Buma Stemra Virus Verwijderen
Geplaatst: 29 mei 2012 17:05
Hallo iedereen kan iemand mij helpen dit virus te verwijderen. Ik kan het .exe bestandje niet vinden met de Kaspersky CD. Dit zijn de logbestanden van Malwarebytes en DDS gevoerd in de veilige modus.. Alvast bedankt.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7601.17514
Run by Paula at 16:57:10 on 2012-05-29
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4010.3043 [GMT 2:00]
.
AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfeeFirewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\System32\svchost.exe -k secsvcs
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.nl/" onclick="window.open(this.href);return false;
mStart Page = hxxp://www.bigseekpro.com/easywebcamrecording2/" onclick="window.open(this.href);return false;{3EA1D25B-03D6-4F6D-8A3E-0B421B020916}
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbhelper.dll
mWinlogon: Userinit=userinit.exe
BHO: Chatvibes Browser Helper: {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: Web Assistant: {336d0c35-8a85-403a-b9d2-65c292c39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO: Incredibar.com Helper Object: {6e13dde1-2b6e-46ce-8b66-dc8bf36f6b99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120526193522.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
BHO: Browser Companion Helper Verifier: {963b125b-8b21-49a2-a3a8-e37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Softonic Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbcore3.dll
BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
TB: Softonic Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Incredibar Toolbar: {f9639e4a-801b-4843-aee3-03d9da199e77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
TB: DealBulldog Toolbar Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbcore3.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
uRun: [WeatherBugAlert] "C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe" /st
uRun: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=ibgfbdggapddbjjbopabhlhianklajie
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
StartupFolder: C:\Users\Paula\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\K8H0PP~1.LNK - C:\Users\Paula\AppData\Local\Temp\k8h0pp.exe
StartupFolder: C:\Users\Paula\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab" onclick="window.open(this.href);return false;
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2E38DC49-EF71-43BE-A9E2-C84D040A2E4A} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{00cbb66b-1d3b-46d3-9577-323a336acb50}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{2EECD738-5844-4a99-B4B6-146BF802613B}
{336D0C35-8A85-403a-B9D2-65C292C39087}
{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
{7DB2D5A0-7241-4E79-B68D-6309F01C5231}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{95B7759C-8C7F-4BF1-B163-73684A933233}
{963B125B-8B21-49A2-A3A8-E37092276531}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{8dcb7100-df86-4384-8842-8fa844297b3f}
{95B7759C-8C7F-4BF1-B163-73684A933233}
{98889811-442D-49dd-99D7-DC866BE87DBC}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{F9639E4A-801B-4843-AEE3-03D9DA199E77}
{338B4DFE-2E2C-4338-9E41-E176D497299E}
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=ibgfbdggapddbjjbopabhlhianklajie
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun-x64: [(standaard)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-24 249936]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-2-24 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-24 136176]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-24 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-24 249936]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-24 249936]
S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-2-24 199272]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-2-23 2656536]
S2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-3-12 918880]
S2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\system32\DRIVERS\wcmvcam64.sys --> C:\Windows\system32\DRIVERS\wcmvcam64.sys [?]
S2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-5-13 185856]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-24 136176]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\system32\DRIVERS\mcvidrv_x64.sys --> C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [?]
S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\system32\drivers\mcaudrv_x64.sys --> C:\Windows\system32\drivers\mcaudrv_x64.sys [?]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
S4 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
.
=============== Created Last 30 ================
.
2012-05-29 15:21:31 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-05-29 14:15:57 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{83FBCBA5-3020-4E20-9D2D-766FF534C2DB}\mpengine.dll
2012-05-29 14:13:32 -------- d-----w- C:\Users\Paula\AppData\Local\{6CE8E0DE-75A2-4E41-B575-5392E060EB0D}
2012-05-29 14:12:41 -------- d-----w- C:\Users\Paula\AppData\Local\{9EB89AD9-1ABF-4FF2-BD0F-FF6DF4614198}
2012-05-28 18:13:35 -------- d-----w- C:\Users\Paula\AppData\Local\{D1347343-553C-4FF0-A781-28CEF7B6E9B3}
2012-05-28 18:13:24 -------- d-----w- C:\Users\Paula\AppData\Local\{4871D538-8683-410A-A36E-F9BF24237720}
2012-05-28 16:58:12 -------- d-----w- C:\Users\Paula\AppData\Local\{2C3C2AAF-B7D5-4918-AB20-CDD65E7DD06A}
2012-05-28 16:58:01 -------- d-----w- C:\Users\Paula\AppData\Local\{C8994502-ED3F-438B-B216-61E4B679D8F7}
2012-05-28 11:19:47 -------- d-----w- C:\Users\Paula\AppData\Local\{51BE55AA-8469-4B2E-B2E9-E3033D99AE6E}
2012-05-28 11:19:34 -------- d-----w- C:\Users\Paula\AppData\Local\{8A7E6BE0-1A09-4669-820A-833B62C26AFE}
2012-05-27 23:12:04 -------- d-----w- C:\Users\Paula\AppData\Local\{B80C18BE-E36C-4712-8EB9-1D2C34D9A91D}
2012-05-27 23:11:51 -------- d-----w- C:\Users\Paula\AppData\Local\{46A163A8-A510-41FD-9D68-4153170EB090}
2012-05-27 18:02:42 -------- d-----w- C:\Users\Paula\AppData\Local\{95E1621E-3AF8-4F4A-ADC8-6E21C98BC43B}
2012-05-27 18:02:28 -------- d-----w- C:\Users\Paula\AppData\Local\{393DD154-554C-4B43-83E2-AFF5D967AAD3}
2012-05-27 17:56:34 -------- d-----w- C:\Users\Paula\AppData\Local\{20FB554D-788C-497A-8A7D-43044BB75E10}
2012-05-27 15:49:02 -------- d-----w- C:\Users\Paula\AppData\Local\{171B8628-B1BE-4BEE-8EF8-E4EFA4C3DB33}
2012-05-27 15:48:49 -------- d-----w- C:\Users\Paula\AppData\Local\{FCBBB4FB-E8F6-4AB8-958B-7C05E76C63B5}
2012-05-27 15:40:19 -------- d-----w- C:\Users\Paula\AppData\Local\{4B4FC0F2-17E4-4FED-9CDB-B4515FF3268C}
2012-05-26 22:28:03 -------- d-----w- C:\Users\Paula\AppData\Local\ElevatedDiagnostics
2012-05-26 22:17:32 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-26 22:17:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-26 22:07:48 -------- d-----w- C:\Users\Paula\AppData\Local\{6C5F6B00-FA76-40A6-89EF-47264C31F752}
2012-05-26 22:07:20 -------- d-----w- C:\Users\Paula\AppData\Local\{064A2E27-8249-40AA-AC80-A6608470DCFF}
2012-05-26 21:40:08 -------- d-----w- C:\Users\Paula\AppData\Roaming\Windows Search
2012-05-26 21:40:08 -------- d-----w- C:\Users\Paula\AppData\Roaming\TeamViewer
2012-05-26 18:13:02 -------- d-----w- C:\ProgramData\UAB
2012-05-26 18:12:51 -------- d-----w- C:\Users\Paula\AppData\Roaming\WebcamMax
2012-05-26 18:12:51 -------- d-----w- C:\Users\Paula\AppData\Local\PC_Drivers_Headquarters
2012-05-26 18:12:51 -------- d-----w- C:\ProgramData\WebcamMax
2012-05-26 18:09:08 -------- d-----w- C:\ProgramData\Driver Utilities
2012-05-26 18:07:33 -------- d-----w- C:\Program Files (x86)\WebcamMax
2012-05-26 18:07:09 -------- d-----w- C:\Program Files (x86)\Driver Utilities
2012-05-26 14:50:25 -------- d-----w- C:\Users\Paula\AppData\Local\{8DEB3064-DAC2-4943-9357-C2AD75B281CC}
2012-05-26 14:50:09 -------- d-----w- C:\Users\Paula\AppData\Local\{42862D9D-DA45-4D21-BB04-CC656F284056}
2012-05-22 08:50:58 -------- d-----w- C:\Users\Paula\AppData\Local\{5C8916B6-91E9-4508-888C-D379D54AB4FE}
2012-05-22 08:50:39 -------- d-----w- C:\Users\Paula\AppData\Local\{8BF2DBB6-4AD9-42F5-8A66-0AF4A53E1779}
2012-05-19 18:06:31 -------- d-----w- C:\Users\Paula\AppData\Local\{A304C783-D981-4660-A41F-7ACAB4C28256}
2012-05-19 18:05:58 -------- d-----w- C:\Users\Paula\AppData\Local\{C025CF44-3409-432C-93FA-6FCFDDCBF8C1}
2012-05-19 15:26:23 -------- d-----w- C:\Users\Paula\AppData\Local\{D8B988BD-8CC1-4085-8FEB-A1E316BF93E4}
2012-05-19 15:25:48 -------- d-----w- C:\Users\Paula\AppData\Local\{7124D00A-7D56-4AC6-898D-49C298CD1EFC}
2012-05-19 12:11:45 -------- d-----w- C:\Users\Paula\AppData\Local\{EB04305E-E6EE-4532-AFD8-E4C319025009}
2012-05-19 12:11:17 -------- d-----w- C:\Users\Paula\AppData\Local\{14C1DED3-2D4E-4E21-96FD-86F71F043FB9}
2012-05-19 08:20:22 -------- d-----w- C:\Users\Paula\AppData\Local\{D9125388-B011-4040-B38E-B91304221577}
2012-05-19 08:20:04 -------- d-----w- C:\Users\Paula\AppData\Local\{4311ADD7-F8F1-4F1A-94D6-C5617196B057}
2012-05-19 07:33:59 -------- d-----w- C:\Users\Paula\AppData\Local\{34858801-DFFB-4192-A293-BA7BEC5D01D9}
2012-05-19 07:33:43 -------- d-----w- C:\Users\Paula\AppData\Local\{FEB3E56C-B79E-4A27-9D76-B19EF0102B94}
2012-05-19 07:28:14 -------- d-----w- C:\Users\Paula\AppData\Local\{AB426A5F-E89E-4FAB-8D5D-C8E943CF6B95}
2012-05-19 07:27:45 -------- d-----w- C:\Users\Paula\AppData\Local\{B35A3F4A-F306-445A-9691-14B25DBECD9E}
2012-05-19 07:23:45 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-05-19 07:23:44 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-05-19 07:23:44 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-05-19 06:46:49 -------- d-----w- C:\Users\Paula\AppData\Local\{47145164-44BE-450F-AE54-B8A943679862}
2012-05-19 06:46:30 -------- d-----w- C:\Users\Paula\AppData\Local\{56C25272-09BD-4D69-BE9A-08A42DC0A02D}
2012-05-18 20:28:05 -------- d-----w- C:\Users\Paula\AppData\Local\{6CD0D9FF-73D1-4D1F-8937-6273B6581E86}
2012-05-18 20:27:45 -------- d-----w- C:\Users\Paula\AppData\Local\{A1007803-D348-4E9B-B461-2FE63AB5E5D2}
2012-05-18 17:59:42 -------- d-----w- C:\Users\Paula\AppData\Local\{A79039BB-AE9E-43E2-B400-D3017FE818EC}
2012-05-18 17:59:29 -------- d-----w- C:\Users\Paula\AppData\Local\{BA892503-43D4-4C28-B6FC-5407AA40FB0B}
2012-05-18 13:38:23 -------- d-----w- C:\Users\Paula\AppData\Local\{53EA0609-DB62-4697-9DE9-9D97366DACE7}
2012-05-18 13:37:39 -------- d-----w- C:\Users\Paula\AppData\Local\{569050F2-11C1-41E6-80A4-8BAEECBE7D2F}
2012-05-17 21:08:00 -------- d-----w- C:\Users\Paula\AppData\Local\{B1792294-1E5F-4387-9541-BB20C54ADF2D}
2012-05-17 21:07:29 -------- d-----w- C:\Users\Paula\AppData\Local\{44E95164-00DD-4E4C-97DA-05D22AE27010}
2012-05-17 08:39:49 -------- d-----w- C:\Users\Paula\AppData\Local\{8815E267-AC55-47A4-AB41-DE9526CE199F}
2012-05-17 08:39:11 -------- d-----w- C:\Users\Paula\AppData\Local\{458D9D43-FAAC-4BE5-A4EF-3A420997F0FE}
2012-05-16 15:16:15 -------- d-----w- C:\Users\Paula\AppData\Local\{00A12392-AE52-483E-98A4-0CA715504EBA}
2012-05-16 15:15:43 -------- d-----w- C:\Users\Paula\AppData\Local\{74459994-800E-4D38-9343-8E49FB9B87C8}
2012-05-16 11:09:30 -------- d-----w- C:\Users\Paula\AppData\Local\{BC69D60B-89ED-46A5-B02C-011CB0397B98}
2012-05-16 11:09:16 -------- d-----w- C:\Users\Paula\AppData\Local\{8F9216C7-5181-45DB-A53F-1C63601C044E}
2012-05-16 11:05:33 -------- d-----w- C:\Users\Paula\AppData\Local\{25ECFF2F-51D4-418A-9073-A525A305BC83}
2012-05-16 09:02:26 -------- d-----w- C:\Users\Paula\AppData\Local\{F5D11520-4A21-4918-B2BF-1D2C2D396050}
2012-05-16 09:02:12 -------- d-----w- C:\Users\Paula\AppData\Local\{68E3B3C3-C766-4D01-AF6C-25C3B07AD4CF}
2012-05-15 22:31:53 -------- d-----w- C:\Users\Paula\AppData\Local\{F8E223B2-17CA-422E-B597-94AB90ABBC56}
2012-05-15 22:31:41 -------- d-----w- C:\Users\Paula\AppData\Local\{D65FF4C7-7914-4803-A3E8-8F93308996E7}
2012-05-15 18:26:16 -------- d-----w- C:\Users\Paula\AppData\Local\{44391821-7005-4CBE-8E92-FDE0A94D2941}
2012-05-15 18:26:01 -------- d-----w- C:\Users\Paula\AppData\Local\{6CE1389F-1A25-4F32-80FD-B7461FEB05AE}
2012-05-15 18:03:06 -------- d-----w- C:\Users\Paula\AppData\Local\{DC6A7AC1-EBB3-4778-9F4E-976E76A1F9E6}
2012-05-15 18:02:32 -------- d-----w- C:\Users\Paula\AppData\Local\{103DFFE7-4CB6-44E1-9A27-5D703BE2CA6E}
2012-05-15 06:20:30 -------- d-----w- C:\Users\Paula\AppData\Local\{CFC9F97F-7654-4D8A-B3AB-347E0BDC5BFA}
2012-05-15 06:20:10 -------- d-----w- C:\Users\Paula\AppData\Local\{F1904B68-6300-46A8-9EF7-A8C43444C423}
2012-05-14 20:38:25 -------- d-----w- C:\Users\Paula\AppData\Local\{EB1B26E4-523F-4309-A9DD-6935AB631291}
2012-05-14 20:38:04 -------- d-----w- C:\Users\Paula\AppData\Local\{1F404573-BE66-4684-B4EC-15A2D98817BA}
2012-05-14 17:55:24 -------- d-----w- C:\Users\Paula\AppData\Local\{BABC54AC-366E-4F49-84C0-D99CB1DD1CA9}
2012-05-14 17:55:05 -------- d-----w- C:\Users\Paula\AppData\Local\{03D1E11C-124D-482E-829D-40E7EDE0E570}
2012-05-14 11:01:38 -------- d-----w- C:\Users\Paula\AppData\Local\{BE2588D8-636C-4221-B4A9-55DE7F188036}
2012-05-14 11:01:19 -------- d-----w- C:\Users\Paula\AppData\Local\{862EB885-3331-496E-955C-4387B885ED8F}
2012-05-14 06:45:35 -------- d-----w- C:\Users\Paula\AppData\Local\{A41040FE-6DA2-4979-8F0A-7F4F4E28981C}
2012-05-14 06:45:19 -------- d-----w- C:\Users\Paula\AppData\Local\{9FBEE256-6C60-4FC1-AD6C-BFD0A569FAA0}
2012-05-13 21:21:09 -------- d-----w- C:\Users\Paula\AppData\Local\{4256DE6B-0A0A-4853-B47B-893250CDF1AF}
2012-05-13 21:20:43 -------- d-----w- C:\Users\Paula\AppData\Local\{F1DC9F6F-D8BD-4E3A-9109-A5D92BEF8523}
2012-05-13 20:57:52 -------- d-----w- C:\Users\Paula\AppData\Local\MagicCamera
2012-05-13 20:57:45 -------- d-----w- C:\Program Files (x86)\ShiningMorning
2012-05-13 20:51:38 -------- d-----w- C:\Users\Paula\AppData\Local\Microsoft Games
2012-05-13 20:27:27 -------- d-----w- C:\Program Files (x86)\DealBulldog Toolbar Toolbar
2012-05-13 20:27:14 -------- d-----w- C:\Program Files (x86)\AWS
2012-05-13 20:25:57 -------- d-----w- C:\Users\Paula\AppData\Local\ManyCam
2012-05-13 20:25:56 -------- d-----w- C:\ProgramData\ManyCam
2012-05-13 20:25:55 -------- d-----w- C:\Users\Paula\AppData\Roaming\ManyCam
2012-05-13 20:25:35 -------- d-----w- C:\Program Files (x86)\ManyCam
2012-05-13 20:25:30 -------- d-----w- C:\ProgramData\Ask
2012-05-13 20:24:29 -------- d-----w- C:\Program Files (x86)\Incredibar.com
2012-05-13 20:24:18 -------- d-----w- C:\Program Files\Web Assistant
2012-05-13 19:56:19 -------- d-----w- C:\Users\Paula\AppData\Local\{831032EC-7CFA-48D9-A978-54A03FB59415}
2012-05-13 19:56:00 -------- d-----w- C:\Users\Paula\AppData\Local\{21B67D90-4C24-4BC7-A637-6A152E85C99D}
2012-05-13 19:49:57 31216 ----a-w- C:\Windows\System32\drivers\clwvd.sys
2012-05-13 16:59:32 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-05-13 16:59:12 -------- d-----w- C:\Users\Paula\AppData\Local\APN
2012-05-13 16:31:57 -------- d-----w- C:\Users\Paula\AppData\Local\{FD228384-EA97-468C-8848-D38F4CEE64E9}
2012-05-13 16:30:51 -------- d-----w- C:\Users\Paula\AppData\Local\{6FD04CF6-2510-49EB-A308-8A74E32C85BD}
2012-05-13 16:12:53 -------- d-----w- C:\a9dc9e5936d9178aca99
2012-05-13 11:19:34 -------- d-----w- C:\Users\Paula\AppData\Local\{27E01A3B-540F-420D-82F3-73BAA2CEB3D3}
2012-05-13 11:19:15 -------- d-----w- C:\Users\Paula\AppData\Local\{6C18B9A5-552C-43A5-9920-FB59D493C0A7}
2012-05-13 06:46:11 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-13 06:46:11 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-13 06:46:05 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-13 06:46:04 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-13 06:46:03 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-13 06:46:03 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-13 06:45:07 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-13 06:44:49 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-13 06:44:45 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-13 06:44:45 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-13 06:44:45 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-13 06:44:45 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-13 06:44:45 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-13 06:36:14 -------- d-----w- C:\Users\Paula\AppData\Local\{97794014-D53C-4380-B854-E8136E53829D}
2012-05-13 06:35:57 -------- d-----w- C:\Users\Paula\AppData\Local\{7F1B74FF-0DA6-411D-AC5B-734D831C2DED}
2012-05-10 20:13:00 -------- d-----w- C:\Users\Paula\AppData\Local\{CFF4B4E9-07CC-4CDC-B92F-A521A3462D9C}
2012-05-10 20:12:45 -------- d-----w- C:\Users\Paula\AppData\Local\{C9F9717D-85F1-4505-8ED5-6B6D8CF046A7}
2012-05-08 17:33:00 -------- d-----w- C:\Users\Paula\AppData\Local\{8CEB9DD1-8F87-4FC8-90A9-2D9A135837D9}
2012-05-08 17:32:42 -------- d-----w- C:\Users\Paula\AppData\Local\{BECF8D3E-7D13-426F-B13B-F0EF13DD18D1}
2012-05-07 18:13:14 -------- d-----w- C:\Users\Paula\AppData\Local\{E95888ED-93D3-4668-B29A-46C95AD61E09}
2012-05-07 18:12:59 -------- d-----w- C:\Users\Paula\AppData\Local\{A87993BF-3D3D-4F00-833F-439A5EAAE9AD}
2012-05-06 06:04:43 -------- d-----w- C:\Users\Paula\AppData\Local\{FE71AE15-A4B7-4915-AA26-4705BE3B9F31}
2012-05-06 06:04:25 -------- d-----w- C:\Users\Paula\AppData\Local\{2E012663-99B0-4E0A-AE57-3F2FF244C0F5}
2012-05-04 18:34:45 -------- d-----w- C:\Users\Paula\AppData\Local\{9D8030F2-2B71-403C-BE40-62F49EB8B128}
2012-05-04 18:34:31 -------- d-----w- C:\Users\Paula\AppData\Local\{3A4681EC-5E68-4398-930F-026B5D67B768}
2012-05-04 14:30:49 -------- d-----w- C:\Users\Paula\AppData\Local\{BCA3B3DF-92BB-43C9-9222-D4B4BCA15754}
2012-05-04 14:30:34 -------- d-----w- C:\Users\Paula\AppData\Local\{D22A73B3-0A2E-46A1-B09A-1811D9FE0DF3}
2012-05-03 15:46:51 -------- d-----w- C:\Users\Paula\AppData\Local\{43159245-3D76-40E4-B3AC-30AC74A06692}
2012-05-03 15:46:33 -------- d-----w- C:\Users\Paula\AppData\Local\{058EF37B-2862-4A76-8657-9CDF95C4B10C}
2012-05-03 15:26:04 -------- d-----w- C:\Users\Paula\AppData\Local\{A520178F-5E78-4CCC-8A04-BD7F7DCFD744}
2012-05-03 15:25:52 -------- d-----w- C:\Users\Paula\AppData\Local\{2E418769-4920-4433-97FE-1F71C49C6311}
2012-04-30 08:44:39 -------- d-----w- C:\Users\Paula\AppData\Local\{5378818A-93BA-455B-9636-34246380AB65}
2012-04-30 08:44:19 -------- d-----w- C:\Users\Paula\AppData\Local\{374AA5B2-D9EB-469F-B2C0-9142A85A129D}
2012-04-29 17:59:28 -------- d-----w- C:\Users\Paula\AppData\Local\{61B0BAE3-334C-40A8-A2C6-E8C740B32ADF}
2012-04-29 17:59:12 -------- d-----w- C:\Users\Paula\AppData\Local\{2AA6A905-848A-4D5A-8DA8-7A1345B1F9AE}
2012-04-29 15:57:02 -------- d-----w- C:\Users\Paula\AppData\Local\{DE324E76-5C33-41C4-842D-13C4AFECAAB5}
2012-04-29 15:56:44 -------- d-----w- C:\Users\Paula\AppData\Local\{25751810-1269-4F61-BD02-991230916FF8}
2012-04-29 14:59:09 -------- d-----w- C:\Users\Paula\AppData\Local\{DF163B8D-A00B-44D6-8203-4FAE4FAC6CBE}
2012-04-29 14:58:51 -------- d-----w- C:\Users\Paula\AppData\Local\{56391F2C-CFDD-41D5-9633-E9E5C3DA6ABF}
.
==================== Find3M ====================
.
2012-04-15 21:32:14 1071032 ----a-w- C:\Windows\System32\drivers\wcmvcam64.sys
2012-03-30 10:14:48 18816 ----a-w- C:\Windows\System32\roboot64.exe
2012-03-20 11:11:30 162192 ----a-w- C:\Windows\System32\mfevtps.exe
2012-03-07 10:24:26 2308096 ------w- C:\Windows\System32\jscript9.dll
2012-03-07 10:24:26 1798656 ------w- C:\Windows\SysWow64\jscript9.dll
2012-03-07 10:24:26 135168 ------w- C:\Windows\System32\IEAdvpack.dll
2012-03-07 10:24:26 110592 ------w- C:\Windows\SysWow64\IEAdvpack.dll
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
.
============= FINISH: 16:57:21,80 ===============
Malwarebytes Anti-Malware 1.61.0.1400
http://www.malwarebytes.org" onclick="window.open(this.href);return false;
Databaseversie: v2012.05.26.06
Windows 7 Service Pack 1 x64 NTFS (Veilige modus/netwerkmogelijkheden)
Internet Explorer 8.0.7601.17514
Paula :: PAULA-PC [administrator]
27-5-2012 0:19:17
mbam-log-2012-05-27 (00-19-17).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 201141
Verstreken tijd: 2 minuut/minuten, 56 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|LicenseValidator (Trojan.Agent) -> Data: C:\Users\Paula\AppData\Roaming\Windows Search\{1EC8CD31-CA0E-4B54-8FA3-C611D747E765}\LicenseValidator.exe -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 3
C:\$Recycle.Bin\S-1-5-21-1378051111-4103892096-2196648758-1000\$R1U1MMA.exe (PUP.BundleInstaller.BI) -> Geen actie ondernomen.
C:\Users\Paula\AppData\Local\Temp\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Geen actie ondernomen.
C:\Users\Paula\AppData\Roaming\Windows Search\{1EC8CD31-CA0E-4B54-8FA3-C611D747E765}\LicenseValidator.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7601.17514
Run by Paula at 16:57:10 on 2012-05-29
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4010.3043 [GMT 2:00]
.
AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfeeFirewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\System32\svchost.exe -k secsvcs
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.nl/" onclick="window.open(this.href);return false;
mStart Page = hxxp://www.bigseekpro.com/easywebcamrecording2/" onclick="window.open(this.href);return false;{3EA1D25B-03D6-4F6D-8A3E-0B421B020916}
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbhelper.dll
mWinlogon: Userinit=userinit.exe
BHO: Chatvibes Browser Helper: {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: Web Assistant: {336d0c35-8a85-403a-b9d2-65c292c39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO: Incredibar.com Helper Object: {6e13dde1-2b6e-46ce-8b66-dc8bf36f6b99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120526193522.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
BHO: Browser Companion Helper Verifier: {963b125b-8b21-49a2-a3a8-e37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Softonic Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbcore3.dll
BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
TB: Softonic Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Incredibar Toolbar: {f9639e4a-801b-4843-aee3-03d9da199e77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
TB: DealBulldog Toolbar Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbcore3.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
uRun: [WeatherBugAlert] "C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe" /st
uRun: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=ibgfbdggapddbjjbopabhlhianklajie
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
StartupFolder: C:\Users\Paula\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\K8H0PP~1.LNK - C:\Users\Paula\AppData\Local\Temp\k8h0pp.exe
StartupFolder: C:\Users\Paula\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab" onclick="window.open(this.href);return false;
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab" onclick="window.open(this.href);return false;
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2E38DC49-EF71-43BE-A9E2-C84D040A2E4A} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{00cbb66b-1d3b-46d3-9577-323a336acb50}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{2EECD738-5844-4a99-B4B6-146BF802613B}
{336D0C35-8A85-403a-B9D2-65C292C39087}
{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
{7DB2D5A0-7241-4E79-B68D-6309F01C5231}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{95B7759C-8C7F-4BF1-B163-73684A933233}
{963B125B-8B21-49A2-A3A8-E37092276531}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{8dcb7100-df86-4384-8842-8fa844297b3f}
{95B7759C-8C7F-4BF1-B163-73684A933233}
{98889811-442D-49dd-99D7-DC866BE87DBC}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{F9639E4A-801B-4843-AEE3-03D9DA199E77}
{338B4DFE-2E2C-4338-9E41-E176D497299E}
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=ibgfbdggapddbjjbopabhlhianklajie
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
mRun-x64: [(standaard)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-24 249936]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-2-24 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-24 136176]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-24 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-24 249936]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-2-24 249936]
S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-2-24 199272]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-2-23 2656536]
S2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-3-12 918880]
S2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\system32\DRIVERS\wcmvcam64.sys --> C:\Windows\system32\DRIVERS\wcmvcam64.sys [?]
S2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-5-13 185856]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-24 136176]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
S3 ManyCam;ManyCam Virtual Webcam;C:\Windows\system32\DRIVERS\mcvidrv_x64.sys --> C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [?]
S3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\system32\drivers\mcaudrv_x64.sys --> C:\Windows\system32\drivers\mcaudrv_x64.sys [?]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
S4 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
.
=============== Created Last 30 ================
.
2012-05-29 15:21:31 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-05-29 14:15:57 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{83FBCBA5-3020-4E20-9D2D-766FF534C2DB}\mpengine.dll
2012-05-29 14:13:32 -------- d-----w- C:\Users\Paula\AppData\Local\{6CE8E0DE-75A2-4E41-B575-5392E060EB0D}
2012-05-29 14:12:41 -------- d-----w- C:\Users\Paula\AppData\Local\{9EB89AD9-1ABF-4FF2-BD0F-FF6DF4614198}
2012-05-28 18:13:35 -------- d-----w- C:\Users\Paula\AppData\Local\{D1347343-553C-4FF0-A781-28CEF7B6E9B3}
2012-05-28 18:13:24 -------- d-----w- C:\Users\Paula\AppData\Local\{4871D538-8683-410A-A36E-F9BF24237720}
2012-05-28 16:58:12 -------- d-----w- C:\Users\Paula\AppData\Local\{2C3C2AAF-B7D5-4918-AB20-CDD65E7DD06A}
2012-05-28 16:58:01 -------- d-----w- C:\Users\Paula\AppData\Local\{C8994502-ED3F-438B-B216-61E4B679D8F7}
2012-05-28 11:19:47 -------- d-----w- C:\Users\Paula\AppData\Local\{51BE55AA-8469-4B2E-B2E9-E3033D99AE6E}
2012-05-28 11:19:34 -------- d-----w- C:\Users\Paula\AppData\Local\{8A7E6BE0-1A09-4669-820A-833B62C26AFE}
2012-05-27 23:12:04 -------- d-----w- C:\Users\Paula\AppData\Local\{B80C18BE-E36C-4712-8EB9-1D2C34D9A91D}
2012-05-27 23:11:51 -------- d-----w- C:\Users\Paula\AppData\Local\{46A163A8-A510-41FD-9D68-4153170EB090}
2012-05-27 18:02:42 -------- d-----w- C:\Users\Paula\AppData\Local\{95E1621E-3AF8-4F4A-ADC8-6E21C98BC43B}
2012-05-27 18:02:28 -------- d-----w- C:\Users\Paula\AppData\Local\{393DD154-554C-4B43-83E2-AFF5D967AAD3}
2012-05-27 17:56:34 -------- d-----w- C:\Users\Paula\AppData\Local\{20FB554D-788C-497A-8A7D-43044BB75E10}
2012-05-27 15:49:02 -------- d-----w- C:\Users\Paula\AppData\Local\{171B8628-B1BE-4BEE-8EF8-E4EFA4C3DB33}
2012-05-27 15:48:49 -------- d-----w- C:\Users\Paula\AppData\Local\{FCBBB4FB-E8F6-4AB8-958B-7C05E76C63B5}
2012-05-27 15:40:19 -------- d-----w- C:\Users\Paula\AppData\Local\{4B4FC0F2-17E4-4FED-9CDB-B4515FF3268C}
2012-05-26 22:28:03 -------- d-----w- C:\Users\Paula\AppData\Local\ElevatedDiagnostics
2012-05-26 22:17:32 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-26 22:17:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-26 22:07:48 -------- d-----w- C:\Users\Paula\AppData\Local\{6C5F6B00-FA76-40A6-89EF-47264C31F752}
2012-05-26 22:07:20 -------- d-----w- C:\Users\Paula\AppData\Local\{064A2E27-8249-40AA-AC80-A6608470DCFF}
2012-05-26 21:40:08 -------- d-----w- C:\Users\Paula\AppData\Roaming\Windows Search
2012-05-26 21:40:08 -------- d-----w- C:\Users\Paula\AppData\Roaming\TeamViewer
2012-05-26 18:13:02 -------- d-----w- C:\ProgramData\UAB
2012-05-26 18:12:51 -------- d-----w- C:\Users\Paula\AppData\Roaming\WebcamMax
2012-05-26 18:12:51 -------- d-----w- C:\Users\Paula\AppData\Local\PC_Drivers_Headquarters
2012-05-26 18:12:51 -------- d-----w- C:\ProgramData\WebcamMax
2012-05-26 18:09:08 -------- d-----w- C:\ProgramData\Driver Utilities
2012-05-26 18:07:33 -------- d-----w- C:\Program Files (x86)\WebcamMax
2012-05-26 18:07:09 -------- d-----w- C:\Program Files (x86)\Driver Utilities
2012-05-26 14:50:25 -------- d-----w- C:\Users\Paula\AppData\Local\{8DEB3064-DAC2-4943-9357-C2AD75B281CC}
2012-05-26 14:50:09 -------- d-----w- C:\Users\Paula\AppData\Local\{42862D9D-DA45-4D21-BB04-CC656F284056}
2012-05-22 08:50:58 -------- d-----w- C:\Users\Paula\AppData\Local\{5C8916B6-91E9-4508-888C-D379D54AB4FE}
2012-05-22 08:50:39 -------- d-----w- C:\Users\Paula\AppData\Local\{8BF2DBB6-4AD9-42F5-8A66-0AF4A53E1779}
2012-05-19 18:06:31 -------- d-----w- C:\Users\Paula\AppData\Local\{A304C783-D981-4660-A41F-7ACAB4C28256}
2012-05-19 18:05:58 -------- d-----w- C:\Users\Paula\AppData\Local\{C025CF44-3409-432C-93FA-6FCFDDCBF8C1}
2012-05-19 15:26:23 -------- d-----w- C:\Users\Paula\AppData\Local\{D8B988BD-8CC1-4085-8FEB-A1E316BF93E4}
2012-05-19 15:25:48 -------- d-----w- C:\Users\Paula\AppData\Local\{7124D00A-7D56-4AC6-898D-49C298CD1EFC}
2012-05-19 12:11:45 -------- d-----w- C:\Users\Paula\AppData\Local\{EB04305E-E6EE-4532-AFD8-E4C319025009}
2012-05-19 12:11:17 -------- d-----w- C:\Users\Paula\AppData\Local\{14C1DED3-2D4E-4E21-96FD-86F71F043FB9}
2012-05-19 08:20:22 -------- d-----w- C:\Users\Paula\AppData\Local\{D9125388-B011-4040-B38E-B91304221577}
2012-05-19 08:20:04 -------- d-----w- C:\Users\Paula\AppData\Local\{4311ADD7-F8F1-4F1A-94D6-C5617196B057}
2012-05-19 07:33:59 -------- d-----w- C:\Users\Paula\AppData\Local\{34858801-DFFB-4192-A293-BA7BEC5D01D9}
2012-05-19 07:33:43 -------- d-----w- C:\Users\Paula\AppData\Local\{FEB3E56C-B79E-4A27-9D76-B19EF0102B94}
2012-05-19 07:28:14 -------- d-----w- C:\Users\Paula\AppData\Local\{AB426A5F-E89E-4FAB-8D5D-C8E943CF6B95}
2012-05-19 07:27:45 -------- d-----w- C:\Users\Paula\AppData\Local\{B35A3F4A-F306-445A-9691-14B25DBECD9E}
2012-05-19 07:23:45 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-05-19 07:23:44 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-05-19 07:23:44 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-05-19 06:46:49 -------- d-----w- C:\Users\Paula\AppData\Local\{47145164-44BE-450F-AE54-B8A943679862}
2012-05-19 06:46:30 -------- d-----w- C:\Users\Paula\AppData\Local\{56C25272-09BD-4D69-BE9A-08A42DC0A02D}
2012-05-18 20:28:05 -------- d-----w- C:\Users\Paula\AppData\Local\{6CD0D9FF-73D1-4D1F-8937-6273B6581E86}
2012-05-18 20:27:45 -------- d-----w- C:\Users\Paula\AppData\Local\{A1007803-D348-4E9B-B461-2FE63AB5E5D2}
2012-05-18 17:59:42 -------- d-----w- C:\Users\Paula\AppData\Local\{A79039BB-AE9E-43E2-B400-D3017FE818EC}
2012-05-18 17:59:29 -------- d-----w- C:\Users\Paula\AppData\Local\{BA892503-43D4-4C28-B6FC-5407AA40FB0B}
2012-05-18 13:38:23 -------- d-----w- C:\Users\Paula\AppData\Local\{53EA0609-DB62-4697-9DE9-9D97366DACE7}
2012-05-18 13:37:39 -------- d-----w- C:\Users\Paula\AppData\Local\{569050F2-11C1-41E6-80A4-8BAEECBE7D2F}
2012-05-17 21:08:00 -------- d-----w- C:\Users\Paula\AppData\Local\{B1792294-1E5F-4387-9541-BB20C54ADF2D}
2012-05-17 21:07:29 -------- d-----w- C:\Users\Paula\AppData\Local\{44E95164-00DD-4E4C-97DA-05D22AE27010}
2012-05-17 08:39:49 -------- d-----w- C:\Users\Paula\AppData\Local\{8815E267-AC55-47A4-AB41-DE9526CE199F}
2012-05-17 08:39:11 -------- d-----w- C:\Users\Paula\AppData\Local\{458D9D43-FAAC-4BE5-A4EF-3A420997F0FE}
2012-05-16 15:16:15 -------- d-----w- C:\Users\Paula\AppData\Local\{00A12392-AE52-483E-98A4-0CA715504EBA}
2012-05-16 15:15:43 -------- d-----w- C:\Users\Paula\AppData\Local\{74459994-800E-4D38-9343-8E49FB9B87C8}
2012-05-16 11:09:30 -------- d-----w- C:\Users\Paula\AppData\Local\{BC69D60B-89ED-46A5-B02C-011CB0397B98}
2012-05-16 11:09:16 -------- d-----w- C:\Users\Paula\AppData\Local\{8F9216C7-5181-45DB-A53F-1C63601C044E}
2012-05-16 11:05:33 -------- d-----w- C:\Users\Paula\AppData\Local\{25ECFF2F-51D4-418A-9073-A525A305BC83}
2012-05-16 09:02:26 -------- d-----w- C:\Users\Paula\AppData\Local\{F5D11520-4A21-4918-B2BF-1D2C2D396050}
2012-05-16 09:02:12 -------- d-----w- C:\Users\Paula\AppData\Local\{68E3B3C3-C766-4D01-AF6C-25C3B07AD4CF}
2012-05-15 22:31:53 -------- d-----w- C:\Users\Paula\AppData\Local\{F8E223B2-17CA-422E-B597-94AB90ABBC56}
2012-05-15 22:31:41 -------- d-----w- C:\Users\Paula\AppData\Local\{D65FF4C7-7914-4803-A3E8-8F93308996E7}
2012-05-15 18:26:16 -------- d-----w- C:\Users\Paula\AppData\Local\{44391821-7005-4CBE-8E92-FDE0A94D2941}
2012-05-15 18:26:01 -------- d-----w- C:\Users\Paula\AppData\Local\{6CE1389F-1A25-4F32-80FD-B7461FEB05AE}
2012-05-15 18:03:06 -------- d-----w- C:\Users\Paula\AppData\Local\{DC6A7AC1-EBB3-4778-9F4E-976E76A1F9E6}
2012-05-15 18:02:32 -------- d-----w- C:\Users\Paula\AppData\Local\{103DFFE7-4CB6-44E1-9A27-5D703BE2CA6E}
2012-05-15 06:20:30 -------- d-----w- C:\Users\Paula\AppData\Local\{CFC9F97F-7654-4D8A-B3AB-347E0BDC5BFA}
2012-05-15 06:20:10 -------- d-----w- C:\Users\Paula\AppData\Local\{F1904B68-6300-46A8-9EF7-A8C43444C423}
2012-05-14 20:38:25 -------- d-----w- C:\Users\Paula\AppData\Local\{EB1B26E4-523F-4309-A9DD-6935AB631291}
2012-05-14 20:38:04 -------- d-----w- C:\Users\Paula\AppData\Local\{1F404573-BE66-4684-B4EC-15A2D98817BA}
2012-05-14 17:55:24 -------- d-----w- C:\Users\Paula\AppData\Local\{BABC54AC-366E-4F49-84C0-D99CB1DD1CA9}
2012-05-14 17:55:05 -------- d-----w- C:\Users\Paula\AppData\Local\{03D1E11C-124D-482E-829D-40E7EDE0E570}
2012-05-14 11:01:38 -------- d-----w- C:\Users\Paula\AppData\Local\{BE2588D8-636C-4221-B4A9-55DE7F188036}
2012-05-14 11:01:19 -------- d-----w- C:\Users\Paula\AppData\Local\{862EB885-3331-496E-955C-4387B885ED8F}
2012-05-14 06:45:35 -------- d-----w- C:\Users\Paula\AppData\Local\{A41040FE-6DA2-4979-8F0A-7F4F4E28981C}
2012-05-14 06:45:19 -------- d-----w- C:\Users\Paula\AppData\Local\{9FBEE256-6C60-4FC1-AD6C-BFD0A569FAA0}
2012-05-13 21:21:09 -------- d-----w- C:\Users\Paula\AppData\Local\{4256DE6B-0A0A-4853-B47B-893250CDF1AF}
2012-05-13 21:20:43 -------- d-----w- C:\Users\Paula\AppData\Local\{F1DC9F6F-D8BD-4E3A-9109-A5D92BEF8523}
2012-05-13 20:57:52 -------- d-----w- C:\Users\Paula\AppData\Local\MagicCamera
2012-05-13 20:57:45 -------- d-----w- C:\Program Files (x86)\ShiningMorning
2012-05-13 20:51:38 -------- d-----w- C:\Users\Paula\AppData\Local\Microsoft Games
2012-05-13 20:27:27 -------- d-----w- C:\Program Files (x86)\DealBulldog Toolbar Toolbar
2012-05-13 20:27:14 -------- d-----w- C:\Program Files (x86)\AWS
2012-05-13 20:25:57 -------- d-----w- C:\Users\Paula\AppData\Local\ManyCam
2012-05-13 20:25:56 -------- d-----w- C:\ProgramData\ManyCam
2012-05-13 20:25:55 -------- d-----w- C:\Users\Paula\AppData\Roaming\ManyCam
2012-05-13 20:25:35 -------- d-----w- C:\Program Files (x86)\ManyCam
2012-05-13 20:25:30 -------- d-----w- C:\ProgramData\Ask
2012-05-13 20:24:29 -------- d-----w- C:\Program Files (x86)\Incredibar.com
2012-05-13 20:24:18 -------- d-----w- C:\Program Files\Web Assistant
2012-05-13 19:56:19 -------- d-----w- C:\Users\Paula\AppData\Local\{831032EC-7CFA-48D9-A978-54A03FB59415}
2012-05-13 19:56:00 -------- d-----w- C:\Users\Paula\AppData\Local\{21B67D90-4C24-4BC7-A637-6A152E85C99D}
2012-05-13 19:49:57 31216 ----a-w- C:\Windows\System32\drivers\clwvd.sys
2012-05-13 16:59:32 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-05-13 16:59:12 -------- d-----w- C:\Users\Paula\AppData\Local\APN
2012-05-13 16:31:57 -------- d-----w- C:\Users\Paula\AppData\Local\{FD228384-EA97-468C-8848-D38F4CEE64E9}
2012-05-13 16:30:51 -------- d-----w- C:\Users\Paula\AppData\Local\{6FD04CF6-2510-49EB-A308-8A74E32C85BD}
2012-05-13 16:12:53 -------- d-----w- C:\a9dc9e5936d9178aca99
2012-05-13 11:19:34 -------- d-----w- C:\Users\Paula\AppData\Local\{27E01A3B-540F-420D-82F3-73BAA2CEB3D3}
2012-05-13 11:19:15 -------- d-----w- C:\Users\Paula\AppData\Local\{6C18B9A5-552C-43A5-9920-FB59D493C0A7}
2012-05-13 06:46:11 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-13 06:46:11 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-13 06:46:05 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-13 06:46:04 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-13 06:46:03 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-13 06:46:03 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-13 06:45:07 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-13 06:44:49 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-13 06:44:45 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-13 06:44:45 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-13 06:44:45 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-13 06:44:45 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-13 06:44:45 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-13 06:36:14 -------- d-----w- C:\Users\Paula\AppData\Local\{97794014-D53C-4380-B854-E8136E53829D}
2012-05-13 06:35:57 -------- d-----w- C:\Users\Paula\AppData\Local\{7F1B74FF-0DA6-411D-AC5B-734D831C2DED}
2012-05-10 20:13:00 -------- d-----w- C:\Users\Paula\AppData\Local\{CFF4B4E9-07CC-4CDC-B92F-A521A3462D9C}
2012-05-10 20:12:45 -------- d-----w- C:\Users\Paula\AppData\Local\{C9F9717D-85F1-4505-8ED5-6B6D8CF046A7}
2012-05-08 17:33:00 -------- d-----w- C:\Users\Paula\AppData\Local\{8CEB9DD1-8F87-4FC8-90A9-2D9A135837D9}
2012-05-08 17:32:42 -------- d-----w- C:\Users\Paula\AppData\Local\{BECF8D3E-7D13-426F-B13B-F0EF13DD18D1}
2012-05-07 18:13:14 -------- d-----w- C:\Users\Paula\AppData\Local\{E95888ED-93D3-4668-B29A-46C95AD61E09}
2012-05-07 18:12:59 -------- d-----w- C:\Users\Paula\AppData\Local\{A87993BF-3D3D-4F00-833F-439A5EAAE9AD}
2012-05-06 06:04:43 -------- d-----w- C:\Users\Paula\AppData\Local\{FE71AE15-A4B7-4915-AA26-4705BE3B9F31}
2012-05-06 06:04:25 -------- d-----w- C:\Users\Paula\AppData\Local\{2E012663-99B0-4E0A-AE57-3F2FF244C0F5}
2012-05-04 18:34:45 -------- d-----w- C:\Users\Paula\AppData\Local\{9D8030F2-2B71-403C-BE40-62F49EB8B128}
2012-05-04 18:34:31 -------- d-----w- C:\Users\Paula\AppData\Local\{3A4681EC-5E68-4398-930F-026B5D67B768}
2012-05-04 14:30:49 -------- d-----w- C:\Users\Paula\AppData\Local\{BCA3B3DF-92BB-43C9-9222-D4B4BCA15754}
2012-05-04 14:30:34 -------- d-----w- C:\Users\Paula\AppData\Local\{D22A73B3-0A2E-46A1-B09A-1811D9FE0DF3}
2012-05-03 15:46:51 -------- d-----w- C:\Users\Paula\AppData\Local\{43159245-3D76-40E4-B3AC-30AC74A06692}
2012-05-03 15:46:33 -------- d-----w- C:\Users\Paula\AppData\Local\{058EF37B-2862-4A76-8657-9CDF95C4B10C}
2012-05-03 15:26:04 -------- d-----w- C:\Users\Paula\AppData\Local\{A520178F-5E78-4CCC-8A04-BD7F7DCFD744}
2012-05-03 15:25:52 -------- d-----w- C:\Users\Paula\AppData\Local\{2E418769-4920-4433-97FE-1F71C49C6311}
2012-04-30 08:44:39 -------- d-----w- C:\Users\Paula\AppData\Local\{5378818A-93BA-455B-9636-34246380AB65}
2012-04-30 08:44:19 -------- d-----w- C:\Users\Paula\AppData\Local\{374AA5B2-D9EB-469F-B2C0-9142A85A129D}
2012-04-29 17:59:28 -------- d-----w- C:\Users\Paula\AppData\Local\{61B0BAE3-334C-40A8-A2C6-E8C740B32ADF}
2012-04-29 17:59:12 -------- d-----w- C:\Users\Paula\AppData\Local\{2AA6A905-848A-4D5A-8DA8-7A1345B1F9AE}
2012-04-29 15:57:02 -------- d-----w- C:\Users\Paula\AppData\Local\{DE324E76-5C33-41C4-842D-13C4AFECAAB5}
2012-04-29 15:56:44 -------- d-----w- C:\Users\Paula\AppData\Local\{25751810-1269-4F61-BD02-991230916FF8}
2012-04-29 14:59:09 -------- d-----w- C:\Users\Paula\AppData\Local\{DF163B8D-A00B-44D6-8203-4FAE4FAC6CBE}
2012-04-29 14:58:51 -------- d-----w- C:\Users\Paula\AppData\Local\{56391F2C-CFDD-41D5-9633-E9E5C3DA6ABF}
.
==================== Find3M ====================
.
2012-04-15 21:32:14 1071032 ----a-w- C:\Windows\System32\drivers\wcmvcam64.sys
2012-03-30 10:14:48 18816 ----a-w- C:\Windows\System32\roboot64.exe
2012-03-20 11:11:30 162192 ----a-w- C:\Windows\System32\mfevtps.exe
2012-03-07 10:24:26 2308096 ------w- C:\Windows\System32\jscript9.dll
2012-03-07 10:24:26 1798656 ------w- C:\Windows\SysWow64\jscript9.dll
2012-03-07 10:24:26 135168 ------w- C:\Windows\System32\IEAdvpack.dll
2012-03-07 10:24:26 110592 ------w- C:\Windows\SysWow64\IEAdvpack.dll
2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
.
============= FINISH: 16:57:21,80 ===============
Malwarebytes Anti-Malware 1.61.0.1400
http://www.malwarebytes.org" onclick="window.open(this.href);return false;
Databaseversie: v2012.05.26.06
Windows 7 Service Pack 1 x64 NTFS (Veilige modus/netwerkmogelijkheden)
Internet Explorer 8.0.7601.17514
Paula :: PAULA-PC [administrator]
27-5-2012 0:19:17
mbam-log-2012-05-27 (00-19-17).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 201141
Verstreken tijd: 2 minuut/minuten, 56 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|LicenseValidator (Trojan.Agent) -> Data: C:\Users\Paula\AppData\Roaming\Windows Search\{1EC8CD31-CA0E-4B54-8FA3-C611D747E765}\LicenseValidator.exe -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 3
C:\$Recycle.Bin\S-1-5-21-1378051111-4103892096-2196648758-1000\$R1U1MMA.exe (PUP.BundleInstaller.BI) -> Geen actie ondernomen.
C:\Users\Paula\AppData\Local\Temp\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Geen actie ondernomen.
C:\Users\Paula\AppData\Roaming\Windows Search\{1EC8CD31-CA0E-4B54-8FA3-C611D747E765}\LicenseValidator.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)