qvo6 start/zoekpagina [Archief]

Volledige versie bekijken : qvo6 start/zoekpagina

Wouter

15 September 2013, 19:24

Hey,

Ik geraak maar niet van die qvo6 start/zoekpagina van af. Het lukt me maar niet om AVG te installeren.
Ik vermoed dat er nog een en ander op zit, dat hier niet thuis hoort.
Ik scande (en verwijderde) al met MBAM, Spybot S&D, ADWcleaner en Emsisoft Security Kit.
Nog niet alles blijkt in orde te zijn.

Kan iemand helpen controleren?

Bedankt!

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org (http://www.malwarebytes.org)
Databaseversie: v2013.09.15.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
PC :: PC-MSI [administrator]
Bescherming: Uitgeschakeld
16/09/2013 16:48:14
mbam-log-2013-09-16 (16-48-14).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 219269
Verstreken tijd: 4 minuut/minuten, 3 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)

Wouter

15 September 2013, 19:25

Hallo,

Hierbij het DDS-logje:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.40.2
Run by PC at 18:54:35 on 2013-09-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.1902.901 [GMT 2:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
D:\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelpe r.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\windows\system32\SearchIndexer.exe
D:\PC\Desktop\tdrxpqc7.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\WUDFHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mSearchAssistant = about:blank
uURLSearchHooks: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - <orphaned>
uURLSearchHooks: {65ca59ee-9920-4d7f-8c41-bfa12403261a} - <orphaned>
uURLSearchHooks: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live Aanmelden - Help: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
uRun: [Facebook Update] "D:\PC\AppData\Local\Facebook\Update\FacebookUpdate .exe" /c /nocrashserver
uRun: [Spotify] "D:\PC\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [Spotify Web Helper] "D:\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelpe r.exe"
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
mRun: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\E reg.ini"
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
StartupFolder: D:\PC\AppData\Roaming\MICROS~1\Windows\STARTM~1\Pr ograms\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - D:\PC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyo utubetomp3converter.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0017-0000-0040-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_40-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 192.168.254.1
TCP: Interfaces\{1B2B6F7B-DB80-4072-8E10-4BD9CECB8375} : DHCPNameServer = 192.168.254.1
TCP: Interfaces\{1B2B6F7B-DB80-4072-8E10-4BD9CECB8375}\2626F68723D253333303 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{1B2B6F7B-DB80-4072-8E10-4BD9CECB8375}\2696267656C6577756 : DHCPNameServer = 10.250.10.2
TCP: Interfaces\{1B2B6F7B-DB80-4072-8E10-4BD9CECB8375}\4505C496E6B6 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{1B2B6F7B-DB80-4072-8E10-4BD9CECB8375}\4505D2C494E4B4F5246403341403 : DHCPNameServer = 195.130.131.133 195.130.130.5
TCP: Interfaces\{FE8D025F-926B-4043-A815-0054A0004052} : DHCPNameServer = 192.168.254.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Insta ller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mDefault_Page_URL = about:blank
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-7-1 13336]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-9 144672]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-7-1 2320920]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\windows\System32\drivers\ArcSoftKsUFilte r.sys [2010-7-1 19968]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-9-2 245760]
R3 EUCR;EUCR;C:\windows\System32\drivers\EUCR6SK.sys [2010-7-1 87888]
R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2010-7-1 56344]
R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-7-1 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-7-1 271872]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-7-1 215040]
S2 AVGIDSAgent;AVGIDSAgent;"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" --> C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-16 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-16 701512]
S3 MBAMProtector;MBAMProtector;C:\windows\System32\dr ivers\mbam.sys [2013-9-16 25928]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUs bFlt.sys [2011-7-31 59392]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-3-23 1255736]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary;C:\windows\System32\drivers\zghsmdm.sy s [2011-1-13 122624]
.
=============== Created Last 30 ================
.
2013-09-16 14:45:38 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-09-16 14:45:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-16 13:18:57 0 ----a-w- C:\windows\SysWow64\drivers\AVGTDIA.SYS
2013-09-16 13:12:05 -------- d-----w- C:\ProgramData\AVG2014
2013-09-15 12:30:55 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-09-15 11:53:03 -------- d-----w- D:\PC\AppData\Roaming\Malwarebytes
2013-09-15 11:53:03 -------- d-----w- C:\ProgramData\Malwarebytes
2013-09-14 20:45:11 0 ----a-w- C:\windows\SysWow64\drivers\AVGRKX64.SYS
2013-09-14 20:45:11 0 ----a-w- C:\windows\SysWow64\drivers\AVGLOGA.SYS
2013-09-14 20:45:11 0 ----a-w- C:\windows\SysWow64\drivers\AVGIDSHA.SYS
2013-09-14 20:45:11 0 ----a-w- C:\windows\SysWow64\drivers\AVGIDSDRIVERA.SYS
2013-09-14 20:32:26 -------- d-----w- D:\PC\AppData\Local\MFAData
2013-09-14 20:32:26 -------- d-----w- C:\ProgramData\MFAData
2013-09-14 20:12:48 -------- d-----w- C:\ProgramData\Oracle
2013-09-14 20:12:16 868264 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-09-14 20:12:01 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-14 18:34:26 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1526056-9A24-423A-827A-C591B1AD6BE7}\mpengine.dll
2013-09-13 21:51:31 -------- d-----w- C:\windows\System32\MRT
2013-09-13 21:27:59 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2013-09-13 21:27:59 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-09-13 21:27:59 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2013-09-13 21:27:58 6656 ----a-w- C:\windows\System32\apisetschema.dll
2013-09-13 21:27:58 2048 ----a-w- C:\windows\SysWow64\user.exe
2013-09-13 21:27:50 3155456 ----a-w- C:\windows\System32\win32k.sys
2013-09-13 20:42:37 -------- d-----w- C:\ProgramData\Uniblue
2013-08-26 20:50:26 -------- d-----w- C:\ProgramData\SummerSoft
2013-08-26 20:50:05 -------- d-----w- C:\ProgramData\savenshAre
2013-08-26 20:49:54 -------- d-----w- C:\windows\SysWow64\X86
2013-08-26 20:49:53 -------- d-----w- C:\windows\SysWow64\AMD64
2013-08-26 20:10:28 -------- d-----w- D:\PC\AppData\Roaming\TuneUp Software
2013-08-26 20:10:08 -------- d-----w- C:\Program Files (x86)\WinZipper
2013-08-26 20:09:29 -------- d-----w- C:\ProgramData\TuneUp Software
2013-08-26 20:08:59 344064 ----a-w- C:\windows\SysWow64\msvcr70.dll
2013-08-26 20:08:58 974848 ----a-w- C:\windows\SysWow64\mfc70.dll
2013-08-26 20:08:58 487424 ----a-w- C:\windows\SysWow64\msvcp70.dll
2013-08-26 20:08:57 24576 ----a-w- C:\windows\SysWow64\msxml3a.dll
2013-08-26 20:08:57 1700352 ----a-w- C:\windows\SysWow64\GdiPlus.dll
2013-08-26 20:08:55 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-08-26 20:08:55 -------- d--h--w- C:\ProgramData\Common Files
2013-08-26 20:08:45 773712 ----a-w- C:\windows\SysWow64\msvcr100.dll
2013-08-26 20:08:45 420944 ----a-w- C:\windows\SysWow64\msvcp100.dll
2013-08-26 20:08:25 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia
2013-08-26 20:08:24 -------- d-----w- C:\Program Files (x86)\AVS4YOU
2013-08-26 20:06:34 -------- d-----w- C:\Program Files (x86)\BrowseFox
.
==================== Find3M ====================
.
2013-09-16 12:50:36 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-16 12:50:36 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-09-14 20:11:48 790440 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-08-10 05:22:18 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-08-07 02:22:02 278800 ------w- C:\windows\System32\MpSigStub.exe
2013-08-05 02:25:45 155584 ----a-w- C:\windows\System32\drivers\ataport.sys
2013-08-02 02:23:53 5550528 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\windows\System32\smss.exe
2013-08-02 00:45:36 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2013-08-02 00:43:05 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-29 22:45:59 48640 ----a-w- C:\windows\SysWow64\mshtmler.dll
2013-07-29 22:39:55 4096 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-25 09:25:54 1888768 ----a-w- C:\windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:42 2048 ----a-w- C:\windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2013-07-11 20:51:09 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2013-07-11 20:50:54 175616 ----a-w- C:\windows\System32\msclmd.dll
2013-07-09 05:52:52 224256 ----a-w- C:\windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03:53 1910208 ----a-w- C:\windows\System32\drivers\tcpip.sys
.
============= FINISH: 18:55:36,76 ===============

Rosty

15 September 2013, 20:48

Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
Download AdwCleaner (http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner) by Xplode naar het bureaublad.

http://i341.photobucket.com/albums/o365/EvelineGirl/A3qkP9RCEAAOZhQ.jpg

Sluit alle openstaande vensters. Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren... Voor XP: Gewoon dubbelklikken op AdwCleaner. Klik vervolgens op Verwijderen. Klik bij AdwCleaner – Information op OK Klik bij AdwCleaner – Restart Required op OK

Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht

Wouter

15 September 2013, 21:22

Bedankt voor de snelle reactie.
Blijkbaar deed ik iets verkeerd wanneer ik ADWcleaner draaide eerder. Want er komt precies toch wel nog veel uit.
Bedankt om na te kijken!

# AdwCleaner v3.004 - Report created 16/09/2013 at 20:53:17
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : PC - PC-MSI
# Running from : D:\PC\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
Folder Deleted : C:\ProgramData\savenshAre
Folder Deleted : C:\Program Files (x86)\BrowseFox
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DVDVideoSoftTB
Folder Deleted : C:\Program Files (x86)\WinZipper
Folder Deleted : C:\Program Files (x86)\YouTube Downloader Toolbar
File Deleted : D:\END
***** [ Shortcuts ] *****
Shortcut Disinfected : D:\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : D:\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : D:\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : D:\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelc flpgpklppgplejolacbej
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandi ngtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandi ngtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_ RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_ RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAP I32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMA NCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI 32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMAN CS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASA PI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASM ANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2603445
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader _voor_farming-simulator[1]_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader _voor_farming-simulator[1]_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader _voor_gtaiv-patch[1]_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader _voor_gtaiv-patch[1]_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInter net\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\BrowserCompanion
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\V9
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16686

-\\ Google Chrome v29.0.1547.66
*************************
AdwCleaner[R0].txt - [7593 octets] - [16/09/2013 20:52:48]
AdwCleaner[S0].txt - [6519 octets] - [16/09/2013 20:53:17]
########## EOF - D:\AdwCleaner\AdwCleaner[S0].txt - [6579 octets] ##########

Rosty

15 September 2013, 22:44

Nog problemen nu?

Wouter

15 September 2013, 22:54

Het lijkt op het eerste zicht in orde.
Ik kijk of ik nu wel die antivirus er op krijg. Ik hou je op de hoogte.

Bedankt voor de hulp.

Wouter

17 September 2013, 00:02

AVG krijg ik er niet op.
Security Essentials wel. Hij heeft gescand en niets gevonden.

Dus voor mij is dit OK en mag er een slotje op.

Bedankt!