Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
Dizciple
Vervelende popup telkens van bk-coretag.js
Wat te doen?
Hoi Dizciple,
Voer deze stappen uit en plaats de gevraagde logjes.
Aan de hand daarvan kunnen we je verder helpen.
Reacties van ons kunnen e.v.t. wat langer duren dan normaal, omdat het vakantie tijd is.
Succes Huib;)
Weet eerlijk gezegd niet of het een virus is op mn computer. Ik krijg die popup enkel als ik tv series bekijk op www.tubeplus.me
Voorheen had ik daar nooit problemen. Maar sinds een week tijdens het kijken hoor ik af en toe op de achtergrond een reclame, krijg ik tijdens het kijken dus deze popup, of word gewoon het hele scherm afgesloten en komen in plaats daarvan schermen met daarop meldingen over updates van flash en andere players en dergelijke.
Ik vermoed dus dat die site gewoon niet meer in orde is, aangezien ik verder geen last heb met m'n internet. Zou jammer zijn want verrekt handige site..
Hierbij de logjes..
—-
Logfile of random's system information tool 1.10 (written by random/random)
Run by Silver at 2014-07-22 09:56:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 117 GB (76%) free of 154 GB
Total RAM: 8068 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:56:14, on 22-7-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Silver.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivX Web Player Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 8889 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
taskeng.exe {ED6C7AF4-65F7-422C-97D5-5BA114DEF818}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe”
“C:\Windows\system32\Dwm.exe”
“taskhost.exe”
C:\Windows\Explorer.EXE
“C:\Program Files\Intel\iCLS Client\HeciServer.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe”
“C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe”
“C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe”
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
“C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE”
“C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe”
“C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe”
WLIDSvcM.exe 2116
“C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe” /starttray
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe” -s
C:\Windows\servicing\TrustedInstaller.exe
“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
C:\Windows\system32\SearchIndexer.exe /Embedding
“C:\Program Files\Internet Explorer\iexplore.exe”
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:3124 CREDAT:267521 /prefetch:2
“C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe”
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe”
C:\Windows\system32\sppsvc.exe
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe”
C:\Windows\system32\wbem\wmiprvse.exe
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:3124 CREDAT:4134178 /prefetch:2
“C:\Users\Silver\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISO1S2RR\RSITx64.exe”
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
“RtHDVCpl”=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
“IMSS”=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
“Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“SunJavaUpdateSched”=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxdev.dll
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“vidc.uyvy”=msyuv.dll
“vidc.yuy2”=msyuv.dll
“vidc.yvyu”=msyuv.dll
“vidc.iyuv”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“vidc.yvu9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2014-07-22 09:56:11 —-D—- C:\Program Files\trend micro
2014-07-22 09:56:10 —-D—- C:\rsit
2014-07-22 00:21:56 —-A—- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-07-22 00:21:43 —-D—- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 00:21:43 —-A—- C:\Windows\system32\drivers\mwac.sys
2014-07-22 00:21:43 —-A—- C:\Windows\system32\drivers\mbamchameleon.sys
2014-07-22 00:21:43 —-A—- C:\Windows\system32\drivers\mbam.sys
2014-07-22 00:09:49 —-D—- C:\AdwCleaner
2014-07-20 19:47:08 —-D—- C:\Users\Silver\AppData\Roaming\DivX
2014-07-20 19:47:07 —-D—- C:\Program Files\DivX
2014-07-20 19:46:32 —-D—- C:\Program Files (x86)\DivX
2014-06-25 19:39:08 —-A—- C:\Windows\system32\igdumd32.dll
2014-06-25 19:39:08 —-A—- C:\Windows\system32\igd10umd32.dll
2014-06-25 19:32:15 —-A—- C:\Windows\system32\drivers\tmcomm.sys
2014-06-24 22:27:24 —-A—- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-24 22:27:24 —-A—- C:\Windows\SYSWOW64\msxml6.dll
2014-06-24 22:27:24 —-A—- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-24 22:27:24 —-A—- C:\Windows\SYSWOW64\msxml3.dll
2014-06-24 22:27:24 —-A—- C:\Windows\system32\msxml6r.dll
2014-06-24 22:27:24 —-A—- C:\Windows\system32\msxml6.dll
2014-06-24 22:27:24 —-A—- C:\Windows\system32\msxml3r.dll
2014-06-24 22:27:24 —-A—- C:\Windows\system32\msxml3.dll
2014-06-24 22:27:24 —-A—- C:\Windows\system32\drivers\tcpip.sys
2014-06-24 22:27:24 —-A—- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-24 22:27:23 —-A—- C:\Windows\SYSWOW64\urlmon.dll
2014-06-24 22:27:23 —-A—- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-24 22:27:23 —-A—- C:\Windows\SYSWOW64\mshtml.dll
2014-06-24 22:27:23 —-A—- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-24 22:27:23 —-A—- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-24 22:27:23 —-A—- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-24 22:27:23 —-A—- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-24 22:27:23 —-A—- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-24 22:27:23 —-A—- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-24 22:27:23 —-A—- C:\Windows\system32\ieetwproxystub.dll
2014-06-24 22:27:22 —-A—- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-24 22:27:22 —-A—- C:\Windows\SYSWOW64\ieui.dll
2014-06-24 22:27:22 —-A—- C:\Windows\SYSWOW64\iesetup.dll
2014-06-24 22:27:22 —-A—- C:\Windows\SYSWOW64\iertutil.dll
2014-06-24 22:27:22 —-A—- C:\Windows\SYSWOW64\iernonce.dll
2014-06-24 22:27:22 —-A—- C:\Windows\SYSWOW64\ieframe.dll
2014-06-24 22:27:22 —-A—- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-24 22:27:22 —-A—- C:\Windows\system32\urlmon.dll
2014-06-24 22:27:22 —-A—- C:\Windows\system32\msfeeds.dll
2014-06-24 22:27:22 —-A—- C:\Windows\system32\ieetwcollectorres.dll
2014-06-24 22:27:22 —-A—- C:\Windows\system32\ieetwcollector.exe
2014-06-24 22:27:22 —-A—- C:\Windows\system32\ie4uinit.exe
2014-06-24 22:27:22 —-A—- C:\Windows\system32\dxtmsft.dll
2014-06-24 22:27:21 —-A—- C:\Windows\SYSWOW64\wininet.dll
2014-06-24 22:27:21 —-A—- C:\Windows\SYSWOW64\vbscript.dll
2014-06-24 22:27:21 —-A—- C:\Windows\SYSWOW64\msrating.dll
2014-06-24 22:27:21 —-A—- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-24 22:27:21 —-A—- C:\Windows\SYSWOW64\jscript9.dll
2014-06-24 22:27:21 —-A—- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-24 22:27:21 —-A—- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-24 22:27:21 —-A—- C:\Windows\system32\jsproxy.dll
2014-06-24 22:27:21 —-A—- C:\Windows\system32\iesetup.dll
2014-06-24 22:27:21 —-A—- C:\Windows\system32\iertutil.dll
2014-06-24 22:27:21 —-A—- C:\Windows\system32\iernonce.dll
2014-06-24 22:27:20 —-A—- C:\Windows\system32\mshtmlmedia.dll
2014-06-24 22:27:20 —-A—- C:\Windows\system32\mshtmled.dll
2014-06-24 22:27:20 —-A—- C:\Windows\system32\jscript9diag.dll
2014-06-24 22:27:20 —-A—- C:\Windows\system32\ieUnatt.exe
2014-06-24 22:27:20 —-A—- C:\Windows\system32\ieui.dll
2014-06-24 22:27:20 —-A—- C:\Windows\system32\ieframe.dll
2014-06-24 22:27:20 —-A—- C:\Windows\system32\dxtrans.dll
2014-06-24 22:27:19 —-A—- C:\Windows\system32\wininet.dll
2014-06-24 22:27:19 —-A—- C:\Windows\system32\vbscript.dll
2014-06-24 22:27:19 —-A—- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-24 22:27:19 —-A—- C:\Windows\system32\msrating.dll
2014-06-24 22:27:19 —-A—- C:\Windows\system32\mshtml.dll
2014-06-24 22:27:19 —-A—- C:\Windows\system32\jscript9.dll
2014-06-24 22:27:19 —-A—- C:\Windows\system32\ieapfltr.dll
2014-06-24 22:27:18 —-A—- C:\Windows\SYSWOW64\usp10.dll
2014-06-24 22:27:18 —-A—- C:\Windows\system32\usp10.dll
2014-06-24 22:27:17 —-A—- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-24 22:27:17 —-A—- C:\Windows\system32\rdpcorets.dll
======List of files/folders modified in the last 1 month======
2014-07-22 09:56:11 —-RD—- C:\Program Files
2014-07-22 09:56:11 —-D—- C:\Windows\Temp
2014-07-22 09:55:46 —-D—- C:\Windows\System32
2014-07-22 09:55:46 —-A—- C:\Windows\system32\PerfStringBackup.INI
2014-07-22 09:55:45 —-D—- C:\Windows\inf
2014-07-22 09:53:41 —-A—- C:\Windows\SYSWOW64\log.txt
2014-07-22 09:51:48 —-D—- C:\Windows\system32\config
2014-07-22 00:44:23 —-D—- C:\Users\Silver\AppData\Roaming\Skype
2014-07-22 00:21:56 —-D—- C:\Windows\system32\drivers
2014-07-22 00:21:43 —-RD—- C:\Program Files (x86)
2014-07-22 00:13:11 —-D—- C:\Windows
2014-07-22 00:11:28 —-D—- C:\Users\Silver\AppData\Roaming\vlc
2014-07-21 23:00:12 —-D—- C:\Windows\debug
2014-07-21 23:00:12 —-D—- C:\Users\Silver\AppData\Roaming\Azureus
2014-07-20 19:47:55 —-D—- C:\Windows\Prefetch
2014-07-20 19:47:27 —-D—- C:\Windows\Downloaded Program Files
2014-07-20 19:47:19 —-D—- C:\ProgramData\DivX
2014-07-20 19:47:05 —-D—- C:\Windows\SysWOW64
2014-07-20 19:47:03 —-SHD—- C:\Windows\Installer
2014-07-20 19:47:02 —-D—- C:\Windows\winsxs
2014-07-20 19:46:59 —-D—- C:\Program Files (x86)\Common Files
2014-07-16 23:46:10 —-D—- C:\Program Files\Vuze
2014-07-16 13:11:47 —-D—- C:\Windows\system32\catroot2
2014-07-14 13:30:50 —-SHD—- C:\System Volume Information
2014-07-10 22:29:10 —-D—- C:\Users\Silver\AppData\Roaming\FlowStone
2014-06-25 21:16:55 —-D—- C:\Windows\rescache
2014-06-25 19:57:58 —-RSD—- C:\Windows\Media
2014-06-25 19:43:28 —-D—- C:\ProgramData\Malwarebytes
2014-06-25 16:46:17 —-A—- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-06-24 22:30:26 —-D—- C:\Windows\SYSWOW64\en-US
2014-06-24 22:30:26 —-D—- C:\Program Files\Internet Explorer
2014-06-24 22:30:25 —-D—- C:\Windows\system32\en-US
2014-06-24 22:30:25 —-D—- C:\Windows\system32\DriverStore
2014-06-24 22:30:25 —-D—- C:\Program Files (x86)\Internet Explorer
2014-06-24 22:29:30 —-D—- C:\Windows\system32\MRT
2014-06-24 22:28:45 —-A—- C:\Windows\system32\MRT.exe
2014-06-24 22:27:15 —-D—- C:\Windows\system32\catroot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma; C:\Windows\system32\DRIVERS\iusb3hub.sys
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\HECIx64.sys
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys
S3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys
S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
—————–EOF—————–
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 22-7-2014
Scan Time: 10:01:08
Logfile: log.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.22.02
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Silver
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 312810
Time Elapsed: 4 min, 15 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Hoi Dizciple,
ADW cleaner had je net al gedownload zag ik.
Heb je deze ook al laten draaien:S
Zo ja, plaats ook dat logje even hier.
Zo niet, dan eerst deze laten draaien.
Doe nu het volgende:
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Download Zoek.exenaar het bureaublad.
Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
* Dubbelklik vervolgens op Zoek.exe om de tool te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
torpigcheck;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
* Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.
Succes,
Huib;)
Die coretag popup heb ik maar telkens genegeerd en laat ik onderaan de pagina maar gewoon staan. Dat het hele scherm gewoon word afgesloten en daarvoor een scherm in de plaats komt over updates enzo is niet meer gebeurd.
Maar de reclames die je hoort op de achtergrond, tijdens een serie of film kijken, is om de haverklap, zwaar irritant. Op google vond ik er veel over. Ik zou adblock ofzo moeten installeren? Maar dat werkt weer niet met Internet Explorer lees ik?
Anyway, hier het logje..
Zoek.exe v5.0.0.0 Updated 24-07-2014
Tool run by Silver on vr 25-07-2014 at 16:29:39,18.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\zoek.exe
==== System Restore Info ======================
25-7-2014 16:30:10 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
D:\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\Silver\Searches deleted
C:\Users\Silver\AppData\LocalLow\boost_interprocess deleted
“C:\Windows\Installer\5b964.msi” deleted
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8068 MB
CPU Info: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
CPU Speed: 3294,0 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1024 X 768 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH24NS95
Ports: COM1 LPT1
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 150,0GB | D: 1705,0GB
Hard Disks - Free: C: 115,4GB | D: 1663,8GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 10/23/12 | ALASKA - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: Gigabyte Technology Co., Ltd. B75M-D3V
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Spyware: Windows Defender disabled (Outdated)
Internet Explorer Version: 11.0.9600.17126
Adobe Reader version: 10.1.10.18
Sun Java version: 1.7.0_65 (32-bit)
Sun Java version: 1.7.0_55 (64-bit)
Flash Player version: 11.1.102.55
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Silver\AppData\Local\Temp ====
2014-07-20 17:46:12 E4B094EF051253A35D0D2F02B936221F 999232 —-a-w- C:\Users\Silver\AppData\Local\Temp\DivXInstaller.exe
2014-07-19 21:55:26 0E771375445E13429E68CAE720A48B72 35224 —-a-w- C:\Users\Silver\AppData\Local\Temp\i4jdel0.exe
2014-07-11 21:12:11 8AA94A64117D7AFDA8C22176F138DD76 918952 —-a-w- C:\Users\Silver\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
====== Java Cache =====
2014-07-25 11:24:39 415FC9732A3F4D89A0E01251CD66E136 646 —-a-w- C:\Users\Silver\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-5089bc77
2014-06-26 10:22:06 47298DB0CC18671E75DE64CEC0509346 38 —-a-w- C:\Users\Silver\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\2b926a94-f82d0861844aa4371a3180a22f4adc07336787e8f2f7fdd7b21f4edba164e0f2-6.0.lap
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-07-21 22:21:56 8A50D5304E6AE48664CF5838EC32F647 122584 —-a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-07-21 22:21:43 F92B0E478C0FAA6D6661E6E977247E60 25816 —-a-w- C:\Windows\Sysnative\drivers\mbam.sys
2014-07-21 22:21:43 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 —-a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-07-21 22:21:43 15E8ABC06843672955CE26A009533BAD 63704 —-a-w- C:\Windows\Sysnative\drivers\mwac.sys
2014-06-25 17:32:15 A7CF9B841956293F20E25E08D53718D6 175528 —-a-w- C:\Windows\Sysnative\drivers\tmcomm.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-07-22 07:56:11 ——– d—–w- C:\Program Files\trend micro
2014-07-20 17:47:07 ——– d—–w- C:\Program Files\DivX
======= C:\PROGRA~2 =====
2014-07-25 11:24:20 ——– d—–w- C:\PROGRA~2\COMMON~1\Java
2014-07-20 17:46:59 ——– d—–w- C:\PROGRA~2\COMMON~1\DivX Shared
2014-07-20 17:46:32 ——– d—–w- C:\PROGRA~2\DivX
======= C: =====
====== C:\Users\Silver\AppData\Roaming ======
2014-07-20 19:19:18 ACD5DFDD1E7260265D624144BED12CFD 3817 —-a-w- C:\Users\Silver\AppData\Locallow\lpm.dat
2014-07-20 17:48:15 ——– d—–w- C:\Users\Silver\AppData\Local\DDMSettings
2014-07-20 17:47:08 ——– d—–w- C:\Users\Silver\AppData\Roaming\DivX
2014-06-27 13:10:26 ——– d—–w- C:\Users\Silver\AppData\Local\Adobe
2014-06-25 17:36:28 1B7CB1B28C9D2AE2346A471ADD7884CA 10 —-a-w- C:\Users\Silver\AppData\Local\sponge.last.runtime.cache
====== C:\Users\Silver ======
2014-07-25 11:24:24 ——– d—–w- C:\ProgramData\Oracle
2014-07-20 17:47:05 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
====== C: exe-files ==
2014-07-25 14:24:51 B653DD91D5D6E519D3357A80A15A5DFB 1354223 —-a-w- C:\Users\Silver\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISO1S2RR\AdwCleaner.exe
2014-07-22 07:56:11 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Silver.exe
2014-07-20 17:47:24 E4B094EF051253A35D0D2F02B936221F 999232 —-a-w- C:\ProgramData\DivX\Setup\DivXSetup.exe
2014-07-20 17:47:19 3A10B03B41FE3390D696B3B9232B4796 418784 —-a-w- C:\ProgramData\DivX\WebPlayer\Uninstaller.exe
2014-07-20 17:47:18 86A110B246F1AAE499D32D2B46D724F0 420962 —-a-w- C:\ProgramData\DivX\Player\Uninstaller.exe
2014-07-20 17:47:18 083DA3B2E07ABA194D77AB050345622B 414616 —-a-w- C:\ProgramData\DivX\Update\Uninstaller.exe
2014-07-20 17:47:11 4CF76B9C8397F9566169B318F0D441B0 417857 —-a-w- C:\ProgramData\DivX\TransferWizard\Uninstaller.exe
2014-07-20 17:47:10 EDD4991E06A44D5D52B6FDD3AF3F55DD 65099 —-a-w- C:\ProgramData\DivX\DivXMediaServer\Uninstaller.exe
2014-07-20 17:47:10 68076A6DD788155E51F68ADCB8B72DE2 63144 —-a-w- C:\ProgramData\DivX\DesktopService\Uninstaller.exe
2014-07-20 17:47:09 925835B5C3214AFC87ED577C4FF69DF5 414788 —-a-w- C:\ProgramData\DivX\DPC\Uninstaller.exe
2014-07-20 17:47:08 D48416D306AC29F1CC362029C8378626 415584 —-a-w- C:\ProgramData\DivX\Converter\Uninstaller.exe
2014-07-20 17:47:08 2EEF0B5226C6E101BD844894CC2F8F1C 415497 —-a-w- C:\ProgramData\DivX\OVSHelper\Uninstaller.exe
2014-07-20 17:47:08 06DDE261537375A4E649D710D2CADDA5 414936 —-a-w- C:\ProgramData\DivX\DFXPlugin\Uninstaller.exe
2014-07-20 17:47:07 F0DF763862780585BB88A26C886A9ED6 415707 —-a-w- C:\ProgramData\DivX\TranscodeEngine\Uninstaller.exe
2014-07-20 17:47:05 CD1EE09EF3936E259C94AB7205914B0F 54101 —-a-w- C:\ProgramData\DivX\MPEG2Plugin\Uninstaller.exe
2014-07-20 17:47:05 0D2E97B7A645F2FE04DD4EC9163CCD53 419803 —-a-w- C:\ProgramData\DivX\ControlPanel\Uninstaller.exe
2014-07-20 17:47:04 83C970BEDF14FA176A2B21FA7BE86C6B 62264 —-a-w- C:\ProgramData\DivX\Qt4.8\Uninstaller.exe
2014-07-20 17:47:03 9A4B8CFD46D3F8BF58931A2F39EC9B32 414516 —-a-w- C:\ProgramData\DivX\AVCCodec\Uninstaller.exe
2014-07-20 17:47:03 201BB87B19B953D0A5ABFFE7E7F373AA 61667 —-a-w- C:\ProgramData\DivX\MSVC80CRTRedist\Uninstaller.exe
2014-07-20 17:46:12 E4B094EF051253A35D0D2F02B936221F 999232 —-a-w- C:\Users\Silver\AppData\Local\Temp\DivXInstaller.exe
2014-07-19 21:55:26 0E771375445E13429E68CAE720A48B72 35224 —-a-w- C:\Users\Silver\AppData\Local\Temp\i4jdel0.exe
=== C: other files ==
2014-07-21 22:21:56 8A50D5304E6AE48664CF5838EC32F647 122584 —-a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-21 22:21:43 F92B0E478C0FAA6D6661E6E977247E60 25816 —-a-w- C:\Windows\System32\drivers\mbam.sys
2014-07-21 22:21:43 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 —-a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-07-21 22:21:43 15E8ABC06843672955CE26A009533BAD 63704 —-a-w- C:\Windows\System32\drivers\mwac.sys
==== Startup Registry Enabled ======================
“IMSS”=“C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“SunJavaUpdateSched”=“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
==== Startup Registry Enabled x64 ======================
“RtHDVCpl”=“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s”
==== Startup Registry Disabled x64 ======================
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe ARM”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“DivXMediaServer”
“hkey”=“HKLM”
“command”=“C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“DivXUpdate”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\“ /CHECKNOW”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“IAStorIcon”
“hkey”=“HKLM”
“command”=“C:\\Program Files (x86)\\Intel\\Intel(R) Rapid Storage Technology\\IAStorIconLaunch.exe \”C:\\Program Files (x86)\\Intel\\Intel(R) Rapid Storage Technology\\IAStorIcon.exe\“ 60”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“USB3MON”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\Application\\iusb3mon.exe\“”
==== Task Scheduler Jobs ======================
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a——
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\CCleanerSkipUAC”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA”
“C:\Windows\SysNative\tasks\{BD6C5BA8-671B-42BF-90BE-2F0350C7DBB1}”
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2014-03-16 16:46:44 ——– d—–w- C:\PROGRA~3\G DATA
2014-03-20 19:41:35 ——– d—–w- C:\PROGRA~3\Malwarebytes
2014-05-15 21:22:19 ——– d—–w- C:\PROGRA~3\Sun
2014-07-25 11:24:24 ——– d—–w- C:\PROGRA~3\Oracle
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.startpagina.nl/”
No DefaultScope Set For HKCU
New Values:
“Start Page”=“http://www.startpagina.nl/”
“DefaultScope”=“{012E1000-F331-11DB-8314-0800200C9A66}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url=“http://www.google.com/search?q={searchTerms}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{60B6C5E0-64AC-4817-BEFB-94F9B6EC8657} Google Url=“http://www.google.nl/search?hl=nl&q={searchTerms}”
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
==== HijackThis Entries ======================
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivX Web Player Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Silver\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Silver\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=13 folders=5 313732 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Silver\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Silver\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on vr 25-07-2014 at 16:38:28,90 ======================
Hoi Dizciple,
Start Zoek.exe nogmaals.
“zoek.exe” gebruiken:
Sluit nu eerst alle nog openstaande programmavensters!
Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
Windows Vista en Windows 7: start de tool middels rechtsklik op “zoek.exe” en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal er na een tijdje een venster geopend worden.
Met je muis selecteer je nu de volgende keuze “Combined fix”(rechts onderaan)
Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
C:\Users\Silver\AppData\Local\Temp\i4jdel0.exe;f
Klik nu op de knop “Run script”.
Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Plaats dit logje in je volgende bericht.
Over een Adblocker zal ik Jos H van het hardware prikbord vragen om hier te reageren.
Succes,
Huib;)
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
