Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
Ben
Hallo,
Wat heb je allemaal al gedaan:
1. Mbam waar is het logje?
2. Combofix ? zo ja waar is het logje.
Heb je nog niks gedaan van deze 2 geef dat eerst door voordat je wat gaat doen.
Gr.Ben
hoi
Dit logje is van gisteren en de mbam is van vandaag
gr mar
ComboFix 12-10-24.01 - Gebruiker 24-10-2012 15:49:18.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4055.2528
Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-09-24 to 2012-10-24 ))))))))))))))))))))))))))))))
.
.
2012-10-24 13:53 . 2012-10-24 13:53 ——– d—–w- c:\users\UpdatusUser\AppData\Local\temp
2012-10-24 13:53 . 2012-10-24 13:53 ——– d—–w- c:\users\Public\AppData\Local\temp
2012-10-24 13:53 . 2012-10-24 13:53 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-10-24 13:53 . 2012-10-24 13:53 ——– d—–w- c:\users\AppData\AppData\Local\temp
2012-10-24 10:11 . 2012-10-12 07:19 9291768 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AAB00DFA-D0AE-4C23-90FB-F4CB046142E0}\mpengine.dll
2012-10-22 15:38 . 2012-10-12 07:19 9291768 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-20 05:07 . 2012-10-02 05:13 972192 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3EF9BF17-A8BF-4C28-B789-09751F4415CB}\gapaengine.dll
2012-10-16 19:08 . 2012-10-16 19:09 ——– d—–w- c:\program files (x86)\TuneUp Utilities 2013
2012-10-15 12:40 . 2012-10-15 12:40 477168 —-a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-10-15 12:40 . 2012-10-15 12:40 ——– d—–w- c:\program files (x86)\Java
2012-10-10 21:06 . 2012-08-11 00:56 715776 —-a-w- c:\windows\system32\kerberos.dll
2012-10-10 21:06 . 2012-08-10 23:56 542208 —-a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 21:06 . 2012-06-02 05:41 1464320 —-a-w- c:\windows\system32\crypt32.dll
2012-10-10 21:06 . 2012-06-02 04:36 1159680 —-a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 21:06 . 2012-06-02 05:41 184320 —-a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 21:06 . 2012-06-02 05:41 140288 —-a-w- c:\windows\system32\cryptnet.dll
2012-10-10 21:06 . 2012-06-02 04:36 140288 —-a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 21:06 . 2012-06-02 04:36 103936 —-a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-10 12:20 . 2012-10-10 12:20 ——– d—–w- c:\users\Gebruiker\AppData\Roaming\Western Software Technologies
2012-10-02 05:14 . 2012-10-02 05:13 972192 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-27 19:24 . 2012-09-27 19:24 ——– d—–w- c:\program files (x86)\TomTom International B.V
2012-09-27 19:24 . 2012-09-27 19:24 ——– d—–w- c:\program files (x86)\MyTomTom 3
2012-09-27 18:11 . 2012-09-27 18:11 ——– d—–w- c:\users\Gebruiker\AppData\Local\CRE
2012-09-26 06:11 . 2012-08-21 21:01 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-15 12:40 . 2011-01-18 07:49 473072 —-a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-10 21:25 . 2010-12-10 10:43 65309168 —-a-w- c:\windows\system32\MRT.exe
2012-10-09 12:11 . 2012-08-16 13:19 696760 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 12:11 . 2011-09-11 18:26 73656 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-29 17:54 . 2010-12-11 15:12 25928 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 17:17 . 2012-09-21 17:11 207 —-a-w- c:\windows\DeleteOnReboot.bat
2012-09-20 17:00 . 2012-09-20 17:00 31080 —-a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-09-19 19:38 . 2012-09-24 06:43 167424 —-a-w- c:\windows\zoek-delete.exe
2012-08-30 20:03 . 2012-08-30 20:03 228768 —-a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2012-03-20 18:44 128456 —-a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-24 11:15 . 2012-09-22 04:28 17810944 —-a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 04:28 10925568 —-a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 04:28 2312704 —-a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 04:28 1346048 —-a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 04:28 1392128 —-a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 04:28 1494528 —-a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 04:28 237056 —-a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 04:28 85504 —-a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 04:28 173056 —-a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 04:28 816640 —-a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 04:28 599040 —-a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 04:28 2144768 —-a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 04:28 729088 —-a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 04:28 96768 —-a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 04:28 2382848 —-a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 04:28 248320 —-a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 04:28 1800704 —-a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 04:28 1129472 —-a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 04:28 1427968 —-a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 04:28 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 04:28 420864 —-a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 04:28 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-23 08:26 . 2012-09-18 10:43 9310152 ——w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{91822C35-7FDC-4F3B-9DED-AD24212201C4}\mpengine.dll
2012-08-22 18:12 . 2012-09-12 06:46 1913200 —-a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 06:46 950128 —-a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 06:46 376688 —-a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 06:46 288624 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 09:12 . 2011-11-27 19:04 285328 —-a-w- c:\windows\system32\aswBoot.exe
2012-08-20 17:38 . 2012-10-10 21:07 44032 —-a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 06:46 574464 —-a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 06:46 490496 —-a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
“Skype”=“c:\program files (x86)\Skype\Phone\Skype.exe”
“OfficeSyncProcess”=“c:\program files\Microsoft Office\Office14\MSOSYNC.EXE”
“MyTomTomSA.exe”=“c:\program files (x86)\MyTomTom 3\MyTomTomSA.exe”
.
“SwitchBoard”=“c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe”
“AdobeCS6ServiceManager”=“c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe”
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
.
“ConsentPromptBehaviorAdmin”= 0 (0x0)
“ConsentPromptBehaviorUser”= 0 (0x0)
“EnableLUA”= 0 (0x0)
“EnableUIADesktopToggle”= 0 (0x0)
“PromptOnSecureDesktop”= 0 (0x0)
“EnableLinkedConnections”= 1 (0x1)
.
“mixer1”=wdmaud.drv
.
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck turegopt /AM
.
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
@=“Service”
.
“HP Software Update”=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe”
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe
R2 KMService;KMService;c:\windows\system32\srvany.exe
R2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys
R2 MBAMService;MBAMService;e:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
R3 SetupNTGLM7X;SetupNTGLM7X;F:\NTGLM7X.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
S2 MBAMScheduler;MBAMScheduler;e:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys
S3 netr7364;Stuurprogramma voor RT73 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS\netr7364.sys
S3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys
S3 RTL8167;Realtek 8167 NT-stuurprogramma;c:\windows\system32\DRIVERS\Rt64win7.sys
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys
.
.
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-10-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
.
2012-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
2012-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
.
——— X64 Entries ———–
.
.
“BCSSync”=“c:\program files\Microsoft Office\Office14\BCSSync.exe”
“AdobeAAMUpdater-1.0”=“c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe”
“MSC”=“c:\program files\Microsoft Security Client\msseces.exe”
.
——- Bijkomende Scan ——-
.
uLocal Page = c:\windows\system32\blank.htm
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\3b8i8jfo.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS VERWIJDERD - - - -
.
Wow6432Node-HKLM-Run- - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-SaTaN`s SpeelAutomaten - c:\windows\iun6002.exe
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (2) (S-1-5-21-1848488349-641486460-2212997090-1000)
@Denied: (2) (LocalSystem)
“Progid”=“WindowsLiveMail.Email.1”
.
@Denied: (2) (S-1-5-21-1848488349-641486460-2212997090-1000)
@Denied: (2) (LocalSystem)
“Progid”=“WindowsLiveMail.VCard.1”
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx”
“ThreadingModel”=“Apartment”
.
@=“0”
.
@=“ShockwaveFlash.ShockwaveFlash.11”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“ShockwaveFlash.ShockwaveFlash”
.
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx”
“ThreadingModel”=“Apartment”
.
@=“FlashFactory.FlashFactory.1”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“FlashFactory.FlashFactory”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-10-24 15:55:42
ComboFix-quarantined-files.txt 2012-10-24 13:55
ComboFix2.txt 2012-10-24 10:05
.
Pre-Run: 278.307.717.120 bytes beschikbaar
Post-Run: 278.227.017.728 bytes beschikbaar
.
- - End Of File - - EF1AE3DDE7000EC95FF3E09A44EC6593
en dit is van vandaag
Malwarebytes Anti-Malware (PRO) 1.65.1.1000
www.malwarebytes.org
Databaseversie: v2012.10.24.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Gebruiker :: GEBRUIKER-PC
Realtime bescherming: Uitgeschakeld
25-10-2012 20:21:25
mbam-log-2012-10-25 (20-21-25).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 234067
Verstreken tijd: 3 minuut/minuten, 16 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Hallo,
“zoek.exe” gebruiken
Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens gebruik soms als trojan aangezien.
(hier of hier) kan je lezen hoe je dat doet.
Download daarna zoek.exe naar het bureaublad.
Windows 2000 en Windows XP: start de tool middels dubbelklik op “zoek.exe”.
Windows Vista en Windows 7: start de tool middels rechtsklik op “zoek.exe” en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal er na een tijdje een venster geopend worden.
Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)
Kopieer nu onderstaande Vet gedrukte en plak die in het grote invulvenster:
startupall;
filesrcm;
iedefaults;
c:\users\Gebruiker\AppData\Local\CRE;f
emptyclsid;
emptyjava;
emptyflash;
emptyiecache;
emptytemp;
Sluit nu eerst alle nog openstaande programmavensters!
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht en vertel hoe het nu gaat.
Gr.Ben
hoi
Hier is het logje
gr mar
Zoek.exe Version 3.0.0.3 Updated 25-10-2012
Tool run by Gebruiker on do 25-10-2012 at 20:53:10,58.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Set IE to Default ======================
Old Values:
“Search Page”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”
“CustomizeSearch”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm”
“SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”
“CustomizeSearch”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm”
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
not found
New Values:
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”
“CustomizeSearch”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm”
“SearchAssistant”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm”
“CustomizeSearch”=“http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm”
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
@=“Bing Search”
“DisplayName”=“Bing”
“URL”=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
“SuggestionsURLFallback”=“http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}§ionHeight={ie:sectionHeight}&FORM=IE8SSC&market={language}”
“ShowSearchSuggestions”=dword:00000001
==== Deleting Files \ Folders ======================
“c:\users\Gebruiker\AppData\Local\CRE\bbmanpbfjipmicnlbchaifoomleljpal.crx” deleted
“c:\users\Gebruiker\AppData\Local\CRE” deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2012-10-10 21:07:42 E453ACF4E7D44E5530B5D5F2B9CA8563 1659760 —-a-w- C:\Windows\Sysnative\drivers\ntfs.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
2012-10-16 19:08:51 ——– d—–w- C:\Program Files (x86)\TuneUp Utilities 2013
2012-09-27 19:24:54 ——– d—–w- C:\Program Files (x86)\TomTom International B.V
2012-09-27 19:24:49 ——– d—–w- C:\Program Files (x86)\MyTomTom 3
======= C: =====
2012-10-24 10:09:02 F5F0D2EA95C83F05EE74DBC38FFA6190 39803 —-a-w- C:\AdwCleaner.txt
====== C:\Users\Gebruiker\AppData\Roaming ======
2012-10-24 13:55:43 ——– d—–w- C:\users\UpdatusUser\AppData\Local\temp
2012-10-24 13:55:43 ——– d—–w- C:\users\Public\AppData\Local\temp
2012-10-24 13:55:43 ——– d—–w- C:\users\Default\AppData\Local\temp
2012-10-24 13:55:43 ——– d—–w- C:\users\Default User\AppData\Local\temp
2012-10-24 13:55:43 ——– d—–w- C:\users\AppData\AppData\Local\temp
====== C:\Users\Gebruiker ======
====== C: exe-files ==
2012-10-24 10:08:41 536CD780316928CA40C9940D03DC9443 538941 —-a-w- C:\Users\Gebruiker\Desktop\scanprogamma's\adwcleaner.exe
=== C: other files ==
2012-10-24 10:03:32 EE5C8E27C37B79CB54A2FCEEED2DC262 9216 —-a-w- C:\Windows\ERDNT\cache86\WSHTCPIP.DLL
2012-10-24 10:03:32 E424B3EF666B184CEE0B6871AAA8C9F6 8192 —-a-w- C:\Windows\ERDNT\cache64\msimg32.dll
2012-10-24 10:03:32 DDAD5A7AB24D8B65F8D724F5C20FD806 119296 —-a-w- C:\Windows\ERDNT\cache64\tdx.sys
2012-10-24 10:03:32 18AB2E5A40064ED5F7791AC5946A90F3 4608 —-a-w- C:\Windows\ERDNT\cache86\msimg32.dll
==== Startup Registry Enabled ======================
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
“OfficeSyncProcess”=“C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”
“MyTomTomSA.exe”=“C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe”
“msnmsgr”=“C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“SwitchBoard”=“C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ”
“AdobeCS6ServiceManager”=“C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin ”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
“OfficeSyncProcess”=“C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”
“MyTomTomSA.exe”=“C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe”
“msnmsgr”=“C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background”
==== Startup Registry Disabled ======================
“HP Software Update”=“C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe”
“SunJavaUpdateSched”=“\”C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\“”
“Adobe ARM”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
==== Startup Folders ======================
2010-12-10 21:13:29 2099 —ha-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3BZD43FZ will be deleted at reboot
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\95IYRJL3 will be deleted at reboot
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KUEITZO5 will be deleted at reboot
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QE5TQUPO will be deleted at reboot
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8RYXJ3I will be deleted at reboot
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied
==== Deleting Files / Folders ======================
“C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not found
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not found
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3BZD43FZ” not found
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\95IYRJL3” not found
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KUEITZO5” not found
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QE5TQUPO” not found
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8RYXJ3I” not found
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
