Ga naar inhoud

ACMON error


Aanbevolen berichten

Dit is prima verlopen wat de ingevoerde tekst betreft, maar het was inderdaad de bedoeling dat je ook de aangeduide (vette) opdrachten via de Opties liet uitvoeren. Geen probleem echter, start zoek.exe opnieuw op en kies nu de aangeduide items. Daarna graag het nieuwe logje van zoek.exe in een volgend bericht.

Link naar reactie
Delen op andere sites

Ik heb maar een heel nieuwe en nu complete log gemaakt:

Zoek.exe Version 4.0.0.4 Updated 07-September-2013

Tool run by henk on di 10-09-2013 at 21:11:13,51.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\henk\Desktop\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results10-09-2013-1956.log 22401 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE}]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

""=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\Common Files\Spigot" not found

"C:\ProgramData\Babylon" not found

"C:\Program Files (x86)\Secure Speed Dial" not found

"C:\Users\henk\AppData\Roaming\Xaef" not found

"C:\Users\henk\AppData\Roaming\Ufy" not found

"C:\Program Files (x86)\Application Updater" not found

"C:\Program Files (x86)\IObit Apps Toolbar" not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\henk\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-09-08 18:19:11 C7701820DCF4F795A5D740725872CEFE 431392 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT

====== C:\Windows\Sysnative\drivers =====

2013-09-09 17:31:15 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-08-14 09:15:37 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

2013-08-14 09:15:36 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

====== C:\Windows\Tasks ======

2013-09-08 19:15:46 F495850C896BC145F7041A83B4893F49 3068 ----a-w- C:\Windows\Sysnative\Tasks\ACMON

2013-09-01 17:48:15 E2B4AA4CBDA4758B7595B7BD6794FF23 2864 ----a-w- C:\Windows\Sysnative\Tasks\Net4Switch

2013-08-27 13:53:13 0AC2B7A3440881793D24EAC7E1DD04A2 3164 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefrag_Startup

2013-08-27 13:53:11 6166E64D35B5B42A2DFCD2EEFF046AFA 3162 ----a-w- C:\Windows\Sysnative\Tasks\SmartDefragUpdate

2013-08-18 09:37:37 0A3516E1FC2567FF9DF271AC51822616 3102 ----a-w- C:\Windows\Sysnative\Tasks\P4G Sidebar

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-09-09 10:03:57 -------- d-----w- C:\Program Files\trend micro

======= C:\Program Files (x86) =====

2013-08-26 12:36:14 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2013-08-25 16:25:24 -------- d-----w- C:\Program Files (x86)\HD Tune Pro

======= C: =====

====== C:\Users\henk\AppData\Roaming ======

2013-09-10 17:35:34 -------- d-----w- C:\users\henk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-09-08 18:43:53 9D7A5625948F6A885FC8D00B212A34B0 114592 ----a-w- C:\users\henk\AppData\Local\GDIPFONTCACHEV1.DAT

2013-09-01 17:39:02 -------- d-----w- C:\users\henk\AppData\Roaming\InstallShield

2013-08-25 16:25:35 -------- d-----w- C:\users\henk\AppData\Roaming\HD Tune Pro

2013-08-21 09:10:02 -------- d-----w- C:\users\henk\AppData\Locallow\SecurePlugin

2013-08-21 08:32:36 -------- d-----w- C:\users\Default\AppData\Local\Trusteer

2013-08-21 08:32:36 -------- d-----w- C:\users\Default User\AppData\Local\Trusteer

2013-08-13 17:55:51 -------- d-----w- C:\users\henk\AppData\Locallow\Search Settings

====== C:\Users\henk ======

2013-09-10 17:35:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-09-10 17:35:05 629709F88C305A79E3237DA1EEB5E557 1993392 ----a-w- C:\Users\henk\Desktop\winrar-x64-500.exe

2013-09-08 15:57:51 965E12AE21006B7C91AC610846B517F3 178744 ----a-w- C:\Users\henk\Desktop\Setup.exe

2013-09-03 11:54:17 B696ACECF7BC2CBCB94818AB6A9C4CC8 17920 --sha-w- C:\Users\henk\Thumbs.db

2013-09-02 15:49:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS

2013-08-25 16:25:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro

2013-08-23 09:12:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging

====== C: exe-files ==

2013-09-10 17:35:16 B6853F4C5ABB205A5625B5963AB36F4F 148432 ----a-w- C:\Program Files\WinRAR\Uninstall.exe

2013-09-10 17:35:16 96FF9CF1EC6D83F8FA34522DB513E315 61528 ----a-w- C:\Program Files\WinRAR\Formats\ace32loader.exe

2013-09-10 17:35:16 8786ECC53D903A898FB78B08111B60A8 1342416 ----a-w- C:\Program Files\WinRAR\WinRAR.exe

2013-09-10 17:35:16 760F843B7CE6C20A2E4561F1B312BF4B 520656 ----a-w- C:\Program Files\WinRAR\Rar.exe

2013-09-10 17:35:16 217F6C850E316EE825222F6288B9AB19 328656 ----a-w- C:\Program Files\WinRAR\UnRAR.exe

2013-09-10 17:35:05 629709F88C305A79E3237DA1EEB5E557 1993392 ----a-w- C:\Users\henk\Desktop\winrar-x64-500.exe

2013-09-10 17:33:58 B73BCFC804F1A675F4219301D31A47F4 392024 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8ZC1JS\SoftonicDownloader_voor_winrar.exe

2013-09-10 13:24:29 703799A10C4FE0665586AFE789674DEF 4248736 ----a-w- C:\Windows\Temp\IObitAppsToolbar.exe

2013-09-10 11:20:54 035FF4EA7CA660BBEC2C1794DCBA5B80 102 ----a-w- C:\ProgramData\BOINC\slots\0\minirosetta_3.46_windows_x86_64.exe

2013-09-10 10:39:26 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2\RSITx64.exe

2013-09-09 17:30:27 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2\mbam-setup-1.75.0.1300.exe

2013-09-09 10:03:58 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\henk.exe

2013-09-08 19:04:19 035FF4EA7CA660BBEC2C1794DCBA5B80 102 ----a-w- C:\ProgramData\BOINC\slots\1\minirosetta_3.46_windows_x86_64.exe

2013-09-08 15:57:51 965E12AE21006B7C91AC610846B517F3 178744 ----a-w- C:\Users\henk\Desktop\Setup.exe

=== C: other files ==

2013-09-10 19:03:18 90A594537C3731C9A3AB3B540868B60B 346 ----a-w- C:\Users\henk\AppData\Local\Temp\drives.vbs

2013-09-10 17:23:09 9C3C14EC293C541346D965FDEFF11F21 4377979 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\2013_9_9_mini_x015_folding.zip

2013-09-10 17:22:53 22CCAA7322D22DA5A0663ABECF0A7C2F 6098833 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\IND43_t000___procko_09_03.zip

2013-09-10 17:22:53 1A54CDFD7BDE2A4D7FC57B8899ADFF16 10441794 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\tj_9_9_gradius_30.0_rise_15.0_omega_1.2_21mer_1_vor.rdg5_10.pdb_fold_data.zip

2013-09-10 11:20:54 0A2C5322EA46965A7EC67B3DA4B06DC3 100 ----a-w- C:\ProgramData\BOINC\slots\0\minirosetta_database.zip

2013-09-09 17:31:15 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-09-08 19:11:39 FD8983ABB68848D155C950015AEBF557 15213659 ----a-w- C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2\Splendid_K70IJ_1020028.zip

2013-09-08 19:04:20 0A2C5322EA46965A7EC67B3DA4B06DC3 100 ----a-w- C:\ProgramData\BOINC\slots\1\minirosetta_database.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min"

"Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"BCU"="C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Malwarebytes Anti-Malware"="C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min"

"Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Persistence"="C:\Windows\system32\igfxpers.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"boinctray"="C:\Program Files\BOINC\boinctray.exe"

"boincmgr"="C:\Program Files\BOINC\boincmgr.exe /a /s"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"hkey"="HKLM"

"item"="Adobe Reader Speed Launcher"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray]

"command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe"

"hkey"="HKLM"

"item"="ADSMTray"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Camera ScreenSaver]

"command"="C:\\Windows\\AsScrProlog.exe"

"hkey"="HKLM"

"item"="ASUS Camera ScreenSaver"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]

"command"="C:\\Windows\\AsScrPro.exe"

"hkey"="HKLM"

"item"="ASUS Screen Saver Protector"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]

"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""

"hkey"="HKLM"

"item"="CLMLServer"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"SearchSettings"="\"C:\\Program Files (x86)\\Common Files\\Spigot\\Search Settings\\SearchSettings.exe\""

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\(default)]

"command"=""

"hkey"="HKLM"

"item"="(default)"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"hkey"="HKLM"

"item"="Adobe Reader Speed Launcher"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AmIcoSinglun64"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCU]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BCU"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\DeviceVM\\Browser Configuration Utility\\BCU.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDWare]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ETDWare"

"hkey"="HKLM"

"command"="C:\\Program Files\\Elantech\\ETDCtrl.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IObit Malware Fighter]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IObit Malware Fighter"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMF.exe\" /autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vProt]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="vProt"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\AVG Secure Search\\vprot.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IMFservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\vToolbarUpdater12.2.6]

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [27-07-2013 13:57]

C:\Windows\tasks\GlaryInitialize 3.job --a------ C:\Program Files (x86)\Glary Utilities 3\Initialize.exe [20-08-2013 11:19]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ :C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ :C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197950391-4282120674-3398511618-1000Core.job --a------ C:\Users\henk\AppData\Local\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4197950391-4282120674-3398511618-1000UA.job --a------ [undetermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0

- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

- Undetermined - %ProfilePath%\extensions\OneClickDownload@OneClickDownload.com

- AccelerateTab - %ProfilePath%\extensions\speeddial@instair.net

- FreeHDSport.TV - %ProfilePath%\extensions\freehdsport@freehdsport.tv.xpi

- Torntv - %ProfilePath%\extensions\torntv@torntv.com.xpi

ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

- AccelerateTab - %ProfilePath%\extensions\speeddial@instair.net

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Babylon - %AppDir%\extensions\ffxtlbr@babylon.com

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx[]

icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx[]

mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[]

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx[26-08-2013 22:00]

nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx[22-04-2013 19:02]

pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[]

Softonic Chrome Toolbar - henk - default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf

AccelerateTab - henk - default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg

AVG Secure Search - henk - default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

==== EOF on di 10-09-2013 at 21:20:11,57 ======================

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\users\henk\AppData\Locallow\Search Settings;fs
 C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8ZC1JS\SoftonicDownloader_voor_winrar.exe;f
 C:\Windows\Temp\IObitAppsToolbar.exe;f
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-];r64
 "SearchSettings"=-;r64
 C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownload@OneClickDownload.com;fs
 C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\speeddial@instair.net;fs
 C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\freehdsport@freehdsport.tv.xpi;f
 Torntv;ff
 AccelerateTab;ff
 Babylon;ff
 hbcennhacfaagdopikcegfcobcadeocj ;chr
 icdlfehblmklkikfigmjhbmmpmkmpooj;chr
 mhkaekfpcppmmioggniknbnbdbcigpkk;chr
 pfndaklgolladniicklehhancnlgocpp;chr
 elchiiiejkobdbblfejjkbphbddgmljf;chr
 glmfgahfleepmdfffonfckpmkondpdkg;chr
 autoclean;

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Hierbij de inhoud van de log. mijn computer start in ieder geval weer normaal op en ik ben benieuwd wat de oorzaak is geweest. In ieder geval heel hartelijk bedankt voor de hulp.

==== Older Logs ======================

C:\zoek-results10-09-2013-1956.log 22401 bytes

C:\zoek-results10-09-2013-2120.log 17342 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A2B28CBC-5F60-4b66-9D90-6B7C93911D79} deleted successfully

HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C6BE1149-B011-4900-B983-37EADED09F1B} deleted successfully

HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0

user.js not found

---- Lines Torntv removed from prefs.js ----

---- Lines Torntv modified from prefs.js ----

---- Lines AccelerateTab removed from prefs.js ----

---- Lines AccelerateTab modified from prefs.js ----

---- Lines Babylon removed from prefs.js ----

---- Lines Babylon modified from prefs.js ----

---- Lines yahoo removed from prefs.js ----

user_pref("browser.search.defaultenginename", "Yahoo");

user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&ilc=12&type=800236");

user_pref("browser.search.selectedEngine", "Yahoo");

user_pref("keyword.URL", "Yahoo! Search - Web Search=");

---- Lines yahoo modified from prefs.js ----

---- Lines freehdsp removed from prefs.js ----

---- Lines freehdsp modified from prefs.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_11-09-2013_1119_.backup

ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found

---- Lines Torntv removed from prefs.js ----

---- Lines Torntv modified from prefs.js ----

---- Lines AccelerateTab removed from prefs.js ----

---- Lines AccelerateTab modified from prefs.js ----

---- Lines Babylon removed from prefs.js ----

---- Lines Babylon modified from prefs.js ----

---- Lines yahoo removed from prefs.js ----

user_pref("browser.search.defaultenginename", "Yahoo");

user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&ilc=12&type=800236");

user_pref("browser.search.selectedEngine", "Yahoo");

user_pref("keyword.URL", "Yahoo! Search - Web Search=");

---- Lines yahoo modified from prefs.js ----

---- Lines freehdsp removed from prefs.js ----

---- Lines freehdsp modified from prefs.js ----

---- Lines OneClickDownload removed from prefs.js ----

---- Lines OneClickDownload modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_11-09-2013_1119_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"SearchSettings"=-

==== Deleting Files \ Folders ======================

"C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8ZC1JS\SoftonicDownloader_voor_winrar.exe" deleted

"C:\Windows\Temp\IObitAppsToolbar.exe" deleted

"C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\freehdsport@freehdsport.tv.xpi" deleted

"C:\user.js" deleted

"C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi" deleted

"C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\yahoo.xml" deleted

"C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\freehdsport@freehdsport.tv.xpi" deleted

"C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\yahoo.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\user.js" deleted

"C:\search.sqlite" deleted

"C:\Windows\SysNative\roboot64.exe" deleted

"C:\Users\Public\dcmsvcsetup.exe" deleted

"C:\Users\Public\invokesi.exe" deleted

"C:\user.js" deleted

"C:\prefs.js" deleted

"C:\Users\henk\AppData\Roaming\Tiig\yrwa.obu" deleted

"C:\Users\henk\AppData\Roaming\Mikaky\tyiq.haf" deleted

"C:\Users\henk\AppData\Roaming\Tiig" deleted

"C:\Users\henk\AppData\Roaming\Emaki" deleted

"C:\Users\henk\AppData\Roaming\Mikaky" deleted

"C:\Users\henk\AppData\Roaming\GrabPro" deleted

"C:\users\henk\AppData\Locallow\Search Settings" deleted

"C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownload@OneClickDownload.com" deleted

"C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\speeddial@instair.net" deleted

"C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted

"C:\Program Files (x86)\SpeedyPC Software" deleted

"C:\Program Files (x86)\1ClickDownload" deleted

"C:\Program Files (x86)\vShare.tv plugin" deleted

"C:\Program Files (x86)\Perion" deleted

"C:\Program Files (x86)\Conduit" deleted

"C:\Program Files (x86)\Common Files\SpeedyPC Software" deleted

"C:\found.000" deleted

"C:\found.001" deleted

"C:\found.002" deleted

"C:\Users\henk\AppData\Roaming\SpeedyPC Software" deleted

"C:\Users\henk\AppData\Roaming\DriverCure" deleted

"C:\Users\henk\AppData\Roaming\Babylon" deleted

"C:\Users\henk\AppData\Roaming\Systweak" deleted

"C:\Users\henk\AppData\Roaming\OpenCandy" deleted

"C:\Users\henk\AppData\Roaming\Media Finder" deleted

"C:\Users\henk\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com" deleted

"C:\Users\henk\AppData\Local\CRE" deleted

"C:\Users\henk\AppData\Local\iMesh" deleted

"C:\Users\henk\AppData\Local\PackageAware" deleted

"C:\Users\henk\AppData\Local\Conduit" deleted

"C:\Users\henk\AppData\LocalLow\IObit Apps" deleted

"C:\Users\henk\AppData\LocalLow\boost_interprocess" deleted

"C:\Users\henk\AppData\LocalLow\vShare" deleted

"C:\Users\henk\AppData\LocalLow\mediabarim" deleted

"C:\Users\henk\AppData\LocalLow\imeshbandmltbpi" deleted

"C:\Users\henk\AppData\LocalLow\BabylonToolbar" deleted

"C:\Users\henk\AppData\LocalLow\Delta" deleted

"C:\Users\henk\AppData\LocalLow\Softonic" deleted

"C:\Users\henk\AppData\LocalLow\Incredibar.com" deleted

"C:\Users\henk\AppData\LocalLow\PriceGong" deleted

"C:\Users\henk\AppData\LocalLow\searchquband" deleted

"C:\Users\henk\AppData\LocalLow\Conduit" deleted

"C:\Users\henk\AppData\LocalLow\Search Settings" deleted

"C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\IObit Apps" deleted

"C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater" deleted

"C:\Windows\SysWow64\searchplugins" deleted

"C:\Windows\SysWow64\Extensions" deleted

"C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownload@OneClickDownload.com" deleted

"C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com" deleted

"C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\0

- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

ProfilePath: C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com

- AccelerateTab - %ProfilePath%\extensions\speeddial@instair.net

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx[]

icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx[]

mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[]

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx[26-08-2013 22:00]

nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePluginFor6.crx[22-04-2013 19:02]

pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[]

Softonic Chrome Toolbar - henk - default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf

AccelerateTab - henk - default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg

AVG Secure Search - henk - default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

==== Chrome Fix ======================

C:\Users\henk\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf deleted successfully

C:\Users\henk\AppData\Local\Google\Chrome\User Data\default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

"Search Page"="http://nl.woofi.info"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://nl.woofi.info"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Search Page"="http://nl.woofi.info"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{A2B28CBC-5F60-4b66-9D90-6B7C93911D79}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A2B28CBC-5F60-4b66-9D90-6B7C93911D79}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Start Page"="https://www.google.nl/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{6CCFDD21-1CA0-4110-84D4-9CF5233A4942} Google Url="{searchTerms} - Google Search"

{8515D758-5D0B-4fc3-A4E6-11FDE837688B} Bing Url="{searchTerms} - Bing"

{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2 will be deleted at reboot

C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8ZC1JS will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\henk\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7GXVB1L2" deleted

"C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GN8ZC1JS" deleted

==== EOF on wo 11-09-2013 at 11:29:30,25 ======================

Link naar reactie
Delen op andere sites

Uitstekend ... dan mag je nog het volgende doen om de gebruikte tools en de restjes te verwijderen:

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.