Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
harry
B v deze site http://www.telegraaf.nl/overgeld/13129331/__Wat_betekent_het_regeerakkoord_voor_uw_portemonnee___.html
en met meerdere pagina,s heb ik het
internet exploder 9 windows ultimate
gr harry
Hoi Harry,
Is dit al een poosje zo of zomaar in eens:S
Het kan natuurlijk ook aan de betreffende website liggen.
Voer het schoonmaakplan eens uit.
Denk je dat het met spy- of malware te maken heeft (want dat kunnen wij zo niet zien) voer dan het stappenplan uit.
Vertel hoe het daarna gaat en als je het stappenplan doet, dan daarna de 2 gevraagde logjes.
Succes,
Huib;)
Melding
Heb sinds 2 weken wise care pro
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:58:00, on 30-10-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Gebruiker\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/?ocid=OIE9HP
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe
–
End of file - 8676 bytes
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Databaseversie: v2012.10.30.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Gebruiker :: GEBRUIK-M9FNQAG
30-10-2012 7:54:54
mbam-log-2012-10-30 (07-54-54).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 197438
Verstreken tijd: 5 minuut/minuten, 3 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Ben moet nu werken maar lees vanmiddag wel je oplossing, p.s thanks voor je hulp
Hallo,
Heb sinds 2 weken wise care pro
Zijn hierna ook toevallig de problemen ontstaan?
1.Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
Download AdwCleaner by Xplode naar je Bureaublad.
Sluit alle openstaande vensters.
Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren…
Klik vervolgens op Verwijderen.
Klik bij AdwCleaner – Informatie op OK
Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.
2. Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS is een diagnosetool en maakt gebruik van scripts.
Schakel je beveiligings software uit voordat je DDS uitvoert!
Dubbelklik op DDS om de tool te starten.
Let op!!! Windows Vista & 7 gebruikers dienen dds.scr als administrator uit te voeren "klik met rechtermuisknop : uitvoeren als"
DDS zal 2 logfiles openen:
* DDS.txt
* Attach.txt
Een scherm vraagt je om beide logjes op te slaan omdat de logjes weg zullen zijn als je ze sluit.
Sla de logjes op bijvoorbeeld op je bureaublad of een andere plaats waar je ze makkelijk terug vind.
Post het DDS.txt logje met je volgende antwoord. De Attach.txt post je alleen wanneer ik hier om vraag.
Gr.Ben
# AdwCleaner v2.005 - Verslag gemaakt op 30/10/2012 om 16:04:05
# Geactualiseerd op 14/10/2012 door Xplode
# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Gebruiker : Gebruiker - GEBRUIK-M9FNQAG
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Gebruiker\Desktop\adwcleaner.exe
# Optie
***** *****
***** *****
Map Verwijdert : C:\ProgramData\Trymedia
Map Verwijdert : C:\Users\GEBRUI~1\AppData\Local\Temp\Software
***** *****
Sleutel Verwijdert : HKCU\Software\Conduit
Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Sleutel Verwijdert : HKLM\Software\Conduit
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
***** *****
-\\ Internet Explorer v9.0.8112.16421
Het register bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.9.2
Run by Gebruiker at 16:08:56 on 2012-10-30
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.1791.963
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://startpagina.nl/
uWindow Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
uRun: c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: “c:\program files\avast software\avast\avastUI.exe” /nogui
mRun: “c:\program files\common files\adobe\arm\1.0\AdobeARM.exe”
mRun: “c:\program files\common files\java\java update\jusched.exe”
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Verzenden naar OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
IE: Backward &Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: Si&milar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the ‘Force scan all domains’ option.
.
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 212.54.35.25 212.54.40.25
TCP: Interfaces\{E8641357-5132-43AA-A8FD-63D3C6DFA8D7} : DHCPNameServer = 212.54.35.25 212.54.40.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - c:\windows\system32\DreamScene.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2013\TuneUpUtilitiesService32.exe
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2013\TuneUpUtilitiesDriver32.sys
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 WiseBootAssistant;Wise Boot Assistant;c:\program files\wise\wise care 365\BootTime.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys
S3 c2wts;Claims voor Windows Token Service;c:\program files\windows identity foundation\v3.5\c2wtshost.exe
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys
S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe
.
=============== Created Last 30 ================
.
2012-10-30 05:52:34 ——– d—–w- c:\users\gebruiker\appdata\local\{78DDC6AD-858C-4953-A92F-12303AFF7C32}
2012-10-29 19:03:04 ——– d-sh–w- C:\$RECYCLE.BIN
2012-10-29 19:00:08 ——– d-s—w- C:\ComboFix
2012-10-29 06:08:52 ——– d—–w- c:\users\gebruiker\appdata\local\{1D9DD9A6-56E2-45D3-9B6F-4FE4FABE575A}
2012-10-28 15:44:20 ——– d—–w- c:\users\gebruiker\appdata\local\{25B4A72D-E018-4408-A40A-72F365C1BEB3}
2012-10-28 10:47:11 ——– d—–w- c:\users\gebruiker\appdata\roaming\NZBEE
2012-10-28 10:11:16 ——– d—–w- c:\users\gebruiker\appdata\local\Delicious_Beezzz
2012-10-28 10:08:08 ——– d—–w- c:\users\gebruiker\appdata\local\Geckofx
2012-10-28 10:07:35 ——– d—–w- c:\program files\NZBEE
2012-10-28 09:56:00 ——– d—–w- c:\users\gebruiker\appdata\roaming\Uqozke
2012-10-28 09:56:00 ——– d—–w- c:\users\gebruiker\appdata\roaming\Qoume
2012-10-28 09:28:11 ——– d—–w- c:\users\gebruiker\appdata\local\{BFCE9AAB-50E1-4DE2-9712-944B6565F471}
2012-10-27 18:41:41 ——– d—–w- c:\users\gebruiker\appdata\local\{7EAC029D-100F-42C8-A58C-6BF944D1969D}
2012-10-27 12:44:12 93672 —-a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-27 06:44:11 ——– d—–w- c:\program files\Joboshare
2012-10-27 05:38:44 6918632 —-a-w- c:\programdata\microsoft\windows defender\definition updates\{840d4087-17ee-48ee-97f1-ae0e0e61adee}\mpengine.dll
2012-10-27 05:35:46 ——– d—–w- c:\users\gebruiker\appdata\local\{FF06A2DE-76C5-4850-BD4D-83A704A21E66}
2012-10-26 13:53:53 ——– d—–w- c:\users\gebruiker\appdata\local\{8975B8CA-BC03-4B84-AAA0-6152D1979895}
2012-10-26 06:12:48 ——– d—–w- c:\users\gebruiker\appdata\local\{E229A3BC-B40E-448D-B37D-04E679570503}
2012-10-25 18:06:13 ——– d—–w- c:\users\gebruiker\appdata\local\{F859CC3B-C5D0-49AB-A33C-ED828C5A6F07}
2012-10-25 05:04:53 ——– d—–w- c:\users\gebruiker\appdata\local\{6CDA821B-047B-4B54-A27D-70547B542A41}
2012-10-24 14:18:18 ——– d—–w- c:\users\gebruiker\appdata\local\{37C30A1C-1885-4070-9CC6-EB1614753D7F}
2012-10-24 06:25:28 247808 —-a-w- c:\windows\system32\schannel.dll
2012-10-24 06:25:27 136560 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-10-24 06:25:26 369856 —-a-w- c:\windows\system32\drivers\cng.sys
2012-10-24 06:25:26 220160 —-a-w- c:\windows\system32\ncrypt.dll
2012-10-24 06:25:26 1039360 —-a-w- c:\windows\system32\lsasrv.dll
2012-10-23 18:35:22 ——– d—–w- c:\users\gebruiker\appdata\local\{F576026F-DD53-4ED3-9827-8EC6152C209F}
2012-10-23 17:06:04 ——– d—–w- c:\users\gebruiker\appdata\local\TricksAndTreats
2012-10-23 06:21:42 ——– d—–w- c:\users\gebruiker\appdata\local\{AB4FC59F-43B4-4FA1-804E-C1687DC9101F}
2012-10-22 17:18:17 ——– d—–w- c:\users\gebruiker\appdata\local\{D4B98192-0E1A-4505-82AB-FA5EC734D0E0}
2012-10-22 16:56:18 ——– d—–w- c:\users\gebruiker\appdata\local\{95279D7D-6905-4F55-A5B4-F74874821385}
2012-10-22 04:23:16 ——– d—–w- c:\users\gebruiker\appdata\local\{971F79EE-D470-43C5-92BF-374A67BA576A}
2012-10-21 18:09:01 ——– d—–w- c:\users\gebruiker\appdata\local\{85E01F7F-5FC9-432F-BE17-BDEEBD41A5FB}
2012-10-21 12:47:14 ——– d—–w- c:\users\gebruiker\appdata\roaming\AVS4YOU
2012-10-21 12:45:31 ——– d—–w- c:\program files\common files\AVSMedia
2012-10-21 12:44:54 1700352 —-a-w- c:\windows\system32\GdiPlus.dll
2012-10-21 12:44:53 24576 —-a-w- c:\windows\system32\msxml3a.dll
2012-10-21 12:44:53 ——– d—–w- c:\programdata\AVS4YOU
2012-10-21 12:44:53 ——– d—–w- c:\program files\AVS4YOU
2012-10-21 11:09:47 ——– d—–w- c:\users\gebruiker\appdata\roaming\Wise Care 365
2012-10-21 11:09:26 ——– d—–w- c:\program files\Wise
2012-10-21 06:37:22 ——– d—–w- c:\users\gebruiker\appdata\roaming\Kyimoc
2012-10-21 06:37:22 ——– d—–w- c:\users\gebruiker\appdata\roaming\Hyow
2012-10-21 06:36:38 ——– d—–w- c:\users\gebruiker\appdata\roaming\tor
2012-10-21 06:36:25 ——– d—–w- c:\users\gebruiker\appdata\roaming\Zuadve
2012-10-21 06:36:25 ——– d—–w- c:\users\gebruiker\appdata\roaming\Epzeic
2012-10-21 05:35:26 ——– d—–w- c:\users\gebruiker\appdata\local\{F2745397-008F-457C-907B-90CEC748290A}
2012-10-20 20:38:43 ——– d—–w- c:\users\gebruiker\appdata\local\{EF71B0E6-BB71-4DF6-A729-735B51E7D543}
2012-10-20 12:41:33 ——– d—–w- c:\users\gebruiker\appdata\roaming\Kutawaves Games
2012-10-20 05:16:48 ——– d—–w- c:\users\gebruiker\appdata\local\{5A738EEE-A049-4A36-9283-AC14503A3DF7}
2012-10-19 14:24:49 ——– d—–w- c:\users\gebruiker\appdata\local\{0371AE8F-0BFF-4433-863E-897AF9427257}
2012-10-18 18:35:09 ——– d—–w- c:\users\gebruiker\appdata\local\{8C7F32EE-0F8C-45CF-99AE-00025314EF69}
2012-10-18 05:37:54 ——– d—–w- c:\users\gebruiker\appdata\local\{3320983B-F9C6-4A35-B726-215557EEB385}
2012-10-17 04:14:21 ——– d—–w- c:\users\gebruiker\appdata\local\{8BD47ECD-9B40-41D6-AC05-5CA79B17D88D}
2012-10-16 05:52:19 ——– d—–w- c:\users\gebruiker\appdata\local\{826B2BEE-F103-4825-A5CB-68D44D820356}
2012-10-15 17:51:54 ——– d—–w- c:\users\gebruiker\appdata\local\{6F443094-4B7B-4482-94F7-58FE8ABA0CC2}
2012-10-15 05:07:10 ——– d—–w- c:\users\gebruiker\appdata\local\{F8D8FF58-5B4A-467C-885A-8B94E5DB8BCC}
2012-10-14 05:40:11 ——– d—–w- c:\users\gebruiker\appdata\local\{4151F1CB-F1D9-4161-BEF6-C5E1D39D83E9}
2012-10-13 16:51:48 ——– d—–w- c:\users\gebruiker\appdata\local\{604B6FAF-CFCE-4DB3-BF0C-5ABE5B67BB93}
2012-10-13 15:11:21 11270 –sha-w- c:\windows\system32\KGyGaAvL.sys
2012-10-13 08:16:47 ——– d—–w- c:\program files\DivX
2012-10-13 08:07:11 ——– d—–w- c:\program files\1Click DVD to Divx Avi
2012-10-13 04:35:32 ——– d—–w- c:\users\gebruiker\appdata\local\{116EB34F-3868-49AF-92B7-036558771792}
2012-10-12 05:35:46 ——– d—–w- c:\users\gebruiker\appdata\local\{F267EAC9-98A8-40BF-8709-A43C24A10CA5}
2012-10-11 18:05:14 ——– d—–w- c:\users\gebruiker\appdata\roaming\Elephant Games
2012-10-11 18:05:14 ——– d—–w- c:\programdata\Elephant Games
2012-10-11 16:42:12 ——– d—–w- c:\users\gebruiker\appdata\roaming\Specialbit
2012-10-11 07:12:35 ——– d—–w- c:\users\gebruiker\appdata\local\{55299659-2072-4324-95B5-9C97606D61F3}
2012-10-11 06:18:32 ——– d—–w- c:\program files\SUPERAntiSpyware
2012-10-10 18:08:58 ——– d—–w- c:\users\gebruiker\appdata\local\{87DF9B9D-DBF9-4828-9A4C-7686633DC167}
2012-10-10 17:32:04 ——– d—–w- c:\users\gebruiker\appdata\roaming\AnvSoft
2012-10-10 17:31:51 ——– d—–w- c:\program files\AnvSoft
2012-10-10 06:07:49 ——– d—–w- c:\users\gebruiker\appdata\local\{D09752DB-9231-4B5E-B129-E31E4AB296BF}
2012-10-10 04:54:24 172544 —-a-w- c:\windows\system32\wintrust.dll
2012-10-10 04:54:13 2048 —-a-w- c:\windows\system32\tzres.dll
2012-10-10 04:52:53 1211760 —-a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 04:52:50 542208 —-a-w- c:\windows\system32\kerberos.dll
2012-10-10 04:52:44 3968880 —-a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-10 04:52:44 3914096 —-a-w- c:\windows\system32\ntoskrnl.exe
2012-10-09 17:54:15 ——– d—–w- c:\users\gebruiker\appdata\local\{5F5EBB87-14EE-405F-ABD7-20B7A0345EC6}
2012-10-09 04:53:04 ——– d—–w- c:\users\gebruiker\appdata\local\{7E45F653-3D91-4CD8-8C24-4927BE27CCDA}
2012-10-08 04:52:37 ——– d—–w- c:\users\gebruiker\appdata\local\{64950967-5F61-4216-87BF-6284EB74A787}
2012-10-07 08:32:22 ——– d—–w- c:\users\gebruiker\appdata\roaming\iWin4
2012-10-07 08:32:22 ——– d—–w- c:\programdata\iWin4
2012-10-07 05:30:45 ——– d—–w- c:\users\gebruiker\appdata\local\{2BB8F73F-0699-419C-837E-BE86CCB44BBB}
2012-10-06 16:11:56 ——– d—–w- c:\users\gebruiker\appdata\roaming\DVD2AVI Ripper
2012-10-06 08:16:14 ——– d—–w- c:\users\gebruiker\appdata\roaming\Rumbic Studio
2012-10-06 07:55:56 ——– d—–w- c:\users\gebruiker\appdata\local\{FA244838-C597-4962-B319-4C5A0F8800CA}
2012-10-05 19:22:28 ——– d—–w- c:\users\gebruiker\appdata\local\{2879085E-960D-4D3B-AFAC-670721D715A3}
2012-10-05 13:28:33 ——– d—–w- c:\programdata\Playrix Entertainment
2012-10-05 06:51:11 ——– d—–w- c:\users\gebruiker\appdata\local\{E262BE00-6DCF-4366-A4A2-E45B1190AFF3}
2012-10-04 18:50:44 ——– d—–w- c:\users\gebruiker\appdata\local\{2790304A-15B2-4BA1-A1B3-CB5C1C7FA00C}
2012-10-04 18:06:07 ——– d—–w- c:\programdata\Alawar Stargaze
2012-10-04 17:02:08 ——– d—–w- c:\users\gebruiker\appdata\roaming\AlawarEntertainment
2012-10-04 05:46:46 ——– d—–w- c:\users\gebruiker\appdata\local\{EA138B00-A905-43AD-9850-59A972064808}
2012-10-03 17:59:45 ——– d—–w- c:\users\gebruiker\appdata\roaming\SMIGames
2012-10-03 06:56:47 ——– d—–w- c:\users\gebruiker\appdata\local\{4D36B61F-1DB3-4606-9F56-C246568E2FF6}
2012-10-02 18:44:21 ——– d—–w- c:\users\gebruiker\appdata\local\{D5689C8A-B79C-404F-AC69-9485F8ACBD1F}
2012-10-02 05:46:24 ——– d—–w- c:\users\gebruiker\appdata\local\{7745B4C5-2556-4FC7-827B-6D0541C20334}
2012-10-01 17:23:00 ——– d—–w- c:\users\gebruiker\appdata\local\{2600DD27-EB56-4718-BE53-46BAD45130F6}
2012-10-01 04:40:25 ——– d—–w- c:\users\gebruiker\appdata\local\{A1A5FE56-C510-4A7B-A180-4E89E64D845F}
.
==================== Find3M ====================
.
2012-10-27 12:44:02 821736 —-a-w- c:\windows\system32\npdeployJava1.dll
2012-10-27 12:44:02 746984 —-a-w- c:\windows\system32\deployJava1.dll
2012-10-25 16:10:09 73656 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-25 16:10:09 697272 —-a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-23 10:18:34 738504 —-a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-23 10:18:33 58680 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-23 10:17:48 41224 —-a-w- c:\windows\avastSS.scr
2012-10-15 16:59:28 44784 —-a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-09-29 22:53:20 68960 —-a-w- c:\windows\system32\SFAPO.dll
2012-09-29 17:54:26 22856 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 15:50:43 2424832 —-a-w- c:\windows\system32\d45ba.msi
2012-09-21 15:50:38 24141824 —-a-w- c:\windows\system32\d45be.msi
2012-09-21 08:21:09 46 —-a-w- c:\windows\DeleteOnReboot.bat
2012-09-21 07:48:15 102400 —-a-w- c:\windows\RegBootClean.exe
2012-09-19 10:10:58 31584 —-a-w- c:\windows\system32\TURegOpt.exe
2012-09-19 10:10:58 21344 —-a-w- c:\windows\system32\authuitu.dll
2012-08-24 06:59:17 1800704 —-a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 —-a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 —-a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 —-a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 —-a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 —-a-w- c:\windows\system32\mshtml.tlb
2012-08-23 16:06:47 3584 —-a-w- c:\windows\system32\drivers\nl-nl\tsusbflt.sys.mui
2012-08-23 14:48:14 221184 —-a-w- c:\windows\system32\rdpudd.dll
2012-08-23 14:44:32 14848 —-a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-08-23 14:40:25 49664 —-a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-08-23 14:10:40 12288 —-a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-08-23 14:10:04 13312 —-a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-08-23 13:52:25 12800 —-a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-08-23 13:47:20 46592 —-a-w- c:\windows\system32\MsRdpWebAccess.dll
2012-08-23 13:46:20 16896 —-a-w- c:\windows\system32\wksprtPS.dll
2012-08-23 13:32:59 32768 —-a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2012-08-23 13:18:14 37376 —-a-w- c:\windows\system32\tsgqec.dll
2012-08-23 11:40:43 56320 —-a-w- c:\windows\system32\TSWbPrxy.exe
2012-08-23 11:32:48 317440 —-a-w- c:\windows\system32\wksprt.exe
2012-08-23 11:15:57 269312 —-a-w- c:\windows\system32\aaclient.dll
2012-08-23 11:12:17 192000 —-a-w- c:\windows\system32\rdpendp_winip.dll
2012-08-23 10:39:24 1048064 —-a-w- c:\windows\system32\mstsc.exe
2012-08-23 10:08:49 2739712 —-a-w- c:\windows\system32\rdpcorets.dll
2012-08-23 08:19:01 4916224 —-a-w- c:\windows\system32\mstscax.dll
2012-08-22 17:16:54 1292144 —-a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16:46 712048 —-a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16:46 240496 —-a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16:36 187760 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 20:12:27 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 12:44:10 513696 —-a-w- c:\windows\system32\msxml.dll
2012-08-21 12:44:02 38560 —-a-w- c:\windows\system32\CleanMFT32.exe
2012-08-20 17:40:31 169984 —-a-w- c:\windows\system32\winsrv.dll
2012-08-20 17:40:01 293376 —-a-w- c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58 271360 —-a-w- c:\windows\system32\conhost.exe
2012-08-20 15:33:28 6144 —ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 —ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 —ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 —ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-02 16:57:20 490496 —-a-w- c:\windows\system32\d3d10level9.dll
2012-05-04 07:04:00 2174976 —-a-w- c:\program files\common files\atimpenc.dll
.
============= FINISH: 16:10:06,22 ===============
Hallo,
“zoek.exe” gebruiken
Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens gebruik soms als trojan aangezien.
(hier of hier) kan je lezen hoe je dat doet.
Download daarna zoek.exe naar het bureaublad.
Windows 2000 en Windows XP: start de tool middels dubbelklik op “zoek.exe”.
Windows Vista en Windows 7: start de tool middels rechtsklik op “zoek.exe” en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal er na een tijdje een venster geopend worden.
Zet een vinkje bij "Create System Restore Point".
Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)
Kopieer nu onderstaande Vet gedrukte en plak die in het grote invulvenster:
startupall;
filesrcm;
c:\users\gebruiker\appdata\roaming\Uqozke;fs
c:\users\gebruiker\appdata\roaming\Qoume;fs
c:\users\gebruiker\appdata\roaming\Specialbit;v
emptyclsid;
emptyjava;
emptyflash;
emptyiecache;
emptytemp;
Sluit nu eerst alle nog openstaande programmavensters!
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht en vertel hoe het nu gaat.
Gr.Ben
hallo ben
hier is het gevraagde logje
kun je mss vertellen wat er aan de hand is met mijn pc ?
gr harry
p.s ligt dit aan wise care pro ?
Zoek.exe Version 3.0.0.4 Updated 30-10-2012
Tool run by Gebruiker on di 30-10-2012 at 17:05:31,35.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
==== System Restore Info ======================
30-10-2012 17:07:00 Zoek.exe System Restore Point Created Succesfully.
==== Deleting Files \ Folders ======================
“c:\users\gebruiker\appdata\roaming\Uqozke” not found
“c:\users\gebruiker\appdata\roaming\Qoume” not found
==== Folders Found In c:\users\gebruiker\appdata\roaming\Specialbit ======================
2012-10-11 16:42:12 d—–w- c:\users\gebruiker\appdata\roaming\Specialbit\Haunted Hotel - Charles Dexter Ward
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
====== C:\Windows\system32 =====
2012-10-27 12:44:12 69E5F6102D8016CA487D35D565AA61F2 93672 —-a-w- C:\Windows\System32\WindowsAccessBridge.dll
2012-10-24 06:26:41 18C48414627F5F1C57A8C7CA815E75BD 12288 —-a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2012-10-24 06:26:35 D3A08BA0A5C9CA61A10A8EB81C176692 13312 —-a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2012-10-24 06:26:35 A86F5616EACB7155998011CEFFFB52F6 12800 —-a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2012-10-24 06:26:18 D3F64318307CEC05CBDE533D99976532 16896 —-a-w- C:\Windows\System32\wksprtPS.dll
2012-10-24 06:26:18 A9D4140B8B843D5719F7C3EED8C0F9FD 37376 —-a-w- C:\Windows\System32\tsgqec.dll
2012-10-24 06:26:17 E6446AB7A7E602CAFF51ACA3C68C1526 269312 —-a-w- C:\Windows\System32\aaclient.dll
2012-10-24 06:26:17 3F853160DEE5B71B9AD2F1BAF2B1E55B 46592 —-a-w- C:\Windows\System32\MsRdpWebAccess.dll
2012-10-24 06:26:17 321BE3A2C87206B0C85ECD4FA4EBBF54 56320 —-a-w- C:\Windows\System32\TSWbPrxy.exe
2012-10-24 06:26:17 235B7E30D5B48A3B769C00DA166F080B 32768 —-a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2012-10-24 06:26:16 C551B35F71CA76C88112966238821105 317440 —-a-w- C:\Windows\System32\wksprt.exe
2012-10-24 06:26:16 8999F18D38D55E34D356796507FFD639 192000 —-a-w- C:\Windows\System32\rdpendp_winip.dll
2012-10-24 06:26:16 3228AB5F8652EAABFF3C5FC7FD0F603A 221184 —-a-w- C:\Windows\System32\rdpudd.dll
2012-10-24 06:26:15 AC3598BD1101BBC4365994BAB093BB62 2739712 —-a-w- C:\Windows\System32\rdpcorets.dll
2012-10-24 06:26:15 40FF6C636380A87DE3A99F4E348BFDCB 1048064 —-a-w- C:\Windows\System32\mstsc.exe
2012-10-24 06:26:14 EF1689081813A60D4610FF429530BA36 4916224 —-a-w- C:\Windows\System32\mstscax.dll
2012-10-24 06:25:28 AF78F66116814FDD6677CEBD73035CDD 247808 —-a-w- C:\Windows\System32\schannel.dll
2012-10-24 06:25:26 859CFCE4A0F72916911BD9F6C6E84581 220160 —-a-w- C:\Windows\System32\ncrypt.dll
2012-10-24 06:25:26 444430C44727B5F22B4DC17284798EBD 1039360 —-a-w- C:\Windows\System32\lsasrv.dll
2012-10-21 12:44:54 4D328694BB516E46D2D184950D94433F 1700352 —-a-w- C:\Windows\System32\GdiPlus.dll
2012-10-21 12:44:53 5FEFD614BBD3FFA3712B172F70B1FDE2 24576 —-a-w- C:\Windows\System32\msxml3a.dll
2012-10-21 10:48:21 7C07C99BDC6AC4DD34D6D1097C904E6C 139264 —-a-w- C:\Windows\System32\NCTVideoFile.dll
2012-10-21 10:48:21 6122BFE25F47DFEE1A45EF0D70C3C082 2260992 —-a-w- C:\Windows\System32\NCTVideoCompress.dll
2012-10-21 10:48:21 521F1463E9733FD867E097727DD90177 261632 —-a-w- C:\Windows\System32\mcdvd_32.dll
2012-10-21 10:48:20 92D63816D8331EE271F8CDD6D30FB726 991232 —-a-w- C:\Windows\System32\NCTVideoCoreM.dll
2012-10-21 10:48:20 7BB88B1A615E4F3055D472ED95D66112 1245184 —-a-w- C:\Windows\System32\NCTRMFile.dll
2012-10-21 10:48:20 518C52832FE15F417AD52F86412F14D1 196608 —-a-w- C:\Windows\System32\NCTWMVFile.dll
2012-10-21 10:48:20 46973599ECDE688F18E64EAAA1B1D564 282624 —-a-w- C:\Windows\System32\NCTQuickTimeFile.dll
2012-10-21 10:48:20 466B1C31838781952F2FDD7373C3A645 106496 —-a-w- C:\Windows\System32\NCTVideoCoreU.dll
2012-10-21 10:48:19 A4745CC95DFF39454578DC2DC75AF22E 1986560 —-a-w- C:\Windows\System32\NCTAudioFile2.dll
2012-10-21 10:48:19 62F8F01D95B49B0B899A72FD27F47BB3 294912 —-a-w- C:\Windows\System32\NCTAVIFile.dll
2012-10-21 10:48:19 4DA3AEA535E3A081901400D1A452E342 2564096 —-a-w- C:\Windows\System32\NCTAudioCompress3.dll
2012-10-21 10:48:18 63014C2E9464DA33A439DABCF0B29BD1 194048 —-a-w- C:\Windows\System32\msvcr70.dll
2012-10-21 10:48:18 583D566784A83564268B01F2EBFDB4CA 332288 —-a-w- C:\Windows\System32\msvcp70.dll
2012-10-21 10:48:18 036A70BBBA6899CF3DA96243001F92AD 1810432 —-a-w- C:\Windows\System32\NCTAudioCompress2.dll
2012-10-21 10:48:17 DEB33608E1592828C2A4E109543EEAD5 126464 —-a-w- C:\Windows\System32\lame_enc.dll
====== C:\Windows\system32\drivers =====
2012-10-24 06:26:40 65375DF758CA1872AB7EBBBA457FD5E6 14848 —-a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2012-10-24 06:26:29 9CE253214ACAA5A7D323327D2055EFAA 49664 —-a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2012-10-24 06:25:27 5FE1ABF1AF591A3458C9CF24ED9A4D35 136560 —-a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-10-24 06:25:26 42F158036BD4C2FF3122BF142E60E6FD 369856 —-a-w- C:\Windows\System32\drivers\cng.sys
2012-10-10 04:52:53 0D87503986BB3DFED58E343FE39DDE13 1211760 —-a-w- C:\Windows\System32\drivers\ntfs.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2012-10-28 10:07:35 ——– d—–w- C:\Program Files\NZBEE
2012-10-27 12:38:39 ——– d—–w- C:\Program Files\Common Files\Adobe
2012-10-27 06:44:11 ——– d—–w- C:\Program Files\Joboshare
2012-10-21 12:45:31 ——– d—–w- C:\Program Files\Common Files\AVSMedia
2012-10-21 12:44:53 ——– d—–w- C:\Program Files\AVS4YOU
2012-10-21 11:09:26 ——– d—–w- C:\Program Files\Wise
2012-10-13 08:16:47 ——– d—–w- C:\Program Files\DivX
2012-10-13 08:07:11 ——– d—–w- C:\Program Files\1Click DVD to Divx Avi
2012-10-11 06:18:32 ——– d—–w- C:\Program Files\SUPERAntiSpyware
2012-10-10 17:31:51 ——– d—–w- C:\Program Files\AnvSoft
======= C: =====
2012-10-30 15:04:05 AE6570889DF94888A8BF5FFCF3E19E68 1998 —-a-w- C:\AdwCleaner.txt
2012-10-27 06:46:43 8298B04D2B919699ECBDCC4B2396C2AD 210 —-a-w- C:\test.txt
====== C:\Users\Gebruiker\AppData\Roaming ======
2012-10-30 15:59:40 ——– d—–w- C:\users\Gebruiker\AppData\Local\Temp
2012-10-28 10:47:11 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\NZBEE
2012-10-28 10:11:16 ——– d—–w- C:\users\Gebruiker\AppData\Local\Delicious_Beezzz
2012-10-28 10:08:08 ——– d—–w- C:\users\Gebruiker\AppData\Local\Geckofx
2012-10-23 17:06:04 ——– d—–w- C:\users\Gebruiker\AppData\Local\TricksAndTreats
2012-10-21 12:47:14 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\AVS4YOU
2012-10-21 11:09:47 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\Wise Care 365
2012-10-21 06:37:22 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\Kyimoc
2012-10-21 06:37:22 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\Hyow
2012-10-21 06:36:38 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\tor
2012-10-21 06:36:25 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\Zuadve
2012-10-21 06:36:25 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\Epzeic
2012-10-20 12:41:33 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\Kutawaves Games
2012-10-16 16:02:37 CF1BF0CEF07982C3C40C444A6C3DA7B7 156 —-a-w- C:\users\Gebruiker\AppData\Roaming\ff.xml
2012-10-11 18:05:14 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\Elephant Games
2012-10-11 16:42:12 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\Specialbit
2012-10-10 17:32:04 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\AnvSoft
2012-10-07 08:32:22 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\iWin4
2012-10-06 16:11:56 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\DVD2AVI Ripper
2012-10-06 08:16:14 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\Rumbic Studio
2012-10-04 17:02:08 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\AlawarEntertainment
2012-10-03 17:59:45 ——– d—–w- C:\users\Gebruiker\AppData\Roaming\SMIGames
====== C:\Users\Gebruiker ======
2012-10-21 12:44:53 ——– d—–w- C:\ProgramData\AVS4YOU
2012-10-13 05:44:00 4CCA9385012AA423FAECB363B630F46C 7780 —-a-w- C:\Users\Gebruiker\harry en ina.rar
2012-10-11 18:05:14 ——– d—–w- C:\ProgramData\Elephant Games
2012-10-07 08:32:22 ——– d—–w- C:\ProgramData\iWin4
2012-10-05 13:28:33 ——– d—–w- C:\ProgramData\Playrix Entertainment
2012-10-04 18:06:07 ——– d—–w- C:\ProgramData\Alawar Stargaze
====== C: exe-files ==
2012-10-30 15:03:01 536CD780316928CA40C9940D03DC9443 538941 —-a-w- C:\Users\Gebruiker\Desktop\adwcleaner.exe
2012-10-28 10:07:51 669D94CF5F018BAAE7322C6305567A38 1056654 —-a-w- C:\ProgramData\Caphyon\Advanced Installer\{CD36B9FA-95F1-41CC-B2B9-BB2C9E401685}\setup.exe
2012-10-27 06:44:16 67B9B18E254C0EA80EC2DB4F10607343 66266 —-a-w- C:\Program Files\Joboshare\AVI MPEG Converter\Uninstall.exe
2012-10-25 22:03:12 4F3862BDE0CDD57F4386E464F612B96A 250368 —-a-w- C:\Program Files\NZBEE\updater.exe
2012-10-25 21:45:08 BA740B54BAB8C570BAC0163EF6AEFBF7 2232320 —-a-w- C:\Program Files\NZBEE\NZBEE.exe
=== C: other files ==
2012-10-30 15:07:46 3DB03EF5A2CB506C27EE8D530204CB95 687724 ——r- C:\Users\Gebruiker\Desktop\dds.com
2012-10-27 12:44:12 69E5F6102D8016CA487D35D565AA61F2 93672 —-a-w- C:\Windows\System32\WindowsAccessBridge.dll
2012-10-27 06:38:30 647E06E4B77306444CE361C932CE9C81 6242172 —-a-w- C:\Users\Gebruiker\Desktop\players\Joboshare AVI MPEG Converter 2.8.7.0117.zip
2012-10-24 06:26:40 E951866BAC5A23403F62A349EDBB6EEB 24064 —-a-w- C:\Windows\System32\DriverStore\FileRepository\termmou.inf_x86_neutral_0e28c761f9ae155a\terminpt.sys
2012-10-24 06:26:40 E951866BAC5A23403F62A349EDBB6EEB 24064 —-a-w- C:\Windows\System32\DriverStore\FileRepository\termkbd.inf_x86_neutral_339f71420b21f4a1\terminpt.sys
2012-10-24 06:26:40 65375DF758CA1872AB7EBBBA457FD5E6 14848 —-a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2012-10-24 06:26:35 D3A08BA0A5C9CA61A10A8EB81C176692 13312 —-a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2012-10-24 06:26:35 A86F5616EACB7155998011CEFFFB52F6 12800 —-a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2012-10-24 06:26:30 57C527AF84748B5C2F5178C499C0B81F 27136 —-a-w- C:\Windows\System32\DriverStore\FileRepository\tsgenericusbdriver.inf_x86_neutral_93ae7b205b7d38be\TsUsbGD.sys
2012-10-24 06:26:29 9CE253214ACAA5A7D323327D2055EFAA 49664 —-a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2012-10-24 06:26:18 D3F64318307CEC05CBDE533D99976532 16896 —-a-w- C:\Windows\System32\wksprtPS.dll
2012-10-24 06:26:18 A9D4140B8B843D5719F7C3EED8C0F9FD 37376 —-a-w- C:\Windows\System32\tsgqec.dll
2012-10-24 06:26:17 E6446AB7A7E602CAFF51ACA3C68C1526 269312 —-a-w- C:\Windows\System32\aaclient.dll
2012-10-24 06:26:17 3F853160DEE5B71B9AD2F1BAF2B1E55B 46592 —-a-w- C:\Windows\System32\MsRdpWebAccess.dll
2012-10-24 06:26:17 235B7E30D5B48A3B769C00DA166F080B 32768 —-a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2012-10-24 06:26:16 8999F18D38D55E34D356796507FFD639 192000 —-a-w- C:\Windows\System32\rdpendp_winip.dll
2012-10-24 06:26:16 3228AB5F8652EAABFF3C5FC7FD0F603A 221184 —-a-w- C:\Windows\System32\rdpudd.dll
2012-10-24 06:26:15 AC3598BD1101BBC4365994BAB093BB62 2739712 —-a-w- C:\Windows\System32\rdpcorets.dll
2012-10-24 06:26:14 EF1689081813A60D4610FF429530BA36 4916224 —-a-w- C:\Windows\System32\mstscax.dll
2012-10-24 06:25:28 AF78F66116814FDD6677CEBD73035CDD 247808 —-a-w- C:\Windows\System32\schannel.dll
2012-10-24 06:25:27 5FE1ABF1AF591A3458C9CF24ED9A4D35 136560 —-a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-10-24 06:25:26 859CFCE4A0F72916911BD9F6C6E84581 220160 —-a-w- C:\Windows\System32\ncrypt.dll
2012-10-24 06:25:26 444430C44727B5F22B4DC17284798EBD 1039360 —-a-w- C:\Windows\System32\lsasrv.dll
2012-10-24 06:25:26 42F158036BD4C2FF3122BF142E60E6FD 369856 —-a-w- C:\Windows\System32\drivers\cng.sys
==== Startup Registry Enabled ======================
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“avast”=“C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui”
“Adobe ARM”=“C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“SunJavaUpdateSched”=“C:\Program Files\Common Files\Java\Java Update\jusched.exe”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
==== Startup Registry Disabled ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe ARM”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Advanced SystemCare 5”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files\\IObit\\Advanced SystemCare 5\\ASCTray.exe\“ /AutoStart”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“APSDaemon”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“BCSSync”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\“ /DelayServices”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“iTunesHelper”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\iTunes\\iTunesHelper.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“msnmsgr”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\“ /background”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“SSDMonitor”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Common Files\\PC Tools\\sMonitor\\SSDMonitor.exe”
“command”=“\”C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\“”
“hkey”=“HKLM”
“item”=“SunJavaUpdateSched”
“key”=“Software\\Microsoft\\Windows\\CurrentVersion\\Run”
“backup”=“C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup”
“backupExtension”=“.Startup”
“item”=“OpenOffice.org 3.3 ”
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverScanner.job –a—— C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Windows\tasks\RMAutoUpdate.job –a—— C:\Program Files\PC Tools\PC Tools Registry Mechanic\SULauncher.exe
==== Empty IE Cache ======================
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” deleted
Hallo,
We zijn aan het vechten met een Trojan.
Gaan we nog een keer;
“zoek.exe” gebruiken
Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens gebruik soms als trojan aangezien.
(hier of hier) kan je lezen hoe je dat doet.
Windows 2000 en Windows XP: start de tool middels dubbelklik op “zoek.exe”.
Windows Vista en Windows 7: start de tool middels rechtsklik op “zoek.exe” en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal er na een tijdje een venster geopend worden.
Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)
Kopieer nu onderstaande Vet gedrukte en plak die in het grote invulvenster:
c:\users\gebruiker\appdata\roaming\Kyimoc;fs
c:\users\gebruiker\appdata\roaming\Hyow;fs
c:\users\gebruiker\appdata\roaming\tor;fs
c:\users\gebruiker\appdata\roaming\Zuadve;fs
c:\users\gebruiker\appdata\roaming\Epzeic;fs
emptytemp;
Sluit nu eerst alle nog openstaande programmavensters!
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje.
Plaats hierna ook een nieuw DDS.txt logje.
Gr.Ben
Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.
