Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Met MBAM al 172 bedreigingen verwijderd

f.j.stols
15 antwoorden
  • Na een paar maanden heeft miijn zoon MBAM eens opgestart. Hij vond dat de computer langzamer werd. MBAM heeft 172 itens verwijderd.
    Hier is de logfile:

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.08.12.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 8.0.7601.17514
    WinOS :: WINOS-PC [administrator]

    8/12/2013 12:26:02 PM
    mbam-log-2013-08-12 (12-26-02).txt

    Scan type: Full scan (C:\|D:\|E:\|H:\|I:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 527292
    Time elapsed: 40 minute(s), 47 second(s)

    Memory Processes Detected: 4
    C:\Program Files (x86)\WDesktop.Updater.exe (PUP.Optional.WebCake.A) -> 2128 -> Delete on reboot.
    C:\Users\WinOS\AppData\Roaming\Web Cake\WebCakeDesktop.exe (PUP.WebCake.A) -> 2852 -> Delete on reboot.
    C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (PUP.Optional.BrowserDefender.A) -> 1808 -> Delete on reboot.
    C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (PUP.Optional.BrowserDefender.A) -> 5548 -> Delete on reboot.

    Memory Modules Detected: 1
    C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll (PUP.Optional.BrowserDefender.A) -> Delete on reboot.

    Registry Keys Detected: 48
    HKLM\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
    HKCR\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
    HKCR\WebCakeIEClient.Layers.1 (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
    HKCR\WebCakeIEClient.Layers (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{BD53CB8C-E452-B632-313E-B49FC195CC5F} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BD53CB8C-E452-B632-313E-B49FC195CC5F} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BD53CB8C-E452-B632-313E-B49FC195CC5F} (PUP.Optional.MultiPlug.A) -> Delete on reboot.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD53CB8C-E452-B632-313E-B49FC195CC5F} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\escort.escortIEPane.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\escort.escortIEPane (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\delta.deltaHlpr (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Delete on reboot.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\esrv.deltaESrvc.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\esrv.deltaESrvc (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Delete on reboot.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\delta.deltaappCore.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\delta.deltaappCore (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKCR\d (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BrowserDefender.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EB03EF39-C655-D560-FA95-79182B837D64} (PUP.Optional.SilentInstall.A) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.
    HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.
    HKCR\WebCakeIEClient.Api (PUP.WebCake) -> Quarantined and deleted successfully.
    HKCR\WebCakeIEClient.Api.1 (PUP.WebCake) -> Quarantined and deleted successfully.
    HKCR\AppID\WebCakeIEClient.DLL (PUP.WebCake) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.WebCake) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 5
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WebCake Desktop (PUP.WebCake.A) -> Data: C:\Users\WinOS\AppData\Roaming\Movdap\WebCakeDesktop.exe -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: Delta Toolbar -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Google Update (Trojan.Agent) -> Data: C:\Users\WinOS\AppData\Roaming\svchost.exe -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta) -> Data: -> Quarantined and deleted successfully.

    Registry Data Items Detected: 1
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bad: (c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll) Good: () -> Delete on reboot.

    Folders Detected: 18
    C:\ProgramData\MagniPic (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.
    C:\ProgramData\MagniPic\data (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\WebCake (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\WebCake\dat (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\WebCake\dat\update (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\Delta (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Delta\delta\1.8.21.5\bh (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.

    Files Detected: 97
    C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll (Adware.BProtector) -> Delete on reboot.
    C:\Program Files (x86)\WDesktop.Updater.exe (PUP.Optional.WebCake.A) -> Delete on reboot.
    C:\Users\WinOS\AppData\Roaming\Web Cake\WebCakeDesktop.exe (PUP.WebCake.A) -> Delete on reboot.
    C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\Users\WinOS\AppData\Roaming\Movdap\WebCakeDesktop.exe (PUP.WebCake.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Web Cake\WebCakeIEClient.dll (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
    C:\ProgramData\MagniPic\51a89c9c30108.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Delta\delta\1.8.21.5\deltasrv.exe (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    C:\Program Files\Internet Explorer\ieutil.exe (PUP.BitCoinMiner) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Activision\CoD 2.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaApp.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaEng.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PUP.Optional.OptimizePro.A) -> Quarantined and deleted successfully.
    C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (PUP.Browser.Defender.A) -> Delete on reboot.
    C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Browser.Defender.A) -> Delete on reboot.
    C:\ProgramData\BrowserProtect\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
    C:\ProgramData\MagniPic\uninstall.exe (PUP.Optional.SilentInstall.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\Temporary\ieutil.exe (PUP.BitCoinMiner) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Local\Temp\3388.tmp (Trojan.PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Local\Temp\3CD3.tmp (PUP.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Local\Temp\8132.tmp (PUP.Browser.Defender.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Local\Temp\EA6.tmp (PUP.Browser.Defender.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Local\Temp\setup_fsu_cid.exe (Trojan.PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Local\Temp\3D0F253B-BAB0-7891-B36A-3CE759BE56A2\MyBabylonTB.exe (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Local\Temp\Temp1_Malwarebytes Anti-Malware 1.75.0.1300 Pro Final + Keygen - Cyclonoid.zip\Malwarebytes Anti-Malware 1.75.0.1300 Pro Final + Keygen - Cyclonoid\Keygen\w00t.exe (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Local\Temp\updCE75\BabMaint.x (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Local\Temp\updEA3D\BabMaint.x (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Local\Temp\{083105EB-A8E8-4165-A38E-E0CAD3D2271D}\Addons\magnipic_setup.exe (PUP.Adware.MultiPlug) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\File Scout\filescout.exe (Trojan.PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\2 Need for Speed Shift 2 - Unleashed v1.0 +5 TRAINER.rar (HackTool.GamesCheat) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\CoD 2 Public.zip (Backdoor.IRCBot) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\CoD2 ClientHook..rar (PasswordStealer.Agent) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\COD2Bot by Pisti (1).rar (Trojan.Agent.H) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\COD2Bot by Pisti.rar (Trojan.Agent.H) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\CoD2PublicLudixBot.rar (Trojan.Agent.H) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\CoD2_hwbp.rar (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\Dead_Space_3_1.0_+_28_Trainer.rar (HackTool.GamesCheat) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\FCry3+21Tr-LNG.rar (VirTool.Obfuscator) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\GuitarFX-setup (1).zip (Adware.RKN) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\Malwarebytes Anti-Malware 1.75.0.1300 Pro Final + Keygen - Cyclonoid.zip (Dont.Steal.Our.Software) -> Delete on reboot.
    C:\Users\WinOS\Downloads\SleepD+15TR-LNG_V1.4_Alternate.rar (VirTool.Obfuscator) -> Quarantined and deleted successfully.
    C:\Users\WinOS\Downloads\SoftonicDownloader_for_tuxguitar.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.
    D:\Dead Space 3 1.0 + 28 Trainer.exe (HackTool.GamesCheat) -> Quarantined and deleted successfully.
    D:\Games\Dirt 3\paul.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
    D:\Games\Dirt 3\SKIDROW.dll (Trojan.Downloader.H) -> Quarantined and deleted successfully.
    D:\Games\Dirt 3
    ew\paul.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
    D:\Games\Dirt 3
    ew\SKIDROW.dll (Trojan.Downloader.H) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\ProgramData\MagniPic\51a89c9c30108.tlb (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.
    C:\ProgramData\MagniPic\settings.ini (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.
    C:\ProgramData\MagniPic\data\MagniPic.dat (PUP.Adware.Magnipic) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\WebCake\PlugIns.cache (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\WebCake\WebCakeDesktop.exe (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\WebCake\dat\Desktop.OS.dll (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\WebCake\dat\Maintain.dat (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\WebCake\dat\Paladin.dat (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\WebCake\dat\Phoenix.dat (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll (PUP.WebCake) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptimizerPro.chm (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\English.ini (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\file_id.diz (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\HomePage.url (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProGuard.exe (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProSchedule.exe (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProStart.exe (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProUninstaller.exe (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\scan.gif (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\sqlite3.dll (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\unins000.dat (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\unins000.exe (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\Delta\sqlite3.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Users\WinOS\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Delta\delta\1.8.21.5\GUninstaller.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Delta\delta\1.8.21.5\uninstall.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.

    (end)

    Zou iemand mij hier eens verder mee willen helpen?
    MVG perloc

  • Het is allemaal vervelende adaware.
    Bovendien kan al die troep Windows vetragen - maar dito ook de internetverbinding!

  • Dank voor antwoord.
    Hier zijn de logs:

    # AdwCleaner v2.306 - Logfile created 08/12/2013 at 14:06:54
    # Updated 19/07/2013 by Xplode
    # Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
    # User : WinOS - WINOS-PC
    # Boot Mode : Normal
    # Running from : C:\Users\WinOS\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****

    Stopped & Deleted : BrowserProtect

    ***** [Files / Folders] *****

    File Deleted : C:\Users\WinOS\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
    File Deleted : C:\Users\WinOS\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
    File Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft XNA Game Studio 3.1\XNA Game Studio Documentation.lnk
    Folder Deleted : C:\Program Files (x86)\delta
    Folder Deleted : C:\Program Files (x86)\MagniPic
    Folder Deleted : C:\Program Files (x86)\WebCake
    Folder Deleted : C:\ProgramData\Babylon
    Folder Deleted : C:\ProgramData\BrowserProtect
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagniPic
    Folder Deleted : C:\Users\WinOS\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\WinOS\AppData\LocalLow\delta
    Folder Deleted : C:\Users\WinOS\AppData\LocalLow\MagniPic
    Folder Deleted : C:\Users\WinOS\AppData\Roaming\file scout
    Folder Deleted : C:\Users\WinOS\Documents\optimizer pro

    ***** [Registry] *****

    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\AppDataLow\SProtector
    Key Deleted : HKCU\Software\BabSolution
    Key Deleted : HKCU\Software\DataMngr
    Key Deleted : HKCU\Software\DataMngr_Toolbar
    Key Deleted : HKCU\Software\Delta
    Key Deleted : HKCU\Software\filescout
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
    Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\StartSearch
    Key Deleted : HKCU\Software\5e578dd9b33abf48
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Deleted : HKLM\Software\Babylon
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
    Key Deleted : HKLM\Software\DataMngr
    Key Deleted : HKLM\Software\Delta
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
    Key Deleted : HKLM\Software\PIP
    Key Deleted : HKLM\Software\SP Global
    Key Deleted : HKLM\Software\SProtector
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\5e578dd9b33abf48
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SP_008a99b9
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
    Key Deleted : HKLM\SOFTWARE\Tarma Installer
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.7601.17514

    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=120695&tt=gc_&babsrc=HP_ss_din2g&mntrId=5AC0BC5FF40F4C71 –> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.delta-search.com/?affID=120695&tt=gc_&babsrc=NT_ss&mntrId=5AC0BC5FF40F4C71 –> hxxp://www.google.com

    -\\ Google Chrome v [Unable to get version]

    File : C:\Users\WinOS\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Deleted [l.25] : keyword = "babylon.com",
    Deleted [l.29] : search_url = "hxxp://www.delta-search.com/?q={searchTerms}&affID=120695&tt=gc_&babsrc=SP_ss&m[…]

    *************************

    AdwCleaner[S1].txt - [8006 octets] - [12/08/2013 14:06:54]

    ########## EOF - C:\AdwCleaner[S1].txt - [8066 octets] ##########


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 5.4.4 (08.12.2013:1)
    OS: Windows 7 Ultimate x64
    Ran by WinOS on Mon 08/12/2013 at 14:12:31.73
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
    Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\WinOS\AppData\Roaming\web cake"
    Successfully deleted: [Folder] "C:\Users\WinOS\appdata\local\cre"
    Successfully deleted: [Folder] "C:\Program Files (x86)\web cake"



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Mon 08/12/2013 at 14:16:06.53
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.adlice.com/forum/
    Website : http://www.adlice.com/softwares
    oguekiller/
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : WinOS [Admin rights]
    Mode : Scan – Date : 08/12/2013 14:22:31
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 4 ¤¤¤
    [HJ POL] HKCU\[…]\System : DisableTaskMgr (0) -> FOUND
    [HJ POL] HKCU\[…]\System : DisableRegistryTools (0) -> FOUND
    [HJ DESK] HKLM\[…]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Scheduled tasks : 1 ¤¤¤
    [V2][SUSP PATH] EPUpdater : C:\Users\WinOS\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [x] -> FOUND

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    –> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: WDC WD5000AAKX-001CA0 ATA Device +++++
    — User —
    [MBR] 6021908a6e7b0308b8b2319296b3c199
    [BSP] 42238629aa0d8fd745762ba29ed5e511 : Linux MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 66457 Mo
    2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 136311586 | Size: 410381 Mo
    User = LL1 … OK!
    User = LL2 … OK!

    Finished : << RKreport[0]_S_08122013_142231.txt >>

    RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.adlice.com/forum/
    Website : http://www.adlice.com/softwares
    oguekiller/
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : WinOS [Admin rights]
    Mode : Remove – Date : 08/12/2013 14:22:47
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 4 ¤¤¤
    [HJ POL] HKCU\[…]\System : DisableTaskMgr (0) -> DELETED
    [HJ POL] HKCU\[…]\System : DisableRegistryTools (0) -> DELETED
    [HJ DESK] HKLM\[…]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
    [HJ DESK] HKLM\[…]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Scheduled tasks : 1 ¤¤¤
    [V2][SUSP PATH] EPUpdater : C:\Users\WinOS\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [x] -> DELETED

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    –> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: WDC WD5000AAKX-001CA0 ATA Device +++++
    — User —
    [MBR] 6021908a6e7b0308b8b2319296b3c199
    [BSP] 42238629aa0d8fd745762ba29ed5e511 : Linux MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 66457 Mo
    2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 136311586 | Size: 410381 Mo
    User = LL1 … OK!
    User = LL2 … OK!

    Finished : << RKreport[0]_D_08122013_142247.txt >>
    RKreport[0]_S_08122013_142231.txt

    perloc

  • Goed gedaan.
    We kijken nogmaals diep.

    [b:e622570e59]Welk programma[/b:e622570e59]: [img:e622570e59]http://www.imgdumper.nl/uploads6/51c590ce3cf4a/51c590ce361e7-ComboFix_resized_2.png[/img:e622570e59]
  • Alles zonder problemen verlopen.
    Hier is de log:

    ComboFix 13-08-12.01 - WinOS 08/12/2013 15:50:06.1.4 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8150.6845 [GMT 2:00]
    Running from: c:\users\WinOS\Downloads\ComboFix.exe
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\WinOS\AppData\Local\assembly\tmp
    c:\users\WinOS\AppData\Roaming\Fueg
    c:\users\WinOS\AppData\Roaming\Fueg\poep.ity
    c:\users\WinOS\AppData\Roaming\Ivcau
    c:\users\WinOS\AppData\Roaming\Ivcau\bexa.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2013-07-12 to 2013-08-12 )))))))))))))))))))))))))))))))
    .
    .
    2013-08-12 13:53 . 2013-08-12 13:53 ——– d—–w- c:\users\UpdatusUser\AppData\Local\temp
    2013-08-12 13:53 . 2013-08-12 13:53 ——– d—–w- c:\users\Default\AppData\Local\temp
    2013-08-12 12:12 . 2013-08-12 12:12 ——– d—–w- c:\windows\ERUNT
    2013-08-12 10:16 . 2013-08-12 10:16 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2013-08-12 10:16 . 2013-04-04 12:50 25928 —-a-w- c:\windows\system32\drivers\mbam.sys
    2013-08-12 09:44 . 2013-08-12 09:44 ——– d—–w- c:\users\WinOS\AppData\Roaming\Malwarebytes
    2013-08-12 09:44 . 2013-08-12 09:44 ——– d—–w- c:\programdata\Malwarebytes
    2013-08-11 11:09 . 2013-08-12 11:11 ——– d—–w- c:\users\WinOS\AppData\Roaming\Movdap
    2013-08-08 18:43 . 2013-08-08 19:30 ——– d—–w- c:\users\WinOS\AppData\Roaming\Audacity
    2013-08-07 15:18 . 2013-08-12 13:40 ——– d—–w- c:\users\WinOS\AppData\Roaming\Skype
    2013-08-07 15:18 . 2013-08-07 15:18 ——– d—–w- c:\program files (x86)\Common Files\Skype
    2013-08-07 15:18 . 2013-08-07 15:18 ——– d—–r- c:\program files (x86)\Skype
    2013-08-07 12:14 . 2013-08-07 12:14 ——– d—–w- c:\program files (x86)\Microsoft XNA
    2013-08-07 09:38 . 2013-08-07 09:38 ——– d—–w- c:\program files\Paint.NET
    2013-08-07 09:32 . 2013-08-12 11:54 ——– d—–w- c:\users\WinOS\AppData\Local\Paint.NET
    2013-08-05 12:32 . 2013-08-05 12:40 ——– d—–w- c:\program files (x86)\NovaLogic
    2013-08-05 04:23 . 2013-08-05 04:23 1192832 —-a-w- c:\windows\Mall Tycoon 2 Uninstaller.exe
    2013-08-05 04:22 . 2013-08-05 04:22 ——– d—–w- c:\program files (x86)\Global Star Software
    2013-08-05 04:21 . 2013-08-05 04:21 ——– d—–w- c:\program files\Plastic Reality Technologies
    2013-08-04 15:24 . 2013-08-04 15:25 ——– d—–w- c:\program files (x86)\Railroad Tycoon 3
    2013-08-04 15:24 . 2013-08-04 15:24 282756 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
    2013-08-04 15:24 . 2013-08-04 15:24 163972 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
    2013-08-04 15:24 . 2003-02-27 14:12 696320 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
    2013-08-04 15:24 . 2002-12-05 12:10 155648 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
    2013-08-04 15:24 . 2002-12-02 13:22 5632 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
    2013-08-04 15:24 . 2002-12-02 11:33 57344 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
    2013-08-04 15:24 . 2002-12-02 11:33 237568 —-a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
    2013-08-02 09:17 . 2013-08-12 13:53 ——– d—–w- c:\users\WinOS\AppData\Local\assembly
    2013-08-01 15:27 . 2013-08-07 14:36 ——– d—–w- C:\BegVCsharp
    2013-08-01 12:54 . 2008-07-10 14:33 50200 —-a-w- c:\windows\SysWow64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
    2013-08-01 12:53 . 2008-07-10 14:33 79896 —-a-w- c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
    2013-08-01 12:52 . 2013-08-01 12:52 ——– d—–w- c:\program files\Microsoft SQL Server
    2013-08-01 12:52 . 2013-08-01 12:52 ——– d—–w- c:\windows\SysWow64\1033
    2013-08-01 12:52 . 2013-08-01 12:52 ——– d—–w- c:\windows\system32\1033
    2013-08-01 12:50 . 2013-08-01 12:53 ——– d—–w- c:\program files (x86)\Microsoft SQL Server
    2013-08-01 12:49 . 2013-08-01 12:49 ——– d—–w- c:\program files (x86)\Microsoft Silverlight
    2013-08-01 12:49 . 2013-08-01 12:49 ——– d—–w- c:\program files (x86)\Microsoft Synchronization Services
    2013-08-01 12:47 . 2013-08-01 12:49 ——– d—–w- c:\program files (x86)\Microsoft Visual Studio 9.0
    2013-08-01 12:47 . 2013-08-01 12:47 ——– d—–w- c:\program files (x86)\Microsoft SDKs
    2013-08-01 12:47 . 2013-08-01 12:47 ——– d—–w- c:\program files\Microsoft SDKs
    2013-08-01 12:47 . 2013-08-01 12:47 ——– d—–w- c:\program files\Microsoft Visual Studio 9.0
    2013-07-30 15:21 . 2013-07-30 15:21 ——– d—–w- c:\users\WinOS\AppData\Local\Microsoft Games
    2013-07-30 15:11 . 2013-08-07 05:04 ——– d—–w- c:\users\WinOS\AppData\Roaming\.minecraft
    2013-07-30 15:02 . 2013-07-30 15:02 ——– d—–w- c:\program files (x86)\Common Files\Java
    2013-07-30 15:02 . 2013-07-30 15:02 867240 —-a-w- c:\windows\SysWow64
    pDeployJava1.dll
    2013-07-30 15:02 . 2013-07-30 15:02 789416 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2013-07-30 15:02 . 2013-07-30 15:02 96168 —-a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-07-30 12:33 . 2013-08-10 15:58 ——– d—–w- c:\programdata\Tunngle
    2013-07-30 12:33 . 2013-07-30 15:55 ——– d—–w- c:\users\WinOS\AppData\Roaming\Tunngle
    2013-07-30 12:33 . 2009-09-16 05:02 31232 —-a-w- c:\windows\system32\drivers\tap0901t.sys
    2013-07-30 12:33 . 2013-07-30 12:33 ——– d—–w- c:\program files (x86)\Tunngle
    2013-07-28 05:34 . 2013-07-28 05:34 ——– d—–w- c:\users\WinOS\AppData\Roaming\Spore
    2013-07-27 09:15 . 2013-07-27 09:15 ——– d—–w- c:\programdata\3DMGAME
    2013-07-27 07:59 . 2013-07-27 07:59 ——– d—–w- c:\users\WinOS\AppData\Local\FalloutNV
    2013-07-22 13:52 . 2013-07-22 13:52 ——– d—–w- c:\windows\Profiles
    2013-07-22 13:52 . 2013-07-22 13:52 ——– d—–w- c:\program files (x86)\Common Files\Adobe
    2013-07-22 13:52 . 1997-01-22 18:26 565760 —-a-w- c:\windows\SysWow64\MSVCP50.DLL
    2013-07-21 16:50 . 2001-04-11 16:25 77824 —-a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
    2013-07-21 16:50 . 2001-04-11 16:25 225280 —-a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
    2013-07-21 16:50 . 2001-04-11 16:21 176128 —-a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
    2013-07-21 16:50 . 2001-04-11 16:20 32768 —-a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
    2013-07-21 11:39 . 2013-07-21 11:39 ——– d—–w- c:\windows\wb
    2013-07-21 11:39 . 1996-08-16 12:44 87552 —-a-r- c:\windows\system\url.dll
    2013-07-21 11:37 . 2013-07-21 11:37 ——– d—–w- c:\program files (x86)\Hothouse Creations
    2013-07-21 11:36 . 1998-10-29 13:45 306688 —-a-w- c:\windows\IsUninst.exe
    2013-07-19 15:11 . 2013-07-19 15:11 ——– d–h–r- c:\users\WinOS\AppData\Roaming\SecuROM
    2013-07-18 11:50 . 2013-07-18 11:50 ——– d—–w- c:\program files\Common Files\EasyInfo
    2013-07-14 05:07 . 2013-07-14 05:07 ——– d–h–w- c:\program files (x86)\Common Files\EAInstaller
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-06-29 11:54 . 2013-06-29 11:54 466456 —-a-w- c:\windows\system32\wrap_oal.dll
    2013-06-29 11:54 . 2013-06-29 11:54 444952 —-a-w- c:\windows\SysWow64\wrap_oal.dll
    2013-06-29 11:54 . 2013-06-29 11:54 122904 —-a-w- c:\windows\system32\OpenAL32.dll
    2013-06-29 11:54 . 2013-06-29 11:54 109080 —-a-w- c:\windows\SysWow64\OpenAL32.dll
    2013-06-02 08:20 . 2004-11-02 15:21 472336 —-a-w- c:\windows\SysWow64\ssleay32.dll
    2013-06-02 08:15 . 2012-08-30 13:48 1106432 —-a-w- c:\windows\SysWow64\libeay32.dll
    2013-06-02 07:31 . 2012-10-26 07:34 1253888 —-a-w- c:\windows\SysWow64\fmodex.dll
    2013-05-28 13:05 . 2013-07-08 14:40 163328 —-a-w- c:\windows\SysWow64\FlashPlayerUpdateService.exe
    2013-05-26 18:09 . 2011-11-16 16:45 668672 —-a-w- c:\windows\system32\ISDone.dll
    2013-05-26 18:03 . 2011-11-16 16:45 668672 —-a-w- c:\windows\SysWow64\ISDone.dll
    2013-05-20 21:29 . 2013-05-20 21:07 281688 —-a-w- c:\windows\SysWow64\PnkBstrB.xtr
    2013-05-20 21:07 . 2013-05-20 21:06 281688 —-a-w- c:\windows\SysWow64\PnkBstrB.ex0
    2013-05-20 01:47 . 2013-05-14 15:09 283200 —-a-w- c:\windows\system32\drivers\dtsoftbus01.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
    "iehighutil"="c:\temporary\iehighutil.exe" [2013-02-25 526247]
    "Facebook Update"="c:\users\WinOS\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-08-06 138096]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-07-25 20684656]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "mixer3"=wdmaud.drv
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 MBAMScheduler;MBAMScheduler;mbamscheduler.exe;mbamscheduler.exe [x]
    R2 MBAMService;MBAMService;mbamservice.exe;mbamservice.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    R3 AsrCDDrv;AsrCDDrv;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys [x]
    R3 cxasbt;cxasbt;d:\games\Avatar Star\avital\cxasbt64.sys;d:\games\Avatar Star\avital\cxasbt64.sys [x]
    R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
    R3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys;c:\windows\SYSNATIVE\drivers\psmounter.sys [x]
    R3 PSVolAcc;PSVolAcc; [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
    R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
    R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
    S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
    S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe;c:\program files\Macrium\Reflect\ReflectService.exe [x]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision
    vSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision
    vSCPAPISvr.exe [x]
    S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
    S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
    S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-08-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1201375777-1936072235-1431956680-1000Core.job
    - c:\users\WinOS\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-06 17:45]
    .
    2013-08-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1201375777-1936072235-1431956680-1000UA.job
    - c:\users\WinOS\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-06 17:45]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-05-18 11855976]
    .
    ——- Supplementary Scan ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    TCP: DhcpNameServer = 192.168.1.1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
    .
    .
    .
    ——————— LOCKED REGISTRY KEYS ———————
    .
    [HKEY_USERS\S-1-5-21-1201375777-1936072235-1431956680-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:aa,bc,24,e9,2e,c5,d7,a1,97,9a,cc,52,ed,ff,c8,a1,df,50,5c,01,bb,d7,a1,
    dc,74,88,f6,6b,51,a0,91,ff,75,a3,2f,9f,55,1a,33,66,90,71,5f,2f,27,ca,05,d3,\
    "??"=hex:c8,28,21,db,eb,6f,77,94,ce,e2,0f,3a,d5,1f,9d,fd
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
    "Licence0"="04F0D21-79D8-7A25-D702-433F"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2013-08-12 15:55:09
    ComboFix-quarantined-files.txt 2013-08-12 13:55
    .
    Pre-Run: 11,906,535,424 bytes free
    Post-Run: 13,083,213,824 bytes free
    .
    - - End Of File - - 8E48316D04E6F8B0A34A18C28DE876F7
    A3095E5B8060D0D6B97E87EC1BB50C3C

    perloc


  • Hoe is de stand van zaken op dit moment met jouw zoon's PC?
  • Ik hoor geen klachten. Hij zegt dat ie een stuk sneller is.
    Het verwijderen van de malware heeft niet het probleem van het flikkeren (af en toe een paar maal per dag) van het scherm opgelost. Ik had gehoopt dat dat een malware probleem was, maar we houden het nu toch maar op een hardware probleem. Er zal een nieuwe videokaart moeten komen maar het is nog zo weinig dat dat nog wel even kan worden uitgesteld.

    Dank voor de hulp!!
    perloc
  • Doe het volgende dan en post enkel de link:

    [b:e86f5fc201]Welk programma[/b:e86f5fc201]: [img:e86f5fc201]http://www.imgdumper.nl/uploads7/51ec442687761/51ec442687372-sp_64_Canned.png[/img:e86f5fc201]
  • Ik heb dit programma van de week gedraaid. En je wilt niet weten wat het allemaal in mijn systeem sloopte. Dus kijk ermee uit. Regclean pro deed het niet meer, AVG werkte niet meer naar behoren. Het heeft me uren gekost, om doel weer op orde te brengen. Zelfs vertrouwde sites, waren uit mijn favos verwijdert. Lekker dan.
  • Wat er dan met jouw Windows loos was, mag joost weten.
    Sspeccy is enkel een analyze tool.
  • [quote:2a81bd129d="Rick Gimpel"]Ik heb dit programma van de week gedraaid. En je wilt niet weten wat het allemaal in mijn systeem sloopte. Dus kijk ermee uit. Regclean pro deed het niet meer, AVG werkte niet meer naar behoren. Het heeft me uren gekost, om doel weer op orde te brengen. Zelfs vertrouwde sites, waren uit mijn favos verwijdert. Lekker dan.[/quote:2a81bd129d]

    Even los van het feit of wat je schrijft al dan niet zo is, natuurlijk had je voor die tijd een image gemaakt van je c:\partitie en die binnen twintig minuten terug kunnen zetten. :o
  • Waarom zou ik erover liegen. Voor die tijd werkte alles prima. Mijn bedoeling was, dat je met dergelijke software moet oppassen. Het verwijderen van schadelijke rotzooi, blijf ik dan maar met het handje doen.
  • Speccy wordt ook door mij al jaren ingezet en nog nooit is er ook maar enige melding binnen gekomen dat er iets fout gelopen is.
    Jij bent de eerste.

    Vermoedelijk het gegeven dat wat jij schrijft: "Het verwijderen van schadelijke rotzooi, blijf ik dan maar met het handje doen".

    Hoe verwijder jij dan met het handje bijv. een superintelligente rootkit uit jouw Windows.
    Want vergis je niet in het intellect van malwareschrijvers.
  • De echte intelligente malware is helaas lastig. Maar het blijft de vraag, hoever ga je met je beveiliging. Want als er weer iets nieuws opduikt, is de remedie als mosterd na de maaltijd. En hoever wil je, of vind je het nodig om die beveiligingen toe te passen. Want met al die toepassingen, word meer en meer jouw vrijheid op het net beperkt. Daar duiken veel softwaremakers, graag op in.(Het gaat ze om de knikkers)

    Ik denk dat je het je niveau van je beveiliging, moet bepalen op wat je werkelijk acht. Echte belangrijke data, dus extern opslaan. Aangezien de malware makers internationaal opereren, ze moeilijk aan te pakken zijn. Dat is weer een nadeel, van het vrije medium wat internet heet.

    Ik denk dat we het medicijn, niet erger meten maken dan de kwaal. En ben bang, dat de discussie daarover, eindeloos gaat duren.
  • Speccy gebruik ik zelf ook al jaren en heb er zelf nog nooit enig probleem mee ondervonden.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.