Ga naar inhoud

RSIT-log i.v.m. besmetting met YAC (Yet Another Cleaner)


Aanbevolen berichten

Op de WIndows 7 computer van mijn zoon heeft hij last  van een of andere nep-bestandenbeoordelaar. Hij heeft de naam YAC/Yet Another Cleaner.  Heeft ook een icoontje staan bij de (verborgen) pictogrammen rechtsonder naast de tijd etc.

 

Hieronder het zojuist aangemaakte RSIT-logje.

 

Ik hoop dat jullie wat kunnen vinden want het wordt een beetje vervelend.

 

Verneem graag verder te ondernemen acties

 

Logfile of random's system information tool 1.10 (written by random/random)

Run by lars at 2015-03-05 18:12:24
Microsoft Windows 7 Professional  Service Pack 1
System drive C: has 93 GB (61%) free of 154 GB
Total RAM: 8082 MB (80% free)
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:12:32, on 5-3-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Sitecom\Common\WLANUtil.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coNatHst.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\lars.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1418828815&from=wpm12173&uid=ST1000DM003-1ER162_S4Y04MJYXXXXS4Y04MJY
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1418828815&from=wpm12173&uid=ST1000DM003-1ER162_S4Y04MJYXXXXS4Y04MJY
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll
O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_074B3F627384F819478C0623F585751D] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX535WD"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Sitecom Wireless Utility.lnk = C:\Program Files (x86)\Sitecom\Common\WLANUtil.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participações Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 11429 bytes
 
======Listing Processes======
 
 
 
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k gpsvcgroup
C:\Windows\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k networkservice
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
C:\Windows\system32\WLANExt.exe 30052320
\??\C:\Windows\system32\conhost.exe "-1679931482433924450-1715309407255700417187610818312575718051750617912-80809317
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
"taskhost.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxTray.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\System32\spool\drivers\x64\3\E_YATIHTE.EXE" /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX535WD"
"C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe"
"C:\Program Files (x86)\Sitecom\Common\WLANUtil.exe" -s
"C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" 
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe"
"C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe"
c:\windows\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2288.0.1184220844\1846008440" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x8086 --gpu-device-id=0x0402 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3960 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe" /c /a /s UserSession
C:\Windows\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
igfxHK.exe 
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ca15e458-602b-43ef-aa4f-b578a8a91936 -SystemEventPortName:HostProcess-8ce01a52-20bc-4c7b-b8ec-e9860310a2cf -IoCancelEventPortName:HostProcess-563babb5-fca3-4264-82e5-63964e7dac19 -NonStateChangingEventPortName:HostProcess-c34f37f4-022f-4489-82a1-734b75e37928 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:812ae9f0-86bb-45a5-9af7-f7c259d889b4 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_94/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2288.2.1455448737\695729444" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_94/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2288.3.484580335\1326601120" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_94/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2288.4.855623575\896008229" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/ControlForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_94/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2288.5.941001796\1191623123" /prefetch:673131151
c:\windows\system32\svchost.exe -k localservicepeernet
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coNatHst.exe" --parent-window=0 chrome-extension://mkfokfffehpeedafpekjeddnmnjhmcmk/ < \\.\pipe\chrome.nativeMessaging.in.d333d962411d301c > \\.\pipe\chrome.nativeMessaging.out.d333d962411d301c
\??\C:\Windows\system32\conhost.exe "1290354638851453551154844844711748153061472763225128610328313108556162055605747
"C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coNatHst.exe"  --parent-window=0 chrome-extension://mkfokfffehpeedafpekjeddnmnjhmcmk/ 
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_94/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2288.34.138143894\1352691327" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_94/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2288.37.678472393\533937844" /prefetch:673131151
 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/ControlForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_94/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2288.38.38208473\1031344598" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516 
"C:\Users\lars\Desktop\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
======Scheduled tasks folder======
 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
 
======Registry dump======
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-07-23 392336]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-12 462760]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-12 171944]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-18 13657304]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-10-03 457616]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe []
"Persistence"=C:\Windows\system32\igfxpers.exe []
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_074B3F627384F819478C0623F585751D"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-02-17 843592]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE [2014-11-13 241280]
 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-26 292848]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Sitecom Wireless Utility.lnk - C:\Program Files (x86)\Sitecom\Common\WLANUtil.exe
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
 
======File associations======
 
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
 
======List of files/folders created in the last 1 month======
 
2015-03-05 18:12:24 ----D---- C:\rsit
2015-03-05 18:12:24 ----D---- C:\Program Files\trend micro
2015-02-17 18:34:22 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-02-17 18:34:22 ----A---- C:\Windows\system32\wdi.dll
2015-02-17 18:34:22 ----A---- C:\Windows\system32\powertracker.dll
2015-02-17 18:34:22 ----A---- C:\Windows\system32\perftrack.dll
2015-02-13 21:46:54 ----A---- C:\Windows\ntbtlog.txt
2015-02-13 16:23:20 ----D---- C:\Program Files (x86)\Craften Terminal
2015-02-12 16:55:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-12 16:55:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 16:55:57 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 16:55:57 ----A---- C:\Windows\system32\jscript9.dll
2015-02-11 14:47:16 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 14:47:16 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 14:47:16 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 14:47:16 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 14:47:16 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-11 14:47:16 ----A---- C:\Windows\system32\aepic.dll
2015-02-11 14:47:16 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 14:47:16 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 14:47:07 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 14:47:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 14:47:07 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 14:47:07 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 14:47:07 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 14:47:07 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 14:47:07 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 14:47:07 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 14:47:07 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 14:47:07 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 14:47:07 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 14:47:07 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 14:47:07 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 14:47:07 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 14:46:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 14:46:53 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 14:46:53 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 14:46:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:46:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 14:46:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 14:46:53 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 14:46:53 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 14:46:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:46:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:46:53 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 14:46:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 14:46:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 14:46:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 14:46:52 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:46:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 14:46:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 14:46:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 14:46:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 14:46:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 14:46:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 14:46:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 14:46:51 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 14:46:51 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:46:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 14:46:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:46:51 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 14:46:51 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 14:46:50 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 14:46:50 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 14:46:50 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 14:46:50 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 14:46:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 14:46:49 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 14:46:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 14:46:49 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 14:46:49 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 14:46:49 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 14:46:49 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 14:46:49 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 14:46:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:46:48 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 14:46:48 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 14:46:47 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 14:46:47 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 14:46:47 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 14:46:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:46:46 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 14:46:01 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 14:46:01 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:45:53 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 14:45:53 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 14:45:52 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-11 14:45:52 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-11 14:45:52 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-11 14:45:52 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 14:45:52 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-11 14:45:52 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 14:45:52 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-11 14:45:52 ----A---- C:\Windows\system32\sspicli.dll
2015-02-11 14:45:52 ----A---- C:\Windows\system32\secur32.dll
2015-02-11 14:45:52 ----A---- C:\Windows\system32\msobjs.dll
2015-02-11 14:45:52 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 14:45:52 ----A---- C:\Windows\system32\lsass.exe
2015-02-11 14:45:52 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 14:45:52 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-11 14:45:52 ----A---- C:\Windows\system32\auditpol.exe
2015-02-11 14:45:52 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 14:45:35 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 14:45:35 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 14:45:35 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 14:45:35 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 14:45:28 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 14:45:28 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 14:44:43 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 14:44:43 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 14:44:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-11 14:44:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 14:44:09 ----A---- C:\Windows\system32\srcore.dll
2015-02-11 14:44:09 ----A---- C:\Windows\system32\rstrui.exe
2015-02-11 14:44:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:44:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-11 14:44:08 ----A---- C:\Windows\system32\srclient.dll
2015-02-11 14:43:18 ----A---- C:\Windows\system32\win32k.sys
2015-02-06 20:11:23 ----D---- C:\Users\lars\AppData\Roaming\Craften Terminal
 
======List of files/folders modified in the last 1 month======
 
2015-03-05 18:12:24 ----RD---- C:\Program Files
2015-03-05 18:06:46 ----D---- C:\Windows\Prefetch
2015-03-05 17:16:29 ----D---- C:\Windows\Temp
2015-03-05 15:00:44 ----D---- C:\Windows\system32\config
2015-03-05 14:50:50 ----D---- C:\Windows\system32\FxsTmp
2015-03-05 14:46:07 ----SHD---- C:\System Volume Information
2015-03-04 18:42:41 ----SHD---- C:\$RECYCLE.BIN
2015-03-04 18:42:31 ----SD---- C:\ProgramData\Microsoft
2015-03-03 20:48:12 ----D---- C:\Windows\Minidump
2015-03-03 20:37:35 ----D---- C:\Windows\system32\drivers
2015-03-03 20:36:40 ----D---- C:\ProgramData\Norton
2015-03-03 20:33:56 ----D---- C:\Program Files (x86)\WinZipper
2015-03-03 19:28:07 ----D---- C:\Windows
2015-03-03 16:36:18 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-28 18:32:04 ----D---- C:\Users\lars\AppData\Roaming\.minecraft
2015-02-26 14:34:26 ----D---- C:\ProgramData\Origin
2015-02-26 14:34:18 ----D---- C:\Program Files (x86)\Origin
2015-02-25 11:50:03 ----D---- C:\Windows\winsxs
2015-02-25 11:48:34 ----D---- C:\Windows\SysWOW64
2015-02-25 11:48:34 ----D---- C:\Windows\System32
2015-02-25 09:06:07 ----D---- C:\Users\lars\AppData\Roaming\.technic
2015-02-18 14:43:12 ----D---- C:\Windows\tracing
2015-02-16 17:55:20 ----D---- C:\Users\lars\AppData\Roaming\Skype
2015-02-15 13:23:33 ----D---- C:\Windows\rescache
2015-02-13 16:23:20 ----RD---- C:\Program Files (x86)
2015-02-12 21:39:39 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-12 21:39:39 ----D---- C:\Windows\system32\en-US
2015-02-12 03:25:11 ----D---- C:\Windows\system32\catroot2
2015-02-12 03:20:41 ----SD---- C:\Windows\system32\CompatTel
2015-02-12 03:20:40 ----D---- C:\Windows\system32\appraiser
2015-02-12 03:20:39 ----D---- C:\Windows\system32\nl-NL
2015-02-12 03:20:39 ----D---- C:\Program Files\Internet Explorer
2015-02-12 03:20:38 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-02-12 03:20:38 ----D---- C:\Windows\SYSWOW64\fr-FR
2015-02-12 03:20:38 ----D---- C:\Windows\SYSWOW64\de-DE
2015-02-12 03:20:37 ----D---- C:\Windows\system32\fr-FR
2015-02-12 03:20:37 ----D---- C:\Windows\system32\de-DE
2015-02-12 03:20:32 ----D---- C:\Windows\PolicyDefinitions
2015-02-12 03:03:57 ----SHD---- C:\Windows\Installer
2015-02-12 03:03:54 ----D---- C:\ProgramData\Microsoft Help
2015-02-11 14:43:13 ----D---- C:\Windows\system32\catroot
2015-02-06 15:55:27 ----D---- C:\Windows\Tasks
 
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2013-08-02 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2013-08-02 28008]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys [2013-04-26 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS [2013-08-01 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS [2014-07-23 1148120]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20150224.001\BHDrvx64.sys [2015-02-03 1622744]
R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [2014-02-21 162392]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-12-11 487216]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20150304.001\IDSvia64.sys [2015-02-06 669400]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2015-01-15 249000]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2015-01-15 99496]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2015-01-15 42152]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2015-01-15 93352]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2015-01-03 52392]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [2014-08-26 876248]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [2014-08-26 37592]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [2014-08-06 266968]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [2014-07-23 593112]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 142640]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-10-03 4753336]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-10-22 3692632]
R3 iusb3hub;Intel® USB 3.0 Hub Driver; C:\Windows\system32\drivers\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys [2013-04-26 786416]
R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\drivers\TeeDriverx64.sys [2013-09-16 99288]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20150304.037\ENG64.SYS [2015-01-26 129752]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20150304.037\EX64.SYS [2015-01-26 2137304]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2010-07-27 1241952]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-08-27 883928]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-09-12 177752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 e1dexpress;Intel® PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2013-05-30 495376]
S3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-06-17 450520]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys [2015-01-15 45224]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2012-08-23 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-10-02 29696]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
 
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2013-05-07 936728]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-10-03 329104]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2015-01-15 120128]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [2014-09-21 276376]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe [2009-12-15 185632]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64; C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe [2009-12-15 212256]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-10-03 279952]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-12 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-05 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-01-16 1903472]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-14 1255736]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
 
-----------------EOF-----------------
 

 

Link naar reactie
Delen op andere sites

We beginnen hier mee.

Download 51a46ae42d560-malwarebytes_anti_malware.MalwareBytes Anti-Malware bij voorkeur naar het bureaublad.

  • Dubbelklik op mbam-setup-2.0.exe om de installatie van Malwarebytes Anti-Malware te starten.
  • Volg de verdere aanwijzingen, de volledige installatieprocedure kunt u nalezen op de volgende link - Malwarebytes Anti-Malware installeren.
  • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
  • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
  • De scan wordt nu automatisch gestart, gebruik de computer bij voorkeur niet tijdens de scan.
  • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
    • Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
    • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
    • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
  • Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
    • Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
    • Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
    • Selecteer het laatste Scanlogboek en klik op de knop Bekijk.
    • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
    • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
    • Voeg het logbestand wat u zojuist heeft opgeslagen als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in Malwarebytes Anti-Malware bij Historie > Programmalogboeken)
532aab157609a-MBAM-Scan.png

MalwareBytes' Anti-Malware logbestand plaatsen

  • Voeg het logbestand wat u zojuist heeft opgeslagen als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in Malwarebytes Anti-Malware bij Historie > Programmalogboeken)
Link naar reactie
Delen op andere sites

HOi Juisterr,

Inmiddels blijkt dat ook zijn Internet Explorer wat besmet is. Deze start op met "sweet-page.com/etc.etc.etc." ondanks dat ik google.nl weer als startpagina heb geinstalleerd. Kan je daar ook naar kijken? Te ondernemen acties verneem ik wel.

Link naar reactie
Delen op andere sites

  • 2 weken later...

Hallo, goede morgen.

Op de een of andere manier krijg ik geen melding van dit topic dus ben je over het hoofd gezien.

In ieder geval.

Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.

Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.

(hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (klik hier voor meer informatie over hoe zoek.exe te gebruiken)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

     
    emptyfolderscheck;
    firefoxlook; 
    Chromelook; 
    CHRdefaults;
    autoclean; 
    iedefaults; 
    filesrcm;   
    
    
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.
Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.