Ga naar inhoud

problemen na verwijderen politievirus

jaksken
 Delen

Aanbevolen berichten

jaksken Verkenner

jaksken

Geplaatst:
Geplaatst:

Beste,

Na verwijderen van politievirus en terug opstarten van de PC verdwijnen mijn incoontjes op het brureaublad.

Is het mogelijk volgend logje eens na te zien?

alvast bedankt,

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:51:50, on 30/08/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\PROGRA~1\AVG\AVG2013\avgrsx.exe

C:\Program Files\AVG\AVG2013\avgcsrvx.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\AVG\AVG2013\avgidsagent.exe

C:\Program Files\AVG\AVG2013\avgwdsvc.exe

C:\WINDOWS\system32\cisvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\AVG\AVG2013\avgnsx.exe

C:\Program Files\AVG\AVG2013\avgemcx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\AVG\AVG2013\avgui.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Support.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [sDP] C:\Documents and Settings\Administrator\Local Settings\Application Data\FilesFrog Update Checker\update_checker.exe /auto

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User '?')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User '?')

O4 - HKUS\S-1-5-21-1606980848-1078145449-1417001333-500\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun (User '?')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User '?')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O4 - S-1-5-21-1606980848-1078145449-1417001333-500 Startup: muitjtyfrtncqqmlmlh.lnk = C:\WINDOWS\system32\rundll32.exe (User '?')

O4 - Startup: muitjtyfrtncqqmlmlh.lnk = C:\WINDOWS\system32\rundll32.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Samsung UPD Service - Samsung Electronics CO., LTD. - C:\WINDOWS\system32\SUPDSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--

End of file - 7567 bytes

Link naar reactie
Delen op andere sites
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
    

emptyclsid;
{00000000-6E41-4FD3-8538-502F5495E5FC};c
{D4027C7F-154A-4066-A1AD-4243D8127440};c
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"ApnUpdater"=-;r
shortcutfix;
firefoxlook; 
Chromelook; 
CHRdefaults;
autoclean; 
iedefaults; 
filesrcm;


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Link naar reactie
Delen op andere sites
jaksken Verkenner

jaksken

Geplaatst:
  • Auteur
Geplaatst:

Beste,

Hierbij het logje,

mvg

Zoek.exe Version 4.0.0.4 Updated 30-08-2013

Tool run by Administrator on za 31/08/2013 at 11:01:07,70.

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Administrator\Local Settings\Temp\wz122f\zoek.exe [script inserted]

==== System Restore Info ======================

Failed to create System Restore Point

==== Safe Boot Check ======================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]

Value AlternateShell is missing

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot]

Value AlternateShell is missing

==== Suspicious Entries Found ======================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"

"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"

"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"

"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"

"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"

"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"

"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"

"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"

"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"

"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Internet Explorer\SearchScopes\{9FAE1FB8-E71B-4242-8567-21D73E5B4169} deleted successfully

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ApnUpdater"=-

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]

"AlternateShell"="cmd.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot]

"AlternateShell"="cmd.exe"

==== Deleting Files \ Folders ======================

"C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml" deleted

"C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job" deleted

"C:\Documents and Settings\All Users\Application Data\036E18F82B17D9798162B5677B07D287\036E18F82B17D9798162B5677B07D287" deleted

"C:\Documents and Settings\All Users\Application Data\036E18F82B17D9798162B5677B07D287\036E18F82B17D9798162B5677B07D287.ico" deleted

"C:\Program Files\Ask.com\Updater\Updater.exe" deleted

"C:\Documents and Settings\All Users\Application Data\036E18F82B17D9798162B5677B07D287" deleted

"C:\Program Files\Ask.com" not deleted

"C:\Documents and Settings\Administrator\IECompatCache" deleted

"C:\Documents and Settings\All Users\Application Data\Ask" deleted

"C:\Documents and Settings\Administrator\Local Settings\Application Data\AskToolbar" deleted

"C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}" deleted

"C:\Program Files\Ask.com\Updater" not deleted

==== Files Recently Created / Modified ======================

Link naar reactie
Delen op andere sites
jaksken Verkenner

jaksken

Geplaatst:
  • Auteur
Geplaatst:

Tweede poging, hopelijk nu volledig.

grts

Zoek.exe Version 4.0.0.4 Updated 31-08-2013

Tool run by Administrator on zo 01/09/2013 at 14:51:02,65.

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Administrator\Bureaublad\zoek.com [Quick Scan] [Auto Clean]

==== Suspicious Entries Found ======================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"

"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"

"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"

"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"

"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"

"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"

"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"

"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"

"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"

"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"

"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\Documents and Settings\Administrator\IECompatCache" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp ====

====== C:\WINDOWS\system32 =====

2013-08-24 08:32:36 B04EDA6509FF1196F8F796D6B9377C4D 17139080 ----a-w- C:\WINDOWS\System32\FlashPlayerInstaller.exe

====== C:\WINDOWS\system32\drivers =====

2013-08-31 08:42:46 311C5A8D894563CD2712CD297A34FAFB 37664 ----a-w- C:\WINDOWS\System32\drivers\avgtpx86.sys

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-08-31 08:57:38 -------- d-----w- C:\Program Files\WinZip

2013-08-31 08:42:23 -------- d-----w- C:\Program Files\Common Files\AVG Secure Search

2013-08-31 08:42:18 -------- d-----w- C:\Program Files\AVG Secure Search

2013-08-30 10:42:22 -------- d-----w- C:\Program Files\SUPERAntiSpyware

======= C: =====

====== C:\Documents and Settings\Administrator\Application Data ======

2013-08-31 08:59:02 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\WinZip

2013-08-31 08:58:08 -------- d-----w- C:\Documents and Settings\All Users\Menu Start\Programma's\WinZip

2013-08-31 08:57:41 -------- d-----w- C:\Documents and Settings\All Users\Application Data\WinZip

2013-08-31 08:43:37 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG Secure Search

2013-08-31 08:43:02 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\AVG Secure Search

2013-08-31 08:42:25 -------- d-----w- C:\Documents and Settings\All Users\Application Data\AVG Secure Search

2013-08-30 11:24:41 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com

2013-08-30 10:42:33 -------- d-----w- C:\Documents and Settings\sonja\Application Data\SUPERAntiSpyware.com

2013-08-30 10:42:28 -------- d-----w- C:\Documents and Settings\All Users\Menu Start\Programs\SUPERAntiSpyware

2013-08-30 10:42:28 -------- d-----w- C:\Documents and Settings\All Users\Menu Start\Programs

2013-08-30 10:42:22 -------- d-----w- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2013-08-30 09:37:42 -------- d-----w- C:\Documents and Settings\sonja\Application Data\TuneUp Software

2013-08-30 08:54:51 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\FilesFrog Update Checker

====== C:\Documents and Settings\Administrator ======

2013-08-31 08:52:57 5EAA3CDD4010BE07B496F7B1428FE88E 424360 ----a-w- C:\Documents and Settings\Administrator\Bureaublad\WinZip175_multi.exe

2013-08-30 12:26:24 -------- d--h--r- C:\Documents and Settings\Administrator\Onlangs geopend

====== C: exe-files ==

2013-09-01 12:32:51 45A9FAC90CA8F263F6DB2EBDC4A9F002 641200 ----a-w- C:\Program Files\Common Files\AVG Secure Search\DriverInstaller\15.5.0\DriverInstaller.exe

2013-09-01 12:32:49 E962D9F3AF9C09DE15D3944D1B1278CC 2301616 ----a-w- C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\15.5.0\ScriptHelper.exe

2013-09-01 12:32:46 EB94A2C1F99E9E1634683B916F4EB1A2 1643184 ----a-w- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

2013-09-01 12:32:42 EB94A2C1F99E9E1634683B916F4EB1A2 1643184 ----a-w- C:\WINDOWS\Temp\avg_a02076\CommonFiles\AVG Secure Search\ToolbarUpdater.exe

2013-09-01 12:32:42 E962D9F3AF9C09DE15D3944D1B1278CC 2301616 ----a-w- C:\WINDOWS\Temp\avg_a02076\CommonFiles\AVG Secure Search\ScriptHelper.exe

2013-09-01 12:32:42 E25D3E9D7822C42EF7518EFEB2F3E275 147120 ----a-w- C:\WINDOWS\Temp\avg_a02076\CommonFiles\AVG Secure Search\DriverInstaller_64.exe

2013-09-01 12:32:42 B6FFA8C9B553336D4CE86514A54C408A 926384 ----a-w- C:\WINDOWS\Temp\avg_a02076\ProgFiles\AVG Secure Search\lip.exe

2013-09-01 12:32:42 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\WINDOWS\Temp\avg_a02076\ProgFiles\AVG Secure Search\Uninstall.exe

2013-09-01 12:32:42 491C1E48B638907B8FD8EF8B09AC084E 2314416 ----a-w- C:\WINDOWS\Temp\avg_a02076\ProgFiles\AVG Secure Search\vprot.exe

2013-09-01 12:32:42 45A9FAC90CA8F263F6DB2EBDC4A9F002 641200 ----a-w- C:\WINDOWS\Temp\avg_a02076\CommonFiles\AVG Secure Search\DriverInstaller.exe

2013-09-01 12:32:42 2C1B0965CB65797001053D8956F9CD54 2226864 ----a-w- C:\WINDOWS\Temp\avg_a02076\avg-secure-search-installer.exe

2013-09-01 12:32:42 178C1607D35988153A0E7CBB90C669FC 642224 ----a-w- C:\WINDOWS\Temp\avg_a02076\ProgFiles\AVG Secure Search\PostInstall.exe

2013-09-01 12:32:42 01A17E294876ECB573AD32530961F29B 573616 ----a-w- C:\WINDOWS\Temp\avg_a02076\ConfigFiles\MachineIdCreator.exe

2013-09-01 12:32:39 A8893D3F119C8143B2FC53F5CF21EE01 4547608 ----a-w- C:\WINDOWS\Temp\{E8343CD1-5E4D-4FF1-8502-48738007084B}.exe

2013-08-31 08:52:57 5EAA3CDD4010BE07B496F7B1428FE88E 424360 ----a-w- C:\Documents and Settings\Administrator\Bureaublad\WinZip175_multi.exe

2013-08-31 08:42:46 B387C48CDDB2CC5A9D0D9BBCCBFC50D8 640176 ----a-w- C:\Program Files\Common Files\AVG Secure Search\DriverInstaller\15.4.0\DriverInstaller.exe

2013-08-31 08:42:33 948909A99D9F9F5063128994B3B3D8B0 2267824 ----a-w- C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\15.4.0\ScriptHelper.exe

2013-08-31 08:42:24 8754BA5FCC85325C229ADCB72087706E 1616048 ----a-w- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe

2013-08-31 08:42:18 B6FFA8C9B553336D4CE86514A54C408A 926384 ----a-w- C:\Program Files\AVG Secure Search\lip.exe

2013-08-31 08:42:18 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\Program Files\AVG Secure Search\Uninstall.exe

2013-08-31 08:42:18 491C1E48B638907B8FD8EF8B09AC084E 2314416 ----a-w- C:\Program Files\AVG Secure Search\vprot.exe

2013-08-31 08:42:18 178C1607D35988153A0E7CBB90C669FC 642224 ----a-w- C:\Program Files\AVG Secure Search\PostInstall.exe

2013-08-30 10:44:49 592EDC5CC76B4B8CE2D9D9FB97E21B25 34513760 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\29.0.1547.62\29.0.1547.62_chrome_installer.exe

2013-08-30 08:16:16 9F96249A7823C7C2B9E0B6D46A77CAE6 15920 ----a-w- C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgrdtestx.exe

2013-08-30 08:16:16 7DDB04EFCA15BEE73286D67270894303 44080 ----a-w- C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avguirux.exe

2013-08-30 08:16:16 5A2F938939EAAD5B3328867D57F21ABE 7648648 ----a-w- C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgmfapx.exe

2013-08-30 08:16:14 E6FED737854FF6D1A4FB2486753CFEA2 278064 ----a-w- C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgrunasx.exe

2013-08-30 08:16:14 69D812B395637F8FCFEA7C7CC1660AE1 628272 ----a-w- C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgntdumpx.exe

2013-08-30 08:16:14 039C9A504E58A0B97C653BD237B200B0 16944 ----a-w- C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgrdtesta.exe

2013-08-29 11:05:46 D6E84508BBE50BBEEFAF02C865A96836 1070672 ----a-w- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_714BFB3B4B0991F6.exe

2013-08-29 11:05:24 42D0D34CAA293C83B4433A537DF13895 530912 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4413.1752\GoogleToolbarInstaller_updater_signed.exe

2013-08-28 19:27:20 ABD932A233B861AEE91E01C0665117EA 1260032 ----a-w- C:\RECYCLER\S-1-5-21-1606980848-1078145449-1417001333-500\Dc4.exe

=== C: other files ==

2013-09-01 12:49:34 D7B842F8E99848C71BEFB062B9B22070 3754639 ----a-w- C:\RECYCLER\S-1-5-21-1606980848-1078145449-1417001333-500\Dc2.zip

2013-09-01 12:32:42 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\WINDOWS\Temp\avg_a02076\CommonFiles\AVG Secure Search\avgtpx64.sys

2013-09-01 12:32:42 311C5A8D894563CD2712CD297A34FAFB 37664 ----a-w- C:\WINDOWS\Temp\avg_a02076\CommonFiles\AVG Secure Search\avgtpx86.sys

2013-09-01 12:32:41 8A196063A0F0305A8A05CCEC1AF746C3 257167 ----a-w- C:\WINDOWS\Temp\avg_a02076\ProgData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx

2013-09-01 12:32:41 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\WINDOWS\Temp\avg_a02076\ProgFiles\AVG Secure Search\data.zip

2013-08-31 08:42:46 311C5A8D894563CD2712CD297A34FAFB 37664 ----a-w- C:\WINDOWS\system32\drivers\avgtpx86.sys

2013-08-31 08:42:18 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Program Files\AVG Secure Search\data.zip

2013-08-31 08:31:11 72D58B0C0A1E97C82471B3BD8AB6A1BE 3754054 ----a-w- C:\RECYCLER\S-1-5-21-1606980848-1078145449-1417001333-500\Dc1.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-1005\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

[HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-1006\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

[HKEY_USERS\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"SDP"="C:\Documents and Settings\Administrator\Local Settings\Application Data\FilesFrog Update Checker\update_checker.exe /auto "

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe"

"Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"

"beidsccertprop"="C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe"

"vProt"="C:\Program Files\AVG Secure Search\vprot.exe"

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"

"Persistence"="C:\WINDOWS\system32\igfxpers.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"SDP"="C:\Documents and Settings\Administrator\Local Settings\Application Data\FilesFrog Update Checker\update_checker.exe /auto "

==== Startup Folders ======================

2013-08-29 10:47:28 873 ----a-w- C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\muitjtyfrtncqqmlmlh.lnk

2013-08-31 08:58:07 1713 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\WinZip Quick Pick.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24/08/2013 10:32]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04/03/2012 16:29]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [04/03/2012 16:29]

==== Chrome Look ======================

AVG Do Not Track - Administrator - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Google Docs - sonja - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - sonja - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - sonja - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - sonja - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Card number - sonja - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - sonja - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{8D05A321-7A90-468A-8ADE-DE6591161F12} Google Url="{searchTerms} - Google Search"

{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="Zoek"

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\liesbet\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\sonja\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\sonja\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Documents and Settings\sonja\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on zo 01/09/2013 at 15:01:39,34 ======================

Link naar reactie
Delen op andere sites
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Download de 51a46c3b17d42-HitmanPro-logo16px.png32 of 64 bit versie van HitmanPro naar het bureaublad.

Klik hier voor een uitgebreide handleiding van HitmanPro.

  • Dubbelklik op "HitmanPro.exe" en klik op "volgende"
  • Vink de optie "Ik accepteer de voorwaarden van de gebruikersovereenkomst aan" en klik op "Volgende"
  • Klik in het setup scherm nu nogmaals op "Volgende", nu zal automatisch de scan starten, doe verder niets op de computer totdat de scan gereed is.
  • Als de scan klaar is klik je op "volgende"
  • Activeer nu de gratis licentie, hiermee kunt u 30 dagen gratis HitmanPro gebruiken en de gevonden infecties verwijderen.
  • Note: indien u reeds eerder gebruik hebt gemaakt van de 30 dagen trial-versie van HitmanPro is het niet meer mogelijk om gratis de gevonden infecties te verwijderen.
  • Als het verwijderen gereed is klik je onderin het scherm op "Save log" of "Logbestand opslaan" en sla deze op bijvoorbeeld het bureaublad op.
    Post dit logje.
  • Klik nu op de knop "Herstarten".

Link naar reactie
Delen op andere sites
jaksken Verkenner

jaksken

Geplaatst:
  • Auteur
Geplaatst:

Juisterr,

Uiteindelijk gelukt!!!!!

hierbij het logje:

HitmanPro 3.7.7.205
[url="http://www.hitmanpro.com"]www.hitmanpro.com[/url]
  Computer name . . . . : JOHANDOUANEPC
  Windows . . . . . . . : 5.1.3.2600.X86/2
  User name . . . . . . : JOHANDOUANEPC\Administrator
  License . . . . . . . : Trial (30 days left)
  Scan date . . . . . . : 2013-09-01 21:02:21
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 4m 26s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : Yes
  Threats . . . . . . . : 19
  Traces  . . . . . . . : 260
  Objects scanned . . . : 364.257
  Files scanned . . . . : 11.533
  Remnants scanned  . . : 50.600 files / 302.124 keys
Malware _____________________________________________________________________
  C:\Documents and Settings\Administrator\Local Settings\Temp\jar_cache5174708565774612091.tmp -> Quarantined
     Size . . . . . . . : 17.651 bytes
     Age  . . . . . . . : 0.2 days (2013-09-01 15:08:57)
     Entropy  . . . . . : 7.9
     SHA-256  . . . . . : 7264C9D2C65711EBAA47C99B44A8B8199EA2A5280EA169508FA6D06B4BEF0DED
   > Kaspersky  . . . . : HEUR:Exploit.Java.CVE-2012-1723.gen
     Fuzzy  . . . . . . : 102.0
     Forensic Cluster
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\host\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\2\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\11\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\4\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\7\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\16\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\17\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\19\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\20\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\22\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\23\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\26\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\28\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\29\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\30\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\34\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\35\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\37\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\38\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\39\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\40\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\42\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\44\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\47\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\48\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\49\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\52\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\53\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\54\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\56\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\57\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\61\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\62\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\63\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\tmp\
        -1.0s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\muffin\
         0.0s C:\Documents and Settings\Administrator\Local Settings\Temp\jar_cache5174708565774612091.tmp
         0.3s C:\Documents and Settings\Administrator\Local Settings\Temp\pijkxupsbdnfplkpsfc.exe
         0.8s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\818db98-4809fd60.idx
         0.8s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\818db98-4809fd60
         0.8s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\lastAccessed
        12.9s C:\Documents and Settings\Administrator\Local Settings\Temp\cfspklpfndbspuxkjip.pad
        15.4s C:\Documents and Settings\Administrator\Local Settings\Temp\78657465w3ert.txt
        16.1s C:\Documents and Settings\Administrator\Local Settings\Temp\cfspklpfndbspuxkjip.js
  C:\Documents and Settings\Administrator\Local Settings\Temp\pijkxupsbdnfplkpsfc.exe -> PendingDelete
     Size . . . . . . . : 152.169 bytes
     Age  . . . . . . . : 0.2 days (2013-09-01 15:08:57)
     Entropy  . . . . . : 6.7
     SHA-256  . . . . . : 5B72660F8C26807F03DCBB124A5B3D4763FDC162968CC1AC1B51B551C9EADA21
     Product  . . . . . : Microsoft® .NET Framework
     Publisher  . . . . : Microsoft Corporation
     Description  . . . : MSBuild.exe
     Version  . . . . . : 3.5.30729.4926
     Copyright  . . . . : © Microsoft Corporation.  All rights reserved.
   > Kaspersky  . . . . : Trojan.Win32.Reveton.azb
     Fuzzy  . . . . . . : 110.0
     Startup
        C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\cfspklpfndbspuxkjip.lnk
     Forensic Cluster
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\0\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\host\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\2\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\11\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\3\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\4\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\5\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\6\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\7\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\8\
        -1.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\9\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\12\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\13\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\14\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\15\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\16\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\17\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\18\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\19\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\20\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\22\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\23\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\25\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\26\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\27\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\28\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\29\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\30\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\31\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\32\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\33\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\34\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\35\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\36\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\37\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\38\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\39\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\40\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\41\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\42\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\43\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\44\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\45\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\46\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\47\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\48\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\49\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\50\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\51\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\52\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\53\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\54\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\55\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\56\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\57\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\58\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\59\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\60\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\61\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\62\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\63\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\tmp\
        -1.3s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\muffin\
        -0.3s C:\Documents and Settings\Administrator\Local Settings\Temp\jar_cache5174708565774612091.tmp
         0.0s C:\Documents and Settings\Administrator\Local Settings\Temp\pijkxupsbdnfplkpsfc.exe
         0.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\818db98-4809fd60.idx
         0.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\24\818db98-4809fd60
         0.4s C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\lastAccessed
        12.6s C:\Documents and Settings\Administrator\Local Settings\Temp\cfspklpfndbspuxkjip.pad
        15.0s C:\Documents and Settings\Administrator\Local Settings\Temp\78657465w3ert.txt
        15.7s C:\Documents and Settings\Administrator\Local Settings\Temp\cfspklpfndbspuxkjip.js

Potential Unwanted Programs _________________________________________________
  C:\Documents and Settings\sonja\Local Settings\Application Data\AskToolbar\ (AskBar)
  C:\Documents and Settings\sonja\Local Settings\Application Data\AskToolbar\APNU\ (AskBar)
  C:\Documents and Settings\sonja\Local Settings\Application Data\AskToolbar\APNU\config.xml (AskBar)
  C:\Documents and Settings\sonja\Local Settings\Application Data\AskToolbar\cache.dat (AskBar)
  C:\Documents and Settings\sonja\Local Settings\Application Data\AskToolbar\config.xml (AskBar)
  C:\Documents and Settings\sonja\Local Settings\Application Data\AskToolbar\osearch.xml (AskBar)
  HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1\ (AskBar)
  HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\ (AskBar)
  HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9\ (AskBar)
  HKLM\SOFTWARE\Classes\s\ (Softonic)
  HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar)
  HKU\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Ask.com\ (AskBar)
  HKU\S-1-5-21-1606980848-1078145449-1417001333-500\Software\AskToolbar\ (AskBar)
  HKU\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
  HKU\S-1-5-21-1606980848-1078145449-1417001333-500\Software\Softonic\ (Softonic)
Cookies _____________________________________________________________________
  C:\Documents and Settings\Administrator\Cookies\FP8VOUR0.txt
  C:\Documents and Settings\Administrator\Cookies\UN7V3XSE.txt
  C:\Documents and Settings\Administrator\Cookies\ZR0T9NJ8.txt

grts

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.