Ga naar inhoud

hulp bij malware?


Aanbevolen berichten

  • Reacties 41
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Dan gaan we zoek nog eens opnieuw inzetten:

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • HijackThis Log
  • Firefox Defaults
  • Reset Chrome
  • Reset IE proxy
  • IE Defaults
  • Reset Hosts
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Ik had eerst nog een scan met Malwarebytes gedaan, waarmee ik weer geïnfecteerde bestanden vond. Hierbij de log:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Databaseversie: v2013.11.25.01

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Joyce :: PC_VAN_JOYCE [administrator]

26-11-2013 5:19:59

mbam-log-2013-11-26 (05-19-59).txt

Scan type: Volledige scan (C:\|D:\|)

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 557690

Verstreken tijd: 5 uur/uren, 39 minuut/minuten, 44 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 1

C:\Users\Joyce\AppData\Local\temp\ct2504091 (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 3

C:\AdwCleaner\Quarantine\C\Program Files\Vuze\.install4j\user\mism.exe.vir (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Program Files\Vuze\.install4j\user\mism.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\Joyce\AppData\Local\temp\ct2504091\ism.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

Hier de log van Zoek:

Zoek.exe Version 4.0.0.5 Updated 24-November-2013

Tool run by Joyce on di 26-11-2013 at 15:48:12,55.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Joyce\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-11-23-132719.log 25815 bytes

C:\zoek-results2013-11-23-214420.log 31918 bytes

C:\zoek-results2013-11-24-154044.log 5532 bytes

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Internet Explorer\SearchScopes\{35651EE7-5AB8-44B2-9C31-8DC52C5DEE4E} deleted successfully

HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Internet Explorer\SearchScopes\{654BA83E-FA5A-4022-83BD-C7713448FF40} deleted successfully

HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Internet Explorer\SearchScopes\{84B93BE4-7605-4C78-900E-C2D50C39F337} deleted successfully

HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BC69120F-1308-4496-BF16-6C22847C5AFC} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_23-11-2013_2154_.backup

prefs_26-11-2013_1709_.backup

==== Deleting Files \ Folders ======================

C:\Users\Joyce\daemonprocess.txt deleted

C:\Program Files\Mobogenie deleted

C:\Program Files\BearShare Applications\MediaBar deleted

C:\Program Files\tanzuki deleted

C:\extensions deleted

C:\Users\Joyce\AppData\Roaming\Alawar Entertainment deleted

C:\Users\Joyce\AppData\Roaming\AlawarEntertainment deleted

C:\Users\Joyce\AppData\Roaming\LimeWirePlus deleted

C:\Users\Joyce\AppData\Local\Mobogenie deleted

C:\Users\Joyce\AppData\LocalLow\uTorrentBar_NL deleted

C:\Windows\system32\tasks\YourFile DownloaderUpdate deleted

C:\user.js deleted

C:\prefs.js deleted

C:\END deleted

C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-11-16 13:43:17 47D2D836EDC4D62C47A05DAED90F1AB9 305736031 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\Joyce\AppData\Local\Temp ====

2013-11-25 22:22:44 7E89844169E755775F09AA4724680281 24489269 ----a-w- C:\Users\Joyce\AppData\Local\Temp\vlc-2.1.1-win32.exe

2013-11-25 21:51:58 FBBE666FFDA9DADF43EF083F9CA78F19 104137 ----a-w- C:\Users\Joyce\AppData\Local\Temp\Uninstall.exe

2013-11-25 09:28:16 EFA14B8099DD1CC2F93213745A5AB4E6 4220936 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\HPDiagnosticCoreUI.exe

2013-11-25 09:28:15 F83D8C0CD50B825DE2976E3C54B43309 2278920 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\DeviceManager\DeviceManager.exe

2013-11-25 09:28:15 F4D5352EF00CC2B97B150AF6B36F10ED 1695752 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\FileExtractor.exe

2013-11-25 09:28:15 B12842B441FD6E76EC814A6DA5455132 58176 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\OESISCore.dll

2013-11-25 09:28:15 98ABCBD70CDA02B76E1A1E46C16192FA 35176 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\hpodss01.dll

2013-11-25 09:28:15 67EC459E42D3081DD8FD34356F7CAFC1 770384 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\msvcr100.dll

2013-11-25 09:28:15 4D144541EE2E6FB2C26653C22BC419C7 77120 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\Impl_SoftwareProductLib.dll

2013-11-25 09:28:15 38F548B446636444C00CA64D4BB8B3D0 60224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\Impl_FirewallLib.dll

2013-11-25 09:28:15 03E9314004F504A14A61C3D364B62F66 421200 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\msvcp100.dll

2013-11-25 09:28:14 960A1D195A77D873810A9CBD71DA1E93 3129864 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\HPDiagnosticCore.dll

2013-11-25 09:28:13 D671C7CC1308576B31EA69BE2D180D17 217408 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\FWManager.dll

2013-11-25 09:28:13 D199B1ADFFB14070E8C4DA9E879EDBEE 309760 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\DIFxAPI.dll

2013-11-25 09:28:13 585D2EB9FBED6B7B9D0107BFB5C94043 531512 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\DeviceManager\DIFxAPI.dll

2013-11-25 09:28:13 4046243A482465070E8336034D2BB2F6 495424 ----a-w- C:\Users\Joyce\AppData\Local\Temp\7zS6353\CoreUtils.dll

2013-11-22 17:33:17 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j6B11.tmp_dir1385141596\i4jdel.exe

2013-11-16 15:36:32 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j8601.tmp_dir1384616192\i4jdel.exe

2013-11-15 17:53:57 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Joyce\AppData\Local\Temp\e4j2AC7.tmp_dir1384538037\i4jdel.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2013-11-17 02:04:41 B798365F54AF889BFD7D04ED75C016B7 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-11-17 02:04:41 3CC9655434741363AF977498A2B5E425 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2013-11-17 02:04:40 677857FAC307E46E44F710B6C6F84607 420864 ----a-w- C:\Windows\System32\vbscript.dll

2013-11-17 02:04:38 E26C86DE3AC36D09D201691B9D482D5B 176640 ----a-w- C:\Windows\System32\ieui.dll

2013-11-17 02:04:38 375652E4B01E421683437896DA8D76C4 65024 ----a-w- C:\Windows\System32\jsproxy.dll

2013-11-17 02:04:36 E2E9F49C84C49C2DB5ADAF85D8CD8F1C 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-11-17 02:04:35 E1092FB18A2D53DFC20D2EA8AC158E4B 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2013-11-17 02:04:35 C36E38AD3C7FAFF0E30C4CBCB28CE7FB 1129472 ----a-w- C:\Windows\System32\wininet.dll

2013-11-17 02:04:34 FFA200640B887CBB737DA74C299BCE62 717824 ----a-w- C:\Windows\System32\jscript.dll

2013-11-17 02:04:32 D36137E26569D22B6C395EB68CBE0018 1806848 ----a-w- C:\Windows\System32\jscript9.dll

2013-11-17 02:04:32 26ED02FA7B11FBFD87D4FF304EFFFFBF 231936 ----a-w- C:\Windows\System32\url.dll

2013-11-17 02:04:31 58C300DB5ED80A46A778DECB9D02DA57 1796096 ----a-w- C:\Windows\System32\iertutil.dll

2013-11-17 02:04:29 B8D440F705D52D9167C572ECF6522E89 1104896 ----a-w- C:\Windows\System32\urlmon.dll

2013-11-17 02:04:29 AB3F4974C87DC6DE7E427CF713E88B28 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-11-17 02:04:27 048FF8515CE100990423E96678112CDF 9739264 ----a-w- C:\Windows\System32\ieframe.dll

2013-11-17 02:04:25 AC986A1AD35CDBF07B0E5D1AC9D527B5 12344832 ----a-w- C:\Windows\System32\mshtml.dll

2013-11-16 13:54:43 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll

2013-11-16 13:53:12 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll

2013-11-16 13:48:51 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-11-16 13:48:50 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-11-16 13:48:50 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF

====== C:\Windows\system32\drivers =====

2013-11-10 06:05:11 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-11-06 21:57:58 156765F692192EA9039A6C4A809312FD 147912 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys

2013-11-06 21:56:45 12F0F8D3F84FAB8F31D073286FE131CB 2641 ----a-w- C:\Windows\System32\drivers\mfencrk.inf

2013-11-06 21:56:43 4DC47CB74EBC1D92DD445FCC5DEAE76A 2951 ----a-w- C:\Windows\System32\drivers\mfencbdc.inf

====== C:\Windows\Tasks ======

2013-11-25 04:27:58 4FE3DFEFAE1C934C9C491946051D55E9 3150 ----a-w- C:\Windows\system32\Tasks\{14C43A3D-211D-44CE-83EB-4B01C666FE55}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-25 20:19:22 -------- d-----w- C:\Program Files\Vuze

2013-11-06 22:06:25 -------- d-----w- C:\Program Files\iPod

======= C: =====

====== C:\Users\Joyce\AppData\Roaming ======

2013-11-25 22:17:19 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Questerium - Sinister Trinity CE

2013-11-25 22:11:22 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cursery. The Crooked Man 1.0

2013-11-24 20:31:14 -------- d-----w- C:\Users\Public\AppData\Local\temp

2013-11-24 20:31:14 -------- d-----w- C:\Users\Joyce\AppData\Local\temp(86)

2013-11-24 20:31:14 -------- d-----w- C:\Users\Default\AppData\Local\temp

2013-11-24 20:31:14 -------- d-----w- C:\Users\Default User\AppData\Local\temp

2013-11-24 06:52:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Digital Quarter

2013-11-11 12:26:02 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haunted House Mysteries

2013-11-10 04:31:52 AD20B43650D9760DA69255BB4B6939E2 5 ----a-w- C:\Users\Joyce\AppData\Roaming\mbam.context.scan

2013-11-07 00:18:41 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Witchs Green Amulet

2013-11-06 23:59:02 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Empress of the Deep III Legacy of the Phoenix CE

2013-11-06 23:03:12 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Hidden Objects TheHauntedHouse

2013-11-06 02:21:36 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Anvate Games

2013-11-06 02:19:05 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Silverback Games

2013-11-06 01:45:14 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Beast of Lycan Isle CE

2013-11-06 01:36:37 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Night Mysteries The Amphora Prisoner 1.0

2013-11-05 06:33:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Legacy Games

2013-11-05 06:16:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paranormal State - Poison Spring

2013-11-04 11:00:10 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Friendly Cactus

2013-11-03 21:35:32 -------- d-----w- C:\Users\Joyce\AppData\Roaming\TheMissingMonaLisa

2013-11-03 18:53:44 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Time Chronicles - The Missing Mona Lisa

2013-10-28 03:30:07 -------- d-----w- C:\Users\Joyce\AppData\Roaming\Mad Head Games

====== C:\Users\Joyce ======

2013-11-25 04:39:11 AFAFA655CC59872129A32CDE4F60F2DE 1091882 ----a-w- C:\Users\Joyce\Desktop\adwcleaner.exe

2013-11-06 22:08:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2013-11-06 22:06:11 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

====== C: exe-files ==

2013-11-25 22:13:08 30DD6C9D0BF2E0E2FF06E07D07ADBF79 1345024 ----a-w- C:\Program Files\Foxy Games\Questerium - Sinister Trinity CE\uninstall.exe

2013-11-25 09:28:17 CFBF037E1A6BB739D708D69768A56180 6110144 ----a-w- C:\Program Files\HP\Diagnostics\PSDR\HPPSDr.exe

2013-11-19 22:29:28 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe

2013-11-19 22:29:28 DD79A6B15C2F28DE98DF4852AAF6B13B 21720 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe

2013-11-19 22:29:28 7B3E10D0AC50271E46A2ED00FE6C4B54 48440 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe

2013-11-19 22:29:28 3A6EB91CFADA8C4978E7EA79E3A2394B 57048 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe

2013-11-19 22:29:28 1C2AD4C01B0CC57094B7EF6803A1A597 151864 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil.exe

2013-11-19 22:29:26 FEE46F832FE746EB600AC65CA6451D1F 27352 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe

2013-11-19 22:29:26 F86275D16121F6591B69B801DE6ED394 21408 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_NetworkCheck.exe

2013-11-19 22:29:26 F3531CF1C8A643377641A6F9D516FED2 35544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\OnlineBackupDetection.exe

2013-11-19 22:29:26 DF2AC1055C406AA66869C95C2FD84A21 17464 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSACIPDetection4.exe

2013-11-19 22:29:26 B26DFFF460A1F21A3DCD3529F3F61E14 33544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\hpsacommander.exe

2013-11-19 22:29:26 A15FA916BD02FE910C2C3017C026FF80 49880 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PostWarrantyAlert.exe

2013-11-19 22:29:26 99450E601834605668AE9E13BB26F09B 33264 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_CoolSense.exe

2013-11-19 22:29:26 87095CBDCC02AB8BB5ED4B124A70FC5B 27352 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_NSPOS.exe

2013-11-19 22:29:26 78BCA0FAD639A6877813F713FD2B2952 23256 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_RecoveryDisc.exe

2013-11-19 22:29:26 4E68E7D985D5F2EB68405CD246EBEDEB 18336 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_PremiumAlert.exe

2013-11-19 22:29:26 4E3643177241FE9097606FDE53E6298C 33496 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RevGenCountry.exe

2013-11-19 22:29:26 1D80ADF858D37526CDDAE21FA595319F 17312 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSACIPDetection.exe

2013-11-19 22:29:26 136D8804CB446BB88C19856B1DC75861 32472 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe

2013-11-19 22:29:26 0986D1E655F8C3014C514F322DD49250 33496 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_CountryCode.exe

2013-11-19 22:29:26 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe

2013-11-19 22:29:24 E4F8F4F057E3164A52D9D206D1F99193 31544 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe

2013-11-19 22:29:24 4C5282B9AF02E930E85761395610DCA1 27864 ----a-w- C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\SystemAgeOneYear.exe

=== C: other files ==

2013-11-25 04:38:35 DBFD867A512C3F9FA2C241EE3B566D46 1304128 ----a-w- C:\Users\Joyce\AppData\Local\temp\azlocprov_0.1.6.3.zip

2013-11-24 20:25:28 DF2626F81C91EF456738E5D81706729D 375 ----a-w- C:\Qoobox\Quarantine\H\av2.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"ssqqnksys"="rundll32.exe ssqrrs.dll,s"

[HKEY_USERS\S-1-5-21-2101717001-3418350084-2231240781-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe"

"HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN196091LK05NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1"

"Facebook Update"="C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"ssqqnksys"="rundll32.exe ssqrrs.dll,s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

"UpdatePSTShortCut"="C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter"

"UpdatePDIRShortCut"="C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\PowerDirector UpdateWithCreateOnce SOFTWARE\CyberLink\PowerDirector\7.0"

"UpdateP2GoShortCut"="C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0"

"UpdateLBPShortCut"="C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5"

"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe"

"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\2.0"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe"

"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE -startup"

"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe"

"mobilegeni daemon"="C:\Program Files\Mobogenie\DaemonProcess.exe"

"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"AutoStartNPSAgent"="C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe"

"HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN196091LK05NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1"

"Facebook Update"="C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"

@="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

==== Startup Folders ======================

2012-05-30 03:12:59 1658 ----a-w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk

2012-05-30 03:12:59 1115 ----a-w- C:\Users\Joyce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core.job --a------ C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe [17-03-2013 22:41]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

C:\Windows\tasks\HP Photo Creations Messager.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe]

"C:\Windows\system32\tasks\4687" [wscript.exe C:\Users\Joyce\AppData\Local\Temp\launchie.vbs //B]

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000Core" [C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2101717001-3418350084-2231240781-1000UA" [C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\HP Photo Creations Messager" [C:\ProgramData\HP Photo Creations\MessageCheck.exe]

"C:\Windows\system32\tasks\HPCustParticipation HP Photosmart 5510 series" ["C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe"]

"C:\Windows\system32\tasks\SmartDefragUpdate" [C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe]

"C:\Windows\system32\tasks\SmartDefrag_Startup" [C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{CA4AB69E-3234-4131-BE49-AAEEAD1A9489}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\{4B682B6B-B23E-40CE-BC3A-FDDF583E17C0}" [C:\Program Files\Skype\Phone\Skype.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [04-10-2013 16:36]

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"crossriderapp498@crossrider.com"="C:\Users\Joyce\AppData\Local\RewardsArcade\498\Firefox" []

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dcmagccbogebndpoodhhhafmofelpffh - C:\Users\Joyce\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx[]

fheleffhdiajkhjhebfibagnfkoelbdk - C:\Program Files\tanzuki\fheleffhdiajkhjhebfibagnfkoelbdk.crx[]

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02-10-2013 13:05]

icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx[]

SiteAdvisor - Joyce - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

Star Gazing - Joyce - Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme

==== Chrome Fix ======================

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhhndocbepopiengmnalddpofmgddkfp deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

"Search Page"="Google"

"Search Bar"="Upgrade to Google Chrome"

"Default_Search_URL"="Google"

"Default_Page_URL"="Google"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

"Default_Page_URL"="Google"

"Default_Search_URL"="Google"

"Search Page"="Google"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Google"

"CustomizeSearch"="Google"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Search Bar"="Bing"

"Default_Search_URL"="Bing"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Start Page"="https://www.google.nl/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="Bing"

"Search Page"="Bing"

"Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{273A0332-1B97-40E6-B3DF-8E3CEC101608}"

{273A0332-1B97-40E6-B3DF-8E3CEC101608} AOL Zoeken Url="{searchTerms} - AOL Search resultaten"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{C113F95F-E0F1-4A2E-AF9D-4788A9D49151} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\crossriderapp498@crossrider.com deleted successfully

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyOverride"="*.local"

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fheleffhdiajkhjhebfibagnfkoelbdk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {4DB74D06-491C-440D-305E-012400990F3E} - C:\Windows\system32\d33dx10.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe

O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\RunOnce: [NCPluginUpdater] "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN196091LK05NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Joyce\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKUS\S-1-5-18\..\Run: [ssqqnksys] rundll32.exe "ssqrrs.dll",s (User 'SYSTEEM')

O4 - HKUS\.DEFAULT\..\Run: [ssqqnksys] rundll32.exe "ssqrrs.dll",s (User 'Default user')

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe

O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - (no file)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe

O23 - Service: Google Updateservice (gupdate1cad429e4fae9f9) (gupdate1cad429e4fae9f9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe

O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe

O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files\Online Games Manager\ogmservice.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe

==== Empty IE Cache ======================

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Joyce\AppData\Local\temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U73RZH2Q will be deleted at reboot

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Joyce\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U73RZH2Q" not found

==== EOF on di 26-11-2013 at 18:06:17,88 ======================

aangepast door kape
dubbellog verwijderd
Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.


  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\Windows\system32\Tasks\{14C43A3D-211D-44CE-83EB-4B01C666FE55};fs
 C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1;fs
 C:\Qoobox;fs
 [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run];r
 "ssqqnksys"=-;r
 [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run];r
 "ssqqnksys"=-;r
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
 "mobilegeni daemon"=-;r
 C:\Windows\system32\tasks\0;fs
 C:\Windows\system32\tasks\4687;fs
 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions];r
 "crossriderapp498@crossrider.com"=-;r
 Dcmagccbogebndpoodhhhafmofelpffh;chr
 C:\Users\Joyce\AppData\Local\RewardsArcade;fs
 Fheleffhdiajkhjhebfibagnfkoelbdk;chr
 C:\Program Files\tanzuki\fheleffhdiajkhjhebfibagnfkoelbdk.crx;f
 autoclean;

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 24-November-2013

Tool run by Joyce on wo 27-11-2013 at 2:14:00,56.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Joyce\Desktop\zoek\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-11-23-132719.log 25815 bytes

C:\zoek-results2013-11-23-214420.log 31918 bytes

C:\zoek-results2013-11-24-154044.log 5532 bytes

C:\zoek-results2013-11-26-170617.log 46591 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"ssqqnksys"=-

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"ssqqnksys"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"mobilegeni daemon"=-

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"crossriderapp498@crossrider.com"=-

==== Deleting Files \ Folders ======================

C:\Users\Joyce\AppData\Local\RewardsArcade not found

"C:\Program Files\tanzuki\fheleffhdiajkhjhebfibagnfkoelbdk.crx" not found

C:\Windows\system32\Tasks\{14C43A3D-211D-44CE-83EB-4B01C666FE55} deleted

C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 deleted

C:\Windows\system32\tasks\0 deleted

C:\Windows\system32\tasks\4687 deleted

"C:\Qoobox" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [04-10-2013 16:36]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02-10-2013 13:05]

SiteAdvisor - Joyce - Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

Star Gazing - Joyce - Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.nl/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{273A0332-1B97-40E6-B3DF-8E3CEC101608}"

{273A0332-1B97-40E6-B3DF-8E3CEC101608} AOL Zoeken Url="{searchTerms} - AOL Search resultaten"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{C113F95F-E0F1-4A2E-AF9D-4788A9D49151} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935"

==== Empty IE Cache ======================

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XSCYE1RA will be deleted at reboot

C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Joyce\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Joyce\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XSCYE1RA" not found

==== EOF on wo 27-11-2013 at 3:20:40,42 ======================

Link naar reactie
Delen op andere sites

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

Fheoggkfdfchfphceeifdbepaooicaho;chr  
Mblmlcbknbnfebdfjnolmcapmdofhmme;chr
C:\Program Files\Vuze;fs

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 24-November-2013Tool run by Joyce on wo 27-11-2013 at 15:28:38,97.Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86Running in: Normal Mode Internet Access DetectedLaunched: C:\Users\Joyce\Desktop\zoek\zoek.exe [script inserted] ==== Older Logs ======================C:\zoek-results2013-11-23-132719.log 25815 bytesC:\zoek-results2013-11-23-214420.log 31918 bytesC:\zoek-results2013-11-24-154044.log 5532 bytesC:\zoek-results2013-11-26-170617.log 46591 bytesC:\zoek-results2013-11-27-022040.log 5653 bytes==== Deleting Files \ Folders ======================C:\Program Files\Vuze deleted==== Chrome Look ======================HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensionsfheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[02-10-2013 13:05]SiteAdvisor - Joyce - Default\Extensions\fheoggkfdfchfphceeifdbepaooicahoStar Gazing - Joyce - Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme==== Chrome Fix ======================C:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfullyC:\Users\Joyce\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblmlcbknbnfebdfjnolmcapmdofhmme deleted successfully==== Deleting Registry Keys ======================HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\Fheoggkfdfchfphceeifdbepaooicaho deleted successfully==== After Reboot ========================== Deleting Files / Folders ======================"C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx" not deleted==== EOF on wo 27-11-2013 at 15:48:06,11 ======================

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.