Hallo,
“zoek.exe” gebruiken
Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens gebruik soms als trojan aangezien.
(hier of hier) kan je lezen hoe je dat doet.
Download daarna zoek.exe naar het bureaublad.
Windows Vista en Windows 7: start de tool middels rechtsklik op “zoek.exe” en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal er na een tijdje een venster geopend worden.
Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)
Kopieer nu onderstaande Vet gedrukte en plak die in het grote invulvenster:
{FC5D8A61-2262-11E1-9C1F-6C626D79B3D3};c
{64b507cd-5eb6-4217-aef4-c88b4fcfb77b};c
C:\Program Files (x86)\Hoyle;fs
{EEE6C35C-6118-11DC-9C72-001320C79847};c
C:\Program Files (x86)\SweetIM;fs
{95B7759C-8C7F-4BF1-B163-73684A933233};c
C:\Program Files (x86)\AVG Secure Search;fs
;r
“SweetIM”=-;r
;r
“vProt”=-;r
;r
“ROC_ROC_NT”=-;r
C:\Program Files (x86)\AVG;fs
startupall;
filesrcm;
iedefaults;
emptyclsid;
emptyjava;
emptyflash;
emptyiecache;
emptytemp;
Sluit nu eerst alle nog openstaande programmavensters!
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht.
Gr.Ben
Hoi
Sorry dat het nu pas een reactie van mij komt
Hier is het log van zoek.exe
Bedankt voor u hulp
gr Mar
Zoek.exe Version 3.0.0.3 Updated 23-09-2012
Tool run by Gebruiker on ma 24-09-2012 at 8:38:07,11.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running from: C:\Users\Gebruiker\AppData\Local\Temp\zoek.exe
==== Set IE to Default ======================
Old Values:
“Search Page”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch”
“Start Page”=“http://www.google.nl/”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://home.sweetim.com/?barid={FC5D8A61-2262-11E1-9C1F-6C626D79B3D3}”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://home.sweetim.com/?barid={FC5D8A61-2262-11E1-9C1F-6C626D79B3D3}”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Tabs”=“http://isearch.avg.com/tab?cid={EAF61E3A-2616-4023-B45A-46F6BF710524}&mid=095cd7883a5447d68f65bd2b2b9d5a20-7f8a8167d76dd567081c47d4a5b28f1cceccf8c9&lang=nl&ds=AVG&pr=fr&d=2011-11-01 07:45:15&v=8.0.0.34&sap=nt”
“Tabs”=“http://isearch.avg.com/tab?cid={EAF61E3A-2616-4023-B45A-46F6BF710524}&mid=095cd7883a5447d68f65bd2b2b9d5a20-7f8a8167d76dd567081c47d4a5b28f1cceccf8c9&lang=nl&ds=AVG&pr=fr&d=2011-11-01 07:45:15&v=8.0.0.34&sap=nt”
“SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”
“CustomizeSearch”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm”
“SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”
“CustomizeSearch”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm”
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
“SuggestionsURLFallback”=“http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}§ionHeight={ie:sectionHeight}&FORM=IE8SSC&market={language}”
“FaviconURLFallback”=“http://www.bing.com/favicon.ico”
“FaviconPath”=“C:\\Users\\Gebruiker\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico”
“DisplayName”=“Bing”
“URL”=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
“TopResultURLFallback”=“http://www.bing.com/search?q={searchTerms}&src=ie9tr”
New Values:
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Tabs”=“res://ieframe.dll/tabswelcome.htm”
“Tabs”=“res://ieframe.dll/tabswelcome.htm”
“SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”
“CustomizeSearch”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm”
“SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”
“CustomizeSearch”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm”
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
“SuggestionsURLFallback”=“http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}§ionHeight={ie:sectionHeight}&FORM=IE8SSC&market={language}”
“FaviconPath”=“C:\\Users\\Gebruiker\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico”
“DisplayName”=“Bing”
“URL”=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
“TopResultURLFallback”=“http://www.bing.com/search?q={searchTerms}&src=ie9tr”
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{77F8C945-4B74-4BD6-A073-E0D1997EDCE8} deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
“SweetIM”=-
“vProt”=-
“ROC_ROC_NT”=-
==== Deleting Files \ Folders ======================
“C:\Program Files (x86)\Hoyle” not found
“C:\Program Files (x86)\SweetIM” not found
“C:\Program Files (x86)\AVG Secure Search” not found
“C:\Program Files (x86)\AVG” deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2012-09-21 17:11:54 5458C4DC4CFD19FF42EC6A7D855C99C5 207 —-a-w- C:\Windows\DeleteOnReboot.bat
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2012-09-20 17:18:00 A455E465CD4D710DC9B5ED2B8F9C0B0C 12143200 —-a-w- C:\Users\GEBRUI~1\AppData\Local\Temp\oi_{B1D3D6BE-149F-4EC9-97CD-2FAE2A434235}.exe
2012-09-20 17:00:08 AAB7AC8D97F195CF8282901C6B6D8AF8 4720736 —-a-w- C:\Users\GEBRUI~1\AppData\Local\Temp\CommonInstaller.exe
2012-09-20 17:00:03 E3E294B6876F636A41C8A1D325280254 8212064 —-a-w- C:\Users\GEBRUI~1\AppData\Local\Temp\ToolbarInstaller.exe
2012-09-20 16:59:41 A455E465CD4D710DC9B5ED2B8F9C0B0C 12143200 —-a-w- C:\Users\GEBRUI~1\AppData\Local\Temp\oi_{7868F980-1972-464C-9E9F-375FA5383A00}.exe
2012-09-20 16:59:30 4A3DC3313DBF0BAD7D7453528A57AB47 163936 —-a-w- C:\Users\GEBRUI~1\AppData\Local\Temp\MachineIdCreator.exe
2012-09-20 16:59:30 08B04D5673C9283D3DBDBC4F845F049A 255072 —-a-w- C:\Users\GEBRUI~1\AppData\Local\Temp\avguidx.dll
====== C:\Windows\SysWOW64 =====
2012-09-22 04:28:52 FEA05B225411C3DDA4F88503F56B782C 73216 —-a-w- C:\Windows\SysWOW64\mshtmled.dll
2012-09-22 04:28:52 BBA02541017653A42A73C9A544FD816A 2382848 —-a-w- C:\Windows\SysWOW64\mshtml.tlb
2012-09-22 04:28:51 DBBBE5B64E2FE1AF8BE76CCAA2B54DFC 420864 —-a-w- C:\Windows\SysWOW64\vbscript.dll
2012-09-22 04:28:51 CC0713B192BF47A124168957ACD75CC1 176640 —-a-w- C:\Windows\SysWOW64\ieui.dll
2012-09-22 04:28:50 8621FE8577BCFB8B5CB15897D4A9024A 142848 —-a-w- C:\Windows\SysWOW64\ieUnatt.exe
2012-09-22 04:28:50 339E159B0956BA01B6662BB8546BDE95 231936 —-a-w- C:\Windows\SysWOW64\url.dll
2012-09-22 04:28:49 9FAC0F6D5F3D922DB294E30CD3F62369 1103872 —-a-w- C:\Windows\SysWOW64\urlmon.dll
2012-09-22 04:28:49 020C295B09C7DDAE8B13CB9DE0758B4A 1427968 —-a-w- C:\Windows\SysWOW64\inetcpl.cpl
2012-09-22 04:28:48 58A18482F445D1C8DD51A1BC29251F61 607744 —-a-w- C:\Windows\SysWOW64\msfeeds.dll
2012-09-22 04:28:47 5553611E2F9EA6F613079177F1233068 1129472 —-a-w- C:\Windows\SysWOW64\wininet.dll
2012-09-22 04:28:46 E34C4AAF1533648BC4B671C0F4D86F03 717824 —-a-w- C:\Windows\SysWOW64\jscript.dll
2012-09-22 04:28:46 394373142655ACCF49D64AAD466C86FF 1800704 —-a-w- C:\Windows\SysWOW64\jscript9.dll
2012-09-22 04:28:45 EB8A00E8E9931A7EC04F920B09D880D8 1793024 —-a-w- C:\Windows\SysWOW64\iertutil.dll
2012-09-22 04:28:45 509D846FDF0C83158ED5970DE751364C 65024 —-a-w- C:\Windows\SysWOW64\jsproxy.dll
2012-09-22 04:28:44 BB197F54A8F69EEA8356B7F70E6D3A20 12319744 —-a-w- C:\Windows\SysWOW64\mshtml.dll
2012-09-22 04:28:38 0BA3F31E2B4D8D99DF8DD19E81155374 9738240 —-a-w- C:\Windows\SysWOW64\ieframe.dll
2012-09-12 06:46:28 54AF46DC37E63E1E85EB619033953309 490496 —-a-w- C:\Windows\SysWOW64\d3d10level9.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2012-09-22 04:28:52 DD90692F0B62A80520A640479939C5D8 96768 —-a-w- C:\Windows\Sysnative\mshtmled.dll
2012-09-22 04:28:52 8A206E4DE6CBB3B8C0AB2E17EF0C4477 2382848 —-a-w- C:\Windows\Sysnative\mshtml.tlb
2012-09-22 04:28:50 FFE777CA06F74478C74CE761F4214152 173056 —-a-w- C:\Windows\Sysnative\ieUnatt.exe
2012-09-22 04:28:50 D818DFC9D1EDD4A17C31988DAD3A1E2C 237056 —-a-w- C:\Windows\Sysnative\url.dll
2012-09-22 04:28:50 0A3AABA7A24BDC90472EEB1B42991418 248320 —-a-w- C:\Windows\Sysnative\ieui.dll
2012-09-22 04:28:49 653D9EC63F8A03185B4DC5DF21AC0A1A 1494528 —-a-w- C:\Windows\Sysnative\inetcpl.cpl
2012-09-22 04:28:49 2885A3C3148F725CDA0B4C593BA8F7CE 1346048 —-a-w- C:\Windows\Sysnative\urlmon.dll
2012-09-22 04:28:48 5F377E8C27727CADE95E306A678E1FA0 729088 —-a-w- C:\Windows\Sysnative\msfeeds.dll
2012-09-22 04:28:48 1D3FAF2E2305A75EBFE1C5F5F7A2CB25 2312704 —-a-w- C:\Windows\Sysnative\jscript9.dll
2012-09-22 04:28:47 3D165C53E40236A68B7102D1A622D4E0 1392128 —-a-w- C:\Windows\Sysnative\wininet.dll
2012-09-22 04:28:46 1684704478AC8B936CDA8FA16A878A0E 85504 —-a-w- C:\Windows\Sysnative\jsproxy.dll
2012-09-22 04:28:45 F50F26E6DC3082D8334F2946CE9125FA 599040 —-a-w- C:\Windows\Sysnative\vbscript.dll
2012-09-22 04:28:45 D841F7629505EE542E26E5F0A4D20101 2144768 —-a-w- C:\Windows\Sysnative\iertutil.dll
2012-09-22 04:28:45 BFC767B51A25AEA82E277003296E4B0B 816640 —-a-w- C:\Windows\Sysnative\jscript.dll
2012-09-22 04:28:41 F244DA6DD2C365ABAFD076222C22C2BE 17810944 —-a-w- C:\Windows\Sysnative\mshtml.dll
2012-09-22 04:28:39 4ECE12D296ED94CA2C7DD6C383A5AB66 10925568 —-a-w- C:\Windows\Sysnative\ieframe.dll
2012-09-12 06:46:28 AD976778C4B92F9EC4842295974E9BD9 574464 —-a-w- C:\Windows\Sysnative\d3d10level9.dll
====== C:\Windows\Sysnative\drivers =====
2012-09-20 17:00:11 DE24B2CA078FC6A7EAA53B1DFD3F61CF 31080 —-a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys
2012-09-12 06:46:30 760E38053BF56E501D562B70AD796B88 950128 —-a-w- C:\Windows\Sysnative\drivers\ndis.sys
2012-09-12 06:46:30 0E01641D96889BDEB22DE12D30575B08 41472 —-a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys
2012-09-12 06:46:26 F782CAD3CEDBB3F9FFE3BF2775D92DDC 1913200 —-a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2012-09-12 06:46:26 910DD6694848872FD3B8F42BAF801D0A 288624 —-a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2012-09-12 06:46:26 7942B7AC3FF598F8A1736D51ADAF04E8 376688 —-a-w- C:\Windows\Sysnative\drivers\netio.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
2012-09-20 17:00:08 ——– d—–w- C:\Program Files (x86)\Common Files\AVG Secure Search
2012-09-03 19:25:56 ——– d—–w- C:\Program Files (x86)\TomTom HOME 2
2012-09-03 19:25:21 ——– d—–w- C:\Program Files (x86)\TomTom International B.V
======= C: =====
2012-09-21 17:17:20 37525C67F52DA5C40F83EC203BD58E5C 575 —-a-w- C:\AdwCleaner.txt
2012-09-21 17:13:00 2D3AA8C95F9BFC37FFFF74E0797E170F 589 —-a-w- C:\AdwCleaner.txt
2012-09-21 17:11:51 0CF6D33B0FCFE45C6EE64B41AEF17804 18194 —-a-w- C:\AdwCleaner.txt
====== C:\Users\Gebruiker\AppData\Roaming ======
2012-09-03 19:28:19 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\TomTom
2012-09-03 19:28:19 ——– d—–w- C:\users\Gebruiker\AppData\Local\TomTom
2012-09-03 19:23:11 ——– d—–w- C:\users\Gebruiker\AppData\Local\Downloaded Installations
====== C:\Users\Gebruiker ======
2012-09-08 14:27:13 ——– d—–w- C:\ProgramData\Spotnet
2012-09-04 18:00:16 ——– d—–w- C:\ProgramData\TomTom
====== C: exe-files ==
2012-09-22 04:28:50 FFE777CA06F74478C74CE761F4214152 173056 —-a-w- C:\Windows\System32\ieUnatt.exe
2012-09-22 04:28:50 8621FE8577BCFB8B5CB15897D4A9024A 142848 —-a-w- C:\Windows\SysWOW64\ieUnatt.exe
2012-09-22 04:28:50 22CC6CDBA678790046693654C3B212E4 748680 —-a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2012-09-22 04:28:49 2D53C5F71653EF94E7829846405D4ED2 754824 —-a-w- C:\Program Files\Internet Explorer\iexplore.exe
2012-09-21 17:10:20 0139E9FAAC2B6BF7B7303D4FA88AFFD8 512737 —-a-w- C:\Users\Gebruiker\Desktop\scanprogamma's\adwcleaner.exe
2012-09-21 17:02:40 5F723C80C66F7723766CD6686E8B8107 2740320 —-a-w- C:\Windows\temp\CommonInstaller.exe
2012-09-21 17:02:35 A6DD7F1A9F6E083606BF5223DB07903C 7112288 —-a-w- C:\Windows\temp\ToolbarInstaller.exe
2012-09-21 17:02:30 F4FF9FD95147DE7E55BFE2B7778DEEDB 163936 —-a-w- C:\Windows\temp\MachineIdCreator.exe
2012-09-20 17:18:00 A455E465CD4D710DC9B5ED2B8F9C0B0C 12143200 —-a-w- C:\Users\Gebruiker\AppData\Local\Temp\oi_{B1D3D6BE-149F-4EC9-97CD-2FAE2A434235}.exe
2012-09-20 17:00:08 AAB7AC8D97F195CF8282901C6B6D8AF8 4720736 —-a-w- C:\Users\Gebruiker\AppData\Local\Temp\CommonInstaller.exe
2012-09-20 17:00:08 40DBA03782BCC10685A8C200C5EBDCD0 722528 —-a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
2012-09-20 17:00:03 E3E294B6876F636A41C8A1D325280254 8212064 —-a-w- C:\Users\Gebruiker\AppData\Local\Temp\ToolbarInstaller.exe
2012-09-20 16:59:41 A455E465CD4D710DC9B5ED2B8F9C0B0C 12143200 —-a-w- C:\Users\Gebruiker\AppData\Local\Temp\oi_{7868F980-1972-464C-9E9F-375FA5383A00}.exe
2012-09-20 16:59:30 4A3DC3313DBF0BAD7D7453528A57AB47 163936 —-a-w- C:\Users\Gebruiker\AppData\Local\Temp\MachineIdCreator.exe
=== C: other files ==
2012-09-22 04:28:52 FEA05B225411C3DDA4F88503F56B782C 73216 —-a-w- C:\Windows\SysWOW64\mshtmled.dll
2012-09-22 04:28:52 DD90692F0B62A80520A640479939C5D8 96768 —-a-w- C:\Windows\System32\mshtmled.dll
2012-09-22 04:28:51 DBBBE5B64E2FE1AF8BE76CCAA2B54DFC 420864 —-a-w- C:\Windows\SysWOW64\vbscript.dll
2012-09-22 04:28:51 CC0713B192BF47A124168957ACD75CC1 176640 —-a-w- C:\Windows\SysWOW64\ieui.dll
2012-09-22 04:28:51 B3B4E6899B3CA701B28C6F46CBF5C4CE 174216 —-a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2012-09-22 04:28:51 72BFF9BD70ACEBE4996EC7BEAEEBA1C7 304640 —-a-w- C:\Program Files\Internet Explorer\IEShims.dll
2012-09-22 04:28:51 4BA9EFCDA842C6A6692AFDA6E2BEF70A 140936 —-a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2012-09-22 04:28:51 2DAD4B6B659F7E5DFBCB6D2C634FA6F3 194048 —-a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2012-09-22 04:28:50 D818DFC9D1EDD4A17C31988DAD3A1E2C 237056 —-a-w- C:\Windows\System32\url.dll
2012-09-22 04:28:50 339E159B0956BA01B6662BB8546BDE95 231936 —-a-w- C:\Windows\SysWOW64\url.dll
2012-09-22 04:28:50 0A3AABA7A24BDC90472EEB1B42991418 248320 —-a-w- C:\Windows\System32\ieui.dll
2012-09-22 04:28:49 9FAC0F6D5F3D922DB294E30CD3F62369 1103872 —-a-w- C:\Windows\SysWOW64\urlmon.dll
2012-09-22 04:28:49 2885A3C3148F725CDA0B4C593BA8F7CE 1346048 —-a-w- C:\Windows\System32\urlmon.dll
2012-09-22 04:28:48 5F377E8C27727CADE95E306A678E1FA0 729088 —-a-w- C:\Windows\System32\msfeeds.dll
2012-09-22 04:28:48 5F1F35F2F995FA8615438AB922B0BA7B 548864 —-a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2012-09-22 04:28:48 5E4FF36923C37C80B537DCE6CAA755F9 194560 —-a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2012-09-22 04:28:48 58A18482F445D1C8DD51A1BC29251F61 607744 —-a-w- C:\Windows\SysWOW64\msfeeds.dll
2012-09-22 04:28:48 1D3FAF2E2305A75EBFE1C5F5F7A2CB25 2312704 —-a-w- C:\Windows\System32\jscript9.dll
2012-09-22 04:28:47 5553611E2F9EA6F613079177F1233068 1129472 —-a-w- C:\Windows\SysWOW64\wininet.dll
2012-09-22 04:28:47 3D165C53E40236A68B7102D1A622D4E0 1392128 —-a-w- C:\Windows\System32\wininet.dll
2012-09-22 04:28:46 E34C4AAF1533648BC4B671C0F4D86F03 717824 —-a-w- C:\Windows\SysWOW64\jscript.dll
2012-09-22 04:28:46 394373142655ACCF49D64AAD466C86FF 1800704 —-a-w- C:\Windows\SysWOW64\jscript9.dll
2012-09-22 04:28:46 1684704478AC8B936CDA8FA16A878A0E 85504 —-a-w- C:\Windows\System32\jsproxy.dll
2012-09-22 04:28:45 F9A3F4FC9E5634AA006DAA7FC7636857 66048 —-a-w- C:\Windows\SysWOW64\migration\WininetPlugin.dll
2012-09-22 04:28:45 F50F26E6DC3082D8334F2946CE9125FA 599040 —-a-w- C:\Windows\System32\vbscript.dll
2012-09-22 04:28:45 EB8A00E8E9931A7EC04F920B09D880D8 1793024 —-a-w- C:\Windows\SysWOW64\iertutil.dll
2012-09-22 04:28:45 D841F7629505EE542E26E5F0A4D20101 2144768 —-a-w- C:\Windows\System32\iertutil.dll
2012-09-22 04:28:45 BFC767B51A25AEA82E277003296E4B0B 816640 —-a-w- C:\Windows\System32\jscript.dll
2012-09-22 04:28:45 59760EEF422475A81E6263DA8E5CB784 86528 —-a-w- C:\Windows\System32\migration\WininetPlugin.dll
2012-09-22 04:28:45 509D846FDF0C83158ED5970DE751364C 65024 —-a-w- C:\Windows\SysWOW64\jsproxy.dll
2012-09-22 04:28:44 FF87372B008267091BDEBBEEFCF14433 499200 —-a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
2012-09-22 04:28:44 E75A72D9FCAD774365A2E56573B64B8C 387584 —-a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2012-09-22 04:28:44 BB197F54A8F69EEA8356B7F70E6D3A20 12319744 —-a-w- C:\Windows\SysWOW64\mshtml.dll
2012-09-22 04:28:44 362D74A47E9173CCAF9369DA6D98C09F 678912 —-a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2012-09-22 04:28:44 0CE8D32A4BF787FBE5F39E905C77E2F9 887296 —-a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2012-09-22 04:28:41 F244DA6DD2C365ABAFD076222C22C2BE 17810944 —-a-w- C:\Windows\System32\mshtml.dll
2012-09-22 04:28:39 4ECE12D296ED94CA2C7DD6C383A5AB66 10925568 —-a-w- C:\Windows\System32\ieframe.dll
2012-09-22 04:28:38 0BA3F31E2B4D8D99DF8DD19E81155374 9738240 —-a-w- C:\Windows\SysWOW64\ieframe.dll
2012-09-21 17:11:54 5458C4DC4CFD19FF42EC6A7D855C99C5 207 —-a-w- C:\Windows\DeleteOnReboot.bat
2012-09-21 17:02:30 C1C525F57EA2C077EFBD13A3AD06BCFD 692224 —-a-w- C:\Windows\temp\iGearedHelper.dll
2012-09-21 17:02:30 AAA7D53D228E76B4291AC61E987BB058 247808 —-a-w- C:\Windows\temp\avguidx.dll
2012-09-20 17:00:11 DE24B2CA078FC6A7EAA53B1DFD3F61CF 31080 —-a-w- C:\Windows\System32\drivers\avgtpx64.sys
2012-09-20 16:59:30 08B04D5673C9283D3DBDBC4F845F049A 255072 —-a-w- C:\Users\Gebruiker\AppData\Local\Temp\avguidx.dll
==== Startup Registry Enabled ======================
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
“TomTomHOME.exe”=“C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”
“OfficeSyncProcess”=“C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”
“msnmsgr”=“C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ”
“SwitchBoard”=“C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe”
“AdobeCS6ServiceManager”=“C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin”
“vProt”=“C:\Program Files (x86)\AVG Secure Search\vprot.exe”
“ROC_ROC_NT”=“C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe / /PROMPT /CMPID=ROC_NT”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
“TomTomHOME.exe”=“C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”
“OfficeSyncProcess”=“C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”
“msnmsgr”=“C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background”
==== Startup Registry Disabled ======================
“HP Software Update”=“C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe”
“SunJavaUpdateSched”=“\”C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\“”
==== Startup Folders ======================
2010-12-10 21:13:29 2099 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A473RHE will be deleted at reboot
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\74ZBC23M will be deleted at reboot
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KVQ6VJKO will be deleted at reboot
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not found
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A473RHE” not found
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\74ZBC23M” not found
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KVQ6VJKO” not found
hoi
hier het log
bedankt
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:17:59, on 24-9-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe” -launchedbylogin
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Secure Search\vprot.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe” / /PROMPT /CMPID=ROC_NT
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKCU\..\Run: “C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”
O4 - HKCU\..\Run: “C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”
O4 - HKCU\..\Run: “C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKUS\S-1-5-21-1848488349-641486460-2212997090-1003\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-1848488349-641486460-2212997090-1003\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 12667 bytes
Hallo,
AVG blijft hardnekkig dus die het volgende.
Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop vToolbarUpdater12.2.6
Druk op Enter.
Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete vToolbarUpdater12.2.6
Druk op Enter.
Start HijackThis;
Klik met de rechtermuis op het programma Hijackthis en kies voor “Uitvoeren als Administrator”
Kies voor ‘Do a system scan only’.
Selecteer alle regels die hier onder staan.(indien nog aanwezig)
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Secure Search\vprot.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe” / /PROMPT /CMPID=ROC_NT
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
Sluit alle open vensters(behalve HijackThis), klik daarna op Fix checked en bevestig het door in het volgende scherm op Ja te klikken.
Herstart je pc en plaats daarna een nieuw HijackThis logje.
Gr.Ben
Hoi
Hier het volgende log
deze kon ik niet vinden
O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
gr mar
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:59:48, on 24-9-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Trend Micro\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe” -launchedbylogin
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKCU\..\Run: “C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”
O4 - HKCU\..\Run: “C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”
O4 - HKCU\..\Run: “C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKUS\S-1-5-21-1848488349-641486460-2212997090-1003\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-1848488349-641486460-2212997090-1003\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 11955 bytes
Hoi Mar,
Het logje ziet er weer goed uit.
Kijk nog even onder: Start - computer - C schijf - program files.
Verwijder hier ook nog even, indien aanwezig, alles van AVG.
ADWcleaner kun je verwijderen door deze te starten en dan op un-instal te klikken.
Hij verwijderd dan zich zelf.
Zoek.exe met de rechtermuisknop op het icoontje klikken en kies verwijderen.
Voer ook nog het schoonmaakplan uit.
Succes,
Huib;)
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's