19:22:06 C97E0F487690FB0C7221168465982810 52440 ----a-w- C:\Windows\System32\drivers\bywv.sys
    2014-11-11 17:36:13 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-11-11 17:35:43 E89B115E1DD297DCB694B22CFA90BF61 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-11-11 17:35:43 D2DED3C333A5D9CB3F4C244B0F0DD877 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-11-11 17:35:43 7A6526C8BD114DB7CA8930AB22D52A0B 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-10-26 15:11:58 E1E18E2987072861707681A0E6D16F21 186368 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2014-10-26 15:11:57 E10601CF12F9E619BC16A40E962954E9 31232 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
    ====== C:\Windows\Tasks ======
    ====== C:\Windows\Temp ======
    ======= C:\Program Files =====
    ======= C: =====
    ====== C:\Users\Sofie\AppData\Roaming ======
    2014-11-11 12:48:39 4305F2DD796111E7CF5A18DFE8E157B0 4299700 ----a-w- C:\Users\Sofie\AppData\Local\package.nw.new
    2014-11-11 12:40:08 -------- d-----w- C:\Users\Sofie\AppData\Local\app
    2014-10-26 14:41:32 -------- d-----w- C:\Users\Sofie\AppData\Local\Popcorn-Time
    2014-10-26 14:41:19 -------- d-----w- C:\Users\Sofie\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Popcorn Time
    2014-10-26 14:40:45 -------- d-----w- C:\Users\Sofie\AppData\Local\Popcorn Time
    ====== C:\Users\Sofie ======
    2014-11-11 17:34:59 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Sofie\Downloads\mbam-setup-2.0.0.1000.exe
    2014-11-11 17:26:21 6504113C2218667814D4F54847BA046A 2140160 ----a-w- C:\Users\Sofie\Downloads\adwcleaner_4.101.exe
    ====== C: exe-files ==
    2014-11-11 17:34:59 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Sofie\Downloads\mbam-setup-2.0.0.1000.exe
    2014-11-11 17:26:21 6504113C2218667814D4F54847BA046A 2140160 ----a-w- C:\Users\Sofie\Downloads\adwcleaner_4.101.exe
    2014-11-08 08:33:34 7AAB90847C56E6F7E922BB29D5B3EA8A 601088 ----a-w- C:\Users\Sofie\AppData\Local\Temp\Quarantine.exe
    === C: other files ==
    2014-11-11 19:22:06 C97E0F487690FB0C7221168465982810 52440 ----a-w- C:\Windows\System32\drivers\bywv.sys
    2014-11-11 17:36:13 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-11-11 17:35:43 E89B115E1DD297DCB694B22CFA90BF61 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-11-11 17:35:43 D2DED3C333A5D9CB3F4C244B0F0DD877 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-11-11 17:35:43 7A6526C8BD114DB7CA8930AB22D52A0B 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-11-11 12:40:13 E6C389783022E8026DABC176433B5201 5878 ----a-w- C:\Users\Sofie\AppData\Local\app\Popcorn Time\node_modules\adm-zip\test\assets\store.zip
    2014-11-11 12:40:13 D51845CD18A0425F0888F1D0F96D2F20 415 ----a-w- C:\Users\Sofie\AppData\Local\app\Popcorn Time\node_modules\adm-zip\test\assets\linux_arc.zip
    2014-11-11 12:40:13 C38BDFCF2143FAC75C9E0491AE0993B2 4189 ----a-w- C:\Users\Sofie\AppData\Local\app\Popcorn Time\node_modules\adm-zip\test\assets\attributes_test.zip
    2014-11-11 12:40:13 AD05551C2A7B1A9DEAB42640C408CA13 4194 ----a-w- C:\Users\Sofie\AppData\Local\app\Popcorn Time\node_modules\adm-zip\test\assets\fastest.zip
    2014-11-11 12:40:13 AD05551C2A7B1A9DEAB42640C408CA13 4194 ----a-w- C:\Users\Sofie\AppData\Local\app\Popcorn Time\node_modules\adm-zip\test\assets\fast.zip
    2014-11-11 12:40:13 84570EA57C894FF970904388EBF6C0CA 4170 ----a-w- C:\Users\Sofie\AppData\Local\app\Popcorn Time\node_modules\adm-zip\test\assets\normal.zip
    2014-11-11 12:40:13 202063BBB23B1C09B0C1A91820C82D26 4086 ----a-w- C:\Users\Sofie\AppData\Local\app\Popcorn Time\node_modules\adm-zip\test\assets\ultra.zip
    2014-11-11 12:40:13 202063BBB23B1C09B0C1A91820C82D26 4086 ----a-w- C:\Users\Sofie\AppData\Local\app\Popcorn Time\node_modules\adm-zip\test\assets\maximum.zip
    ==== Startup Registry Enabled ======================
    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
    [HKEY_USERS\S-1-5-21-3656978789-4053311993-1158336851-1001\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
    [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOn ce]
    "mctadmin"="C:\Windows\System32\mctadmin.exe"
    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOn ce]
    "mctadmin"="C:\Windows\System32\mctadmin.exe"
    [HKEY_USERS\S-1-5-21-3656978789-4053311993-1158336851-1001\Software\Microsoft\Windows\CurrentVersion\Run Once]
    "mctadmin"="C:\Windows\System32\mctadmin.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
    "Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebyt es Anti-Malware\mbamdor.exe C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
    ==== Startup Registry Disabled ======================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="Adobe ARM"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AnyProtect Scanner]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="AnyProtect Scanner"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\AnyProtectEx\\AnyProtect.exe\""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlockAndSurf]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="BlockAndSurf"
    "hkey"="HKCU"
    "command"="C:\\Program Files\\di1BlockAndSurf\\BlockAndSurf.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ChicaPasswordManager]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="ChicaPasswordManager"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\ChicaLogic\\Chica Password Manager\\stpass.exe\" /autorunned"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\fst_be_54]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="fst_be_54"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\fst_be_54\\fst_be_54.exe\""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersio n\\Run"
    "item"="Skype"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

    ==== Task Scheduler Jobs ======================
    C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe [26-10-2014 16:03]
    ==== Other Scheduled Tasks ======================
    "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe]
    "C:\Windows\system32\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"]
    "C:\Windows\system32\tasks\CreateChoiceProcessTask " [C:\Windows\System32\browserchoice.exe]
    "C:\Windows\system32\tasks\Apple\AppleSoftwareUpda te" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
    "C:\Windows\system32\tasks\OfficeSoftwareProtectio nPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
    ==== Chromium Look ======================
    SEOquake - Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdn dkjdjc
    HDPlus-V1.9 - Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnomihfieiccainjcjblhegjgg lakjdd
    Effective Measure Community Plugin - Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkgdmfemjeohjmeeabffnombnp kkogjm
    Google Wallet - Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda
    Phone To Desktop - Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifdfchgmkfglcccmkoofhbnmk dlbgag
    Tab Bundler - Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooajenhhhbdbcolenhmmkgmkco cfdahd
    ==== Chromium Fix ======================
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage-journal deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bittorrent.nl.softonic.com_0.localsto rage deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bittorrent.nl.softonic.com_0.localsto rage-journal deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkgdmfemjeohjmeeabffnombnp kkogjm deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdn dkjdjc deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnomihfieiccainjcjblhegjgg lakjdd deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnomihfieiccainjcjblhegjgglakjdd_0.local storage deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnomihfieiccainjcjblhegjgglakjdd_0.local storage-journal deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_bnomihfieiccainjcjblhegjgglakjdd_0 deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bnomihfieiccainjcjblhegjgglakjdd deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oifdfchgmkfglcccmkoofhbnmk dlbgag deleted successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooajenhhhbdbcolenhmmkgmkco cfdahd deleted successfully
    ==== Set IE to Default ======================
    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com"
    "Search Page"="http://www.google.com"
    "Search Bar"="http://www.google.com"
    "Use Search Asst"="yes"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
    "Default"="http://www.google.com"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    "Default"="http://www.google.com"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
    "Default_Search_URL"="http://www.google.com"
    "SearchAssistant"="http://www.google.com"
    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://www.google.com"
    "Use Search Asst"="no"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
    "(Default)"="http://search.msn.com/results.asp?q=%s"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    "(Default)"="http://search.msn.com/results.asp?q=%s"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC176...t/srchasst.htm"
    ==== All HKCU SearchScopes ======================
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{758B870D-DF78-4A6A-9955-DEDDCACF94DC}"
    {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={search...ox&FORM=IE8SRC"
    {19D444C7-332D-4FA4-9481-7C417B220D10} Google NL Url="http://www.google.nl/search?hl=nl&q={searchTerms}&meta="
    {758B870D-DF78-4A6A-9955-DEDDCACF94DC} Google Url="https://www.google.com/search?q={searchTerms}"
    ==== Reset Google Chrome ======================
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
    ==== Deleting Registry Keys ======================
    HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyProtect Scanner deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlockAndSurf deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChicaPasswordManager deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fst_be_54 deleted successfully
    ==== Empty IE Cache ======================
    C:\Users\Sofie\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Content.IE5 emptied successfully
    C:\Users\Sofie\AppData\Local\Microsoft\Windows\Tem porary Internet Files\Low\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    ==== Empty FireFox Cache ======================
    No FireFox Profiles found
    ==== Empty Chrome Cache ======================
    C:\Users\Sofie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
    ==== Empty All Flash Cache ======================
    Flash Cache Emptied Successfully
    ==== Empty All Java Cache ======================
    No Java Cache Found
    ==== C:\zoek_backup content ======================
    C:\zoek_backup (files=133 folders=24 5100466 bytes)
    ==== Empty Temp Folders ======================
    C:\Users\Default\AppData\Local\Temp emptied successfully
    C:\Users\Default User\AppData\Local\Temp emptied successfully
    C:\Users\Sofie\AppData\Local\Temp will be emptied at reboot
    C:\Users\UpdatusUser.WINDOWS-OJS04FH\AppData\Local\Temp emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\ Local\Temp will be emptied at reboot
    C:\Windows\serviceprofiles\Localservice\AppData\Lo cal\Temp emptied successfully
    C:\Windows\Temp will be emptied at reboot
    ==== After Reboot ======================
    ==== Empty Temp Folders ======================
    C:\Windows\Temp successfully emptied
    C:\Users\Sofie\AppData\Local\Temp successfully emptied
    ==== Empty Recycle Bin ======================
    C:\$RECYCLE.BIN successfully emptied
    ==== Deleting Files / Folders ======================
    "C:\Windows\serviceprofiles\networkservice\AppData \Local\Temp\Low" not deleted
    ==== EOF on di 11-11-2014 at 20:44:42,36 ======================

  10. #18
    Gevorderd   Sofiekebieke's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    Blankenberge
    Berichten
    407
    Bedankjes
    367
    Bedankt
    45 keer in 31 posts
    Lijkt ook weer opgelost te zijn. is er nog iets te zien?
    Alvast bedankt hoor

  11. #19
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Ziet er goed uit hoor!

  12. De volgende gebruiker bedankt Rosty voor deze nuttige post:

    Sofiekebieke (21 November 2014)

  13. #20
    Gevorderd   Sofiekebieke's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    Blankenberge
    Berichten
    407
    Bedankjes
    367
    Bedankt
    45 keer in 31 posts
    Beste Rosty, super bedankt hoor.

  14. De volgende gebruiker bedankt Sofiekebieke voor deze nuttige post:

    Rosty (21 November 2014)

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. Sharkmancoupon
    Door Blankenberge in forum Malware
    Reacties: 4
    Laatste bericht: 31 October 2014, 22:18

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •