Ga naar inhoud

problemen met internet


didierbank1

Aanbevolen berichten

Goedeavond,

Ik heb sinds enige tijd last van advertentie vensters die om de haverklap in mijn scherm verschijnen. Ook als ik een betaling doe via internet met mijn bank (rabobank) dan is het adres aan de onderkant een ander adres bijv. i.myshpjs.info of img1.superfish.com. Ik vertrouw dit niet helemaal, kunnen ze nu gewoon prive gegevens van mij achterhalen of mijn bankrek. nummer ? Kunnen jullie mij aub helpen met dit probleem. Ik gebruik iedere dag ccleaner en ongeveer 2x per week doe ik een scan met spyhunter en mailwarebites.

Mvg,

D. Bank

Link naar reactie
Delen op andere sites

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.


2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)


3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Link naar reactie
Delen op andere sites

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 19:37:48, on 20-8-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 23.0.1 (nl)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\AVAST Software\Avast\avastUI.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe

C:\Program Files\Thomson\TG122n\WlanCU.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Barbie\Mijn documenten\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = PC Helpforum - Gratis hulp bij computer problemen firefox/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\RunOnce: [symInstallStub] C:\WINDOWS\system32\Adobe\Shockwave 12\SymInstallStub.exe /partnerid=adobe /productlist=nss /staging=false /delay=5 /desktopshortcut=1 /startmenushortcut=1 /launchedby=3

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Device Doctor] C:\Program Files\Device Doctor\DDLauncher.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe

O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe

O24 - Desktop Component AutorunsDisabled: (no name) - (no file)

--

End of file - 7587 bytes

Link naar reactie
Delen op andere sites

Probeer dit eens.

Download 51a612a8b27e2-Zoek.pngzoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
    emptyclsid;
    firefoxlook; 
    Chromelook; 
    autoclean; 
    iedefaults; 
    


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Link naar reactie
Delen op andere sites

Hier is het logje van zoek.exe:

Zoek.exe Version 4.0.0.4 Updated 19-08-2013

Tool run by Barbie on wo 21-08-2013 at 13:53:10,46.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results06-06-2013-1902.log 288 bytes

C:\zoek-results06-06-2013-2123.log 47779 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\WINDOWS\wininit.ini" deleted

"C:\WINDOWS\system32\sasnative32.exe" deleted

"C:\Documents and Settings\All Users\Bureaublad\YTD Video Downloader.lnk" deleted

"C:\Documents and Settings\Barbie\Application Data\Systweak" deleted

"C:\Documents and Settings\All Users\Application Data\Systweak" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046

- Undetermined - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500

- Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

- DivX Plus Web Player HTML5 lt;videogt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

- MyShhOpper - %ProfilePath%\extensions\ui3c6qqp@ubnybast.edu.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Undetermined - %AppDir%\extensions\staged

- avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500

0C8597DBC74AAF5179471BA013E3C6B4 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update

AE7B288233C212C62CD544BF768C45E6 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll - Shockwave for Director / Shockwave for Director

ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25

D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17

F045DF7AF127DC4BCC53421850114E15 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In

3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player

B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in

AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®

7D28153B7D586330678AD522B71D89CB - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight

Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968

55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player

ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25

B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

fplhdcjmbpfkejbhngmlngaecbjmoimd - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx[25-02-2013 11:09]

nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[06-05-2013 10:12]

oejkcgajlodefenbbjdnaiahmbnnoole - C:\Program Files\adawaretb\chrome-newtab-search.crx[]

phegaokedjdajgnfphbnpkcfdgjbidko - C:\Documents and Settings\All Users\Application Data\adawaretb\toolbar\chrome\toolbar.crx[]

avast Ad Blocker - Barbie - Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd

DivX Plus Web Player HTML5 \u003Cvideo\u003E - Barbie - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm

==== Chrome Fix ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bodddioamolcibagionmmobehnbhiakf_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://mozilla firefox/"

"Search Bar"="http://www.bing.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://mozilla"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\phegaokedjdajgnfphbnpkcfdgjbidko deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\8gjesupv.default-1362239606375\Cache emptied successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Barbie\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on wo 21-08-2013 at 14:19:33,73 ======================

Mvg,

D. Bank

Link naar reactie
Delen op andere sites

Nogmaals zoek.exe gebruiken.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
    MyShhOpper;firefoxlook;
    filesrcm;
    autoclean;  
    


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Vertel even hoe het nu gaat?

aangepast door juisterr
Link naar reactie
Delen op andere sites

Goedeavond,

Dit is het 2e logje van zoek exe, het heeft even geduurd voor het logje tevoorschijn kwam. Ik moet nog even uitzoeken hoe het nu gaat met die advertenties die in het scherm verschijnen. Ik heb nog een scan met spyhunter gedaan, die heeft 20 popups gevonden met de naam pup.optimizer pro. Ook heb ik nog een scan gedaan met avast die had 10 virussen gevonden, die heb ik vervolgens verwijderd.

Zoek.exe Version 4.0.0.4 Updated 19-08-2013

Tool run by Barbie on wo 21-08-2013 at 23:06:17,34.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results06-06-2013-1902.log 288 bytes

C:\zoek-results06-06-2013-2123.log 47779 bytes

C:\zoek-results21-08-2013-1419.log 9633 bytes

C:\zoek-results21-08-2013-2254.log 4919 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2013-07-22 22:29:16 0695A61E6DFBD19DD51260FFD345E21B 31962 ------w- C:\WINDOWS\SchedLgU.Txt

====== C:\DOCUME~1\Barbie\LOCALS~1\Temp ====

====== C:\WINDOWS\system32 =====

====== C:\WINDOWS\system32\drivers =====

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

======= C: =====

2013-08-19 16:32:53 5B6482827F5701245504B7793F1DC6A0 4015 ----a-w- C:\AdwCleaner[s21].txt

2013-08-19 16:32:05 55042AE6B64790DFDC6B3C0559CA1DA1 3947 ----a-w- C:\AdwCleaner[R40].txt

2013-08-17 16:01:00 BDBE6B5CC4BB347A95ACA948D6B9A3A6 3891 ----a-w- C:\AdwCleaner[s20].txt

2013-08-17 16:00:29 A15F256E46503A879C6BC00A0CD46FE2 3823 ----a-w- C:\AdwCleaner[R39].txt

2013-07-25 13:32:03 F8E7B2D3E0BB2BAB37C938763DF6AEF2 3769 ----a-w- C:\AdwCleaner[s19].txt

2013-07-25 13:31:28 3B2776C929A5EF2E1483AB5609721A9B 3701 ----a-w- C:\AdwCleaner[R38].txt

2013-07-22 22:27:36 AE60EB4AE945842E62A5D742FC027063 7626 ----a-w- C:\AdwCleaner[s18].txt

2013-07-22 22:25:43 BDE0C80566F2FB6ABC292AB9EA8ED173 6843 ----a-w- C:\AdwCleaner[R37].txt

====== C:\Documents and Settings\Barbie\Application Data ======

====== C:\Documents and Settings\Barbie ======

2013-08-21 21:09:02 -------- d--h--r- C:\Documents and Settings\Barbie\Onlangs geopend

2013-08-17 16:16:13 6E091D5203BF903753BA8F97808AD41D 265642960 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\Norman_Malware_Cleaner(3).exe

2013-08-16 21:42:20 -------- d-sh--w- C:\Documents and Settings\Default User\Cookies

====== C: exe-files ==

2013-08-21 18:51:42 40DEF02230A41816EE1C185D608BC0F8 6655320 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LFH0PIW7\ProtectorPackage1008[1].exe

2013-08-21 12:39:30 027AEA2BA97E11D8A3891A1944228867 316696 ----a-w- C:\Program Files\Reimage\Reimage Repair\ProtectorUpdater.exe

2013-08-21 12:39:28 2918AB3B509B3F850409C73DB7FC1ECB 5701976 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReiScanner.exe

2013-08-21 12:39:10 2CA40CF9B6BCF46A8CF93C584374DDA6 3494760 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe

2013-08-21 12:36:46 9F596AB062CD2DA58C6BCB1FDF31C4D3 3419488 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe

2013-08-21 12:36:24 5DB100CAF205E6171ECD520470FD9145 479704 ----a-w- C:\Program Files\Reimage\Reimage Repair\CDB.exe

2013-08-20 17:41:41 987ACB0AFD858F43FE837A7D4FBA1A89 711232 ----a-w- C:\Program Files\Smart File Advisor\unins000.exe

2013-08-20 16:28:21 864892D1791A33E066F1D6A61D0A3FED 7876512 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Shockwave_Installer_Slim(4).exe

2013-08-20 16:27:28 864892D1791A33E066F1D6A61D0A3FED 7876512 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Shockwave_Installer_Slim(3).exe

2013-08-17 16:16:13 6E091D5203BF903753BA8F97808AD41D 265642960 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\Norman_Malware_Cleaner(3).exe

2013-08-16 22:03:39 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2862772-IE8\spuninst\spuninst.exe

2013-08-16 22:03:32 D9981DC283F5AFC2D3E9C323257A7828 174592 -c----w- C:\WINDOWS\ie8updates\KB2862772-IE8\ie4uinit.exe

2013-08-16 12:51:13 EB43F540338470C8FE4AAE8378780CAA 784224 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\28.0.1500.95\28.0.1500.95_28.0.1500.72_chrome_updater.exe

=== C: other files ==

2013-08-21 18:54:34 AC136B36AA92CE0FAA6D79E6ABBA1F4B 324 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\6452nsh92\FF.bat

2013-08-21 18:54:07 44CFA7B56F77EDE1AE27CC77F15A229E 324 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\7788nse8D\FF.bat

2013-08-21 18:53:37 1D751EC8AAB1B8287A14C5D799CCC659 324 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\6768nsi88\FF.bat

2013-08-21 18:52:45 588E1CC8EAD36CE4F0C2F062C1C39248 324 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\5712nsd83\FF.bat

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046

- Undetermined - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500

- Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

- DivX Plus Web Player HTML5 lt;videogt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5

- MyShhOpper - %ProfilePath%\extensions\ui3c6qqp@ubnybast.edu.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Undetermined - %AppDir%\extensions\staged

- avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500

0C8597DBC74AAF5179471BA013E3C6B4 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update

AE7B288233C212C62CD544BF768C45E6 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll - Shockwave for Director / Shockwave for Director

ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25

D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17

F045DF7AF127DC4BCC53421850114E15 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In

3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player

B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in

AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®

7D28153B7D586330678AD522B71D89CB - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight

Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968

55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player

ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25

B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

==== Deleting Files \ Folders ======================

"C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500\extensions\ui3c6qqp@ubnybast.edu.xpi" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

fplhdcjmbpfkejbhngmlngaecbjmoimd - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx[25-02-2013 11:09]

nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[06-05-2013 10:12]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://mozilla firefox/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://mozilla"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Documents and Settings\Barbie\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\8gjesupv.default-1362239606375\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Barbie\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on wo 21-08-2013 at 23:25:15,28 ======================

Met vriendelijke groet,

D. Bank

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.