Ga naar inhoud

Bastiaan Tuenter

Lid
  • Items

    46
  • Registratiedatum

  • Laatst bezocht

Bastiaan Tuenter's prestaties

  1. Die kan ik niet meer vinden. Dus die had ie blijkbaar al verwijderd. Ik heb de CCleaner gebruikt en de computer zo nu schoon moeten zijn, denk ik. Tenzij je vermoed dat het niet helemaal klopt omdat Delfix vastliep.
  2. Mmm, Delfix wordt afgebroken. AutoIt Error Line 84 (File "C:/Users/Bastiaan Prasath/Desktop/delfic_10.7.exe"): Error: The requested action with this object has failed.
  3. [ATTACH]32037[/ATTACH] Ziet het er nog steeds goed uit? Er zijn wat bestanden verwijderd, maar ik heb geen idee of ik nodig heb, of juist niet. AdwCleaner[S0].txt
  4. [ATTACH]32006[/ATTACH] Voor zover ik kan overzien, in een paar minuten surfen met Chrome, is het probleem opgelost. Zoek-results.log
  5. Gedaan. Mag ik die log- en infofiles nu verwijderen? [ATTACH]31999[/ATTACH] log.txt
  6. Hallo, ik heb een virus in Google Chrome. Er verschijnen pop-ups in beeld, sommige woorden op internetpagina's zijn groen gekleurd, en als je erop gaat staan verschijnt er een pop-up, bij het doorklikken op pagina's worden er nieuwe tabbladen geopend met twijfelachtige websites, et cetera. Weet er iemand raad?
  7. Dat was zo gepiept. Hartelijk dank voor de tips en trucs. xD
  8. Problemen zijn opgelost, waarvoor dank, Kape. Nog een laatste vraag: enig idee waar de problemen vandaan kwamen? Was het misschien onzorgvuldig internetgebruik, of wellicht de verouderde AVG, misschien nog iets anders?
  9. Iets van de laatste paar dagen: als ik AVG open verschijnt er een fractie van een seconde deze popup in beeld. Welke opdracht geeft hij hier, wat houdt dat in, met die toolbar?
  10. EDIT: Kom ik later vandaag op terug. Negeer de invoegde afbeelding (weet zo eentweedrie niet hoe die te verwijderen) dat probleem is nu opgelost. PC Helpforum moderator bericht: Afbeelding verwijderd
  11. Zoek.exe Version 4.0.0.4 Updated 07-August-2013 Tool run by Joyce on wo 07-08-2013 at 23:04:50,63. Microsoft® Windows Vista™ Home Premium 6.0.6001 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Joyce\Desktop\zoek.exe [script inserted] [Checkboxes used] ==== System Restore Info ====================== 7-8-2013 23:07:25 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3579385244-515018979-1951838040-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "bProtectTabs"=- ==== Deleting Files \ Folders ====================== "C:\Users\Joyce\AppData\Local\newhb.crx" deleted "C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data" deleted "C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted "C:\Windows\system32\Tasks\EPUpdater" deleted "C:\END" deleted "C:\Users\Joyce\AppData\Roaming\Cilyw\lebi.okl" deleted "C:\Users\Joyce\AppData\Roaming\Piunt\ohim.kee" deleted "C:\Users\Joyce\AppData\Roaming\Cilyw" deleted "C:\Users\Joyce\AppData\Roaming\Piunt" deleted "C:\Users\Joyce\AppData\Roaming\Qyyqyt" deleted "C:\Program Files\Delta" deleted "C:\Program Files\WebCake" deleted "C:\Users\Joyce\AppData\Roaming\BabSolution" deleted "C:\Users\Joyce\AppData\Roaming\Babylon" deleted "C:\Users\Joyce\AppData\Roaming\Delta" deleted "C:\Users\Joyce\AppData\Roaming\DSite" deleted "C:\ProgramData\BrowserDefender" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Babylon" deleted "C:\Users\Joyce\AppData\LocalLow\boost_interprocess" deleted "C:\Users\Joyce\AppData\LocalLow\Delta" deleted "C:\Windows\System32\searchplugins" deleted "C:\Windows\System32\Extensions" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Joyce\AppData\Local\Temp ==== 2013-08-07 18:42:20 B2994EC6452DBD04E57828EEFEDFB93C 204800 ----a-w- C:\Users\Joyce\AppData\Local\Temp\RtkBtMnt.exe 2013-08-07 16:06:46 2F8F1D62382AD78ACEB22C4E22C5EC59 53248 ----a-w- C:\Users\Joyce\AppData\Local\Temp\catchme.dll ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-06 14:04:25 -------- d-----w- C:\Program Files\Trend Micro ======= C: ===== ====== C:\Users\Joyce\AppData\Roaming ====== 2013-08-07 16:09:40 -------- d-----w- C:\users\Public\AppData\Local\temp 2013-08-07 16:09:40 -------- d-----w- C:\users\Default\AppData\Local\temp 2013-08-07 16:09:40 -------- d-----w- C:\users\Default User\AppData\Local\temp 2013-08-07 14:22:02 -------- d-----w- C:\users\Joyce\AppData\Local\temp 2013-07-29 06:37:04 448D9152C0A9E4FA88F195E0907512FF 72 ----a-w- C:\users\Joyce\AppData\Roaming\WB.CFG ====== C:\Users\Joyce ====== 2013-08-07 14:22:02 -------- d-----w- C:\Users\Public\AppData 2013-08-06 12:02:02 580095795C1A2C182AD8D8A6D3C76323 31744 ----a-w- C:\Users\Joyce\StudiereisMallorcaHI001 - kopie (1).doc 2013-08-06 12:02:02 44E0FA9EF6FE41060E455422263FCABB 27136 ----a-w- C:\Users\Joyce\StudiereisMallorcaHI0203 - kopie (1).doc 2013-08-06 12:02:02 -------- d-----w- C:\Users\Joyce\Windesheim 2 - kopie (1) 2013-08-06 12:02:02 -------- d-----w- C:\Users\Joyce\.jordan - kopie (1) 2013-08-06 12:02:01 44345E4454A819614EADBF16831D40A4 113664 ----a-w- C:\Users\Joyce\2010-11-11 Volleybal comp - kopie (1).doc 2013-08-06 12:02:01 -------- d-----w- C:\Users\Joyce\Lukas - kopie (1) 2013-07-23 20:43:34 70882CDE49DC79AC842C8A614EEA9D1D 260974 ----a-w- C:\Users\Joyce\TVBPQMCI17IICI-013.pdf 2013-07-15 13:39:30 8DE9F588DFB1641F2C0EA05BD4B60605 218 ----a-w- C:\Users\Joyce\.recently-used.xbel ====== C: exe-files == 2013-08-07 18:42:20 B2994EC6452DBD04E57828EEFEDFB93C 204800 ----a-w- C:\Users\Joyce\AppData\Local\temp\RtkBtMnt.exe 2013-08-01 00:24:50 EB43F540338470C8FE4AAE8378780CAA 784224 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\28.0.1500.95\28.0.1500.95_28.0.1500.72_chrome_updater.exe === C: other files == 2013-08-07 15:26:10 D3639F211ED3D889F6DD12BEA15154A3 198990 ----a-w- C:\ProgramData\AVG10\IDS\quarantine\984dc5ea-ffff-ffff-8000-000000000000.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3579385244-515018979-1951838040-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Workrave"="C:\Program Files\Workrave\lib\workrave.exe" "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Facebook Update"="C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun"="C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" "Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe" "PLFSetI"="C:\Windows\PLFSetI.exe" "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "LManager"="C:\Program Files\Launch Manager\LManager.exe" "BackupManagerTray"="C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -k" "Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "EgisTecLiveUpdate"="C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe" "ArcadeDeluxeAgent"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "CLMLServer"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" "PlayMovie"="C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin" "AVG_TRAY"="C:\Program Files\AVG\AVG10\avgtray.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "vProt"="C:\Program Files\AVG Secure Search\vprot.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "B Register C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll"="C:\Windows\system32\rundll32.exe C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll,DllRegisterServer" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Workrave"="C:\Program Files\Workrave\lib\workrave.exe" "Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Facebook Update"="C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mwlDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mwlDaemon" "hkey"="HKLM" "command"="C:\\Program Files\\EgisTec\\MyWinLocker 3\\x86\\mwlDaemon.exe" ==== Startup Folders ====================== 2009-10-07 07:44:52 230 ---h--w- C:\users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BackupManager.list 2010-02-14 16:17:48 1154 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12-06-2013 13:48] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3579385244-515018979-1951838040-1000Core.job --a------ C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [28-03-2013 20:28] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3579385244-515018979-1951838040-1000UA.job --a------ C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [28-03-2013 20:28] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28-08-2012 12:49] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28-08-2012 12:49] C:\Windows\tasks\User_Feed_Synchronization-{9987F0E4-5C0B-4DDD-A19F-21996E709B33}.job --ah----- C:\Windows\system32\msfeedssync.exe [28-05-2011 06:32] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Joyce\AppData\Roaming\BabSolution\CR\Delta.crx[] fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files\WebCake\WebCakeLayers.crx[] jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files\AVG\AVG10\Chrome\safesearch.crx[09-09-2011 03:11] kcendgajlhoaiiccpijilcpmgphfflnj - C:\Users\Joyce\AppData\Local\newhb.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.4.0.5\avg.crx[30-07-2013 03:19] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[26-10-2011 13:10] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions kcendgajlhoaiiccpijilcpmgphfflnj - C:\Users\Joyce\AppData\Local\newhb.crx[] Google Docs - Joyce - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Joyce - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Joyce - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Joyce - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Delta Toolbar - Joyce - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Pinterest - Joyce - Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic AVG Safe Search - Joyce - Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla AVG Secure Search - Joyce - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof DivX Plus Web Player HTML5 \u003Cvideo\u003E - Joyce - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - Joyce - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kcendgajlhoaiiccpijilcpmgphfflnj_0.localstorage deleted successfully C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kcendgajlhoaiiccpijilcpmgphfflnj_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=1009&m=aspire_7535" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.delta-search.com/?babsrc=NT_ss&mntrId=F65E00265E494865&affID=119357&tsp=4923" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={821A5796-4341-4533-93EF-AF48E26DC32D}&mid=36f2b11be6e7aa06a8ea91d1b9031b39-52d024fde175d9a8363854e84b8748c19c8fad09〈=nl&ds=AVG&pr=fr&d=2011-12-13" {D0EC2C12-186B-46C5-8E78-412C95B0691D} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_nlNL348" ==== Reset Google Chrome ====================== C:\users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj deleted successfully ==== Empty IE Cache ====================== C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Joyce\AppData\Local\Temp successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on wo 07-08-2013 at 23:23:40,47 ======================
  12. ComboFix 13-08-07.01 - Joyce 07-08-2013 17:55:34.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.2814.1663 [GMT 2:00] Gestart vanuit: c:\users\Joyce\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Joyce\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Voorgaande Run ------- . c:\users\Joyce\AppData\Roaming\WebCake c:\users\Joyce\AppData\Roaming\WebCake\dat\Desktop.OS.dll c:\users\Joyce\AppData\Roaming\WebCake\dat\Dora.dat c:\users\Joyce\AppData\Roaming\WebCake\dat\Maintain.dat c:\users\Joyce\AppData\Roaming\WebCake\dat\Paladin.dat c:\users\Joyce\AppData\Roaming\WebCake\dat\Phoenix.dat c:\users\Joyce\AppData\Roaming\WebCake\PlugIns.cache c:\users\Joyce\AppData\Roaming\WebCake\WebCakeDesktop.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2013-07-07 to 2013-08-07 )))))))))))))))))))))))))))))) . . 2013-08-07 16:06 . 2013-08-07 16:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-08-07 14:22 . 2013-08-07 16:06 -------- d-----w- c:\users\Joyce\AppData\Local\temp 2013-08-06 14:04 . 2013-08-06 14:04 388096 ----a-r- c:\users\Joyce\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-08-06 14:04 . 2013-08-06 14:04 -------- d-----w- c:\program files\Trend Micro 2013-08-06 12:02 . 2013-08-06 12:02 -------- d-----w- c:\users\Joyce\Windesheim 2 - kopie (1) 2013-08-06 12:02 . 2013-08-06 12:02 -------- d-----w- c:\users\Joyce\.jordan - kopie (1) 2013-08-06 12:02 . 2013-08-06 12:02 -------- d-----w- c:\users\Joyce\Lukas - kopie (1) 2013-07-31 01:01 . 2013-07-31 01:08 -------- d-----w- c:\windows\system32\MRT 2013-07-13 10:11 . 2013-07-13 10:11 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-07-30 01:19 . 2012-11-09 15:00 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-07-13 10:11 . 2012-08-11 08:03 867240 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-07-13 10:11 . 2010-05-03 15:39 789416 ----a-w- c:\windows\system32\deployJava1.dll 2013-06-14 08:44 . 2011-08-29 14:21 2828 --sha-w- c:\programdata\KGyGaAvL.sys 2013-06-12 11:48 . 2012-04-15 09:38 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-06-12 11:48 . 2011-06-15 09:19 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2009-05-14 21:02 120104 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Workrave"="c:\program files\Workrave\lib\workrave.exe" [2009-10-25 3661312] "Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2010-06-26 526992] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-29 39408] "Facebook Update"="c:\users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-03-28 138096] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2008-10-24 237568] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-18 61440] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-11 6957600] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-03-11 1833504] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-02-24 204800] "LManager"="c:\program files\Launch Manager\LManager.exe" [2009-02-24 870920] "BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-04-11 249600] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-04-03 698912] "EgisTecLiveUpdate"="c:\program files\EgisTec Egis Software Update\EgisUpdate.exe" [2009-05-13 199464] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-01-20 156968] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-01-20 202024] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-12-26 173288] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-08-01 2345592] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-06-27 2236080] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] . c:\users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BackupManager.list [2009-10-7 230] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-2-14 110592] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon] 2009-05-14 21:03 345384 ----a-w- c:\program files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HsfXAudioService REG_MULTI_SZ HsfXAudioService . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-08-01 00:25 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 11:48] . 2013-08-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3579385244-515018979-1951838040-1000Core.job - c:\users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-28 18:28] . 2013-08-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3579385244-515018979-1951838040-1000UA.job - c:\users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-28 18:28] . 2013-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-08-28 10:49] . 2013-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-08-28 10:49] . 2013-08-07 c:\windows\Tasks\User_Feed_Synchronization-{9987F0E4-5C0B-4DDD-A19F-21996E709B33}.job - c:\windows\system32\msfeedssync.exe [2011-06-15 04:32] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.com/ mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=1009&m=aspire_7535 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-08-07 18:06 Windows 6.0.6001 Service Pack 1 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Voltooingstijd: 2013-08-07 18:09:38 ComboFix-quarantined-files.txt 2013-08-07 16:09 ComboFix2.txt 2013-08-07 14:21 . Pre-Run: 109.249.654.784 bytes beschikbaar Post-Run: 109.216.694.272 bytes beschikbaar . - - End Of File - - B840BE4B073D221EE9A8EFC7DFAC8481 BEEDF9B7F43A72A91456F7131AFC11B2 - - - Updated - - - Trouwens, de icoontjes op mijn bureaublad zijn in tussentijd soort van doorzichtig geworden... Ik zie alleen de namen van de bestanden nog, maar niet de afbeeldingen. Combofix liep de eerste poging overigens vast. Bij de tweede keer kon ik niet meer bij de AVG om te uitschakeling te verlengen
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.