Ga naar inhoud

Aanbevolen berichten

Geplaatst:

ja had hwet later bedrepen de eerste van de drie te kieazen ( niet de ZIP , RAR ).

zie hier onder log;

Zoek.exe v5.0.0.0 Updated 31-January-2014

Tool run by Ik on di 04-02-2014 at 17:40:07,65.

Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Ik\Mijn documenten\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

4-2-2014 17:44:31 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Common Files\SWF Studio deleted successfully

C:\Documents and Settings\Default User\Application Data\.# deleted successfully

C:\Documents and Settings\Ik\Application Data\.# deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-826894825-3387847929-1879874835-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_USERS\S-1-5-21-826894825-3387847929-1879874835-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-826894825-3387847929-1879874835-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.3.0 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\vToolbarUpdater17.3.0 deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

==== Deleting Files \ Folders ======================

C:\Program Files\SmartPCFix deleted

C:\Program Files\MyPC Backup deleted

C:\Documents and Settings\Ik\Application Data\AVG SafeGuard toolbar deleted

C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar deleted

"C:\Program Files\AVG SafeGuard toolbar\vprot.exe" deleted

"C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\17.3.0\avgdttbx.dll" deleted

"C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\SiteSafety.dll" deleted

"C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll" deleted

"C:\Program Files\AVG SafeGuard toolbar" not deleted

"C:\Program Files\Common Files\AVG Secure Search" not deleted

"C:\Documents and Settings\Ik\Local Settings\Application Data\AVG SafeGuard toolbar" not deleted

"C:\Program Files\Common Files\AVG Secure Search\DNTInstaller" not deleted

"C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller" not deleted

"C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater" not deleted

"C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\17.3.0" not deleted

"C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0" not deleted

"C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0" not deleted

"C:\Documents and Settings\Ik\Local Settings\Application Data\AVG SafeGuard toolbar\Chrome" not deleted

"C:\Documents and Settings\Ik\Local Settings\Application Data\AVG SafeGuard toolbar\Chrome\Default" not deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2014-02-03 21:51:41 B97F528403103A82F3E42B3E87B6BD67 1746 ----a-w- C:\WINDOWS\Language_trs.ini

====== C:\DOCUME~1\Ik\LOCALS~1\Temp ====

2014-02-03 19:37:35 DF9CFB963E527AB4D354D970BB3B6809 4875800 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\oi_{52F00F3F-6C0A-433F-AD52-19C1FD855203}.exe

2014-02-03 19:37:11 9136E7C544C6A1A564C2BAD1DF0580F4 3418968 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\1374592013_PCSpeedMaximizer.exe

2014-02-03 19:37:09 20DCBDE6356EAD474B3C90AC71A12847 2940496 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\safeguard.exe

2014-02-03 19:31:40 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\vcredist_x86.exe

2014-02-03 19:31:05 047B5AF68447F3BA140DE1AAAC4E8A51 10363208 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\BackupSetup.exe

2014-02-03 19:31:03 154F3E364E5356168B976EE1A79AE648 1800040 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\1374509789_SmartPCFixInstaller_ITNTDigiC_appsP.exe

2014-02-03 19:31:01 3B37FD10355AB35CF3E4FC87E5BF8019 73848 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\1371786419_Cloud_Backup_Setup.exe

====== C:\WINDOWS\system32 =====

====== C:\WINDOWS\system32\drivers =====

2014-02-03 19:39:25 15ACA2AD17ACECA4814F249783E63AD3 37664 ----a-w- C:\WINDOWS\System32\drivers\avgtpx86.sys

====== C:\WINDOWS\Tasks ======

2014-02-03 20:36:31 0AB088419380C66ECFE026BA79C0827D 878 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-03 20:36:30 5C53F05846328D4B22A577451A56A59C 874 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-02-03 22:48:05 -------- d-----w- C:\Program Files\Speccy

2014-02-03 21:48:35 -------- d-----w- C:\Program Files\trend micro

2014-02-03 20:36:13 -------- d-----w- C:\Program Files\Google

2014-02-03 20:05:03 -------- d-----w- C:\Program Files\Mozilla Maintenance Service

2014-02-03 19:38:30 -------- d-----w- C:\Program Files\Common Files\AVG Secure Search

2014-02-03 19:38:18 -------- d-----w- C:\Program Files\AVG SafeGuard toolbar

2014-02-03 19:10:36 -------- d-----w- C:\Program Files\AVG

2014-02-03 11:49:48 -------- d-----w- C:\Program Files\VideoLAN

======= C: =====

====== C:\Documents and Settings\Ik\Application Data ======

2014-02-03 20:36:13 -------- d-----w- C:\Documents and Settings\Ik\Local Settings\Application Data\Google

2014-02-03 20:05:54 -------- d-----w- C:\Documents and Settings\Ik\Local Settings\Application Data\Mozilla

2014-02-03 20:05:54 -------- d-----w- C:\Documents and Settings\Ik\Application Data\Mozilla

2014-02-03 19:40:03 -------- d-----w- C:\Documents and Settings\Ik\Local Settings\Application Data\AVG SafeGuard toolbar

2014-02-03 19:13:16 -------- d-----w- C:\Documents and Settings\Ik\Application Data\AVG2013

2014-02-03 19:12:50 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Application Data\AVG2013

2014-02-03 19:12:15 -------- d-----w- C:\Documents and Settings\Ik\Application Data\TuneUp Software

2014-02-03 19:10:38 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013

2014-02-03 11:53:43 -------- d-----w- C:\Documents and Settings\Ik\Application Data\vlc

2014-02-03 11:51:25 -------- d-----w- C:\Documents and Settings\Ik\Local Settings\Application Data\Avg2013

2014-02-03 11:44:00 EDDA8ECB6C684789C2EE174643DDC31B 38768 ----a-w- C:\Documents and Settings\Ik\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2014-02-03 11:44:00 88CF0FF92A4A9FA7BD9B7513B2E9E22B 62 --sha-w- C:\Documents and Settings\Ik\Application Data\desktop.ini

2014-02-03 11:44:00 -------- d-----w- C:\Documents and Settings\Ik\Application Data\Adobe

2014-02-03 11:43:59 -------- d-s---w- C:\Documents and Settings\Ik\Application Data\Microsoft

2014-02-03 11:43:59 -------- d-----w- C:\Documents and Settings\Ik\Menu Start\Programma's\Bureau-accessoires\Systeembeheer

2014-02-03 11:43:59 -------- d-----w- C:\Documents and Settings\Ik\Local Settings\Application Data\SRS Labs

2014-02-03 11:43:59 -------- d-----w- C:\Documents and Settings\Ik\Local Settings\Application Data\Microsoft Help

2014-02-03 11:43:59 -------- d-----w- C:\Documents and Settings\Ik\Local Settings\Application Data\Microsoft

2014-02-03 11:43:59 -------- d-----w- C:\Documents and Settings\Ik\Local Settings\Application Data\Adobe

2014-02-03 11:43:59 -------- d-----w- C:\Documents and Settings\Ik\Application Data\InstallShield

2014-02-03 11:43:59 -------- d-----w- C:\Documents and Settings\Ik\Application Data\Identities

2014-02-03 11:43:59 -------- d-----w- C:\Documents and Settings\Ik\Application Data\ASUS

2014-02-03 11:43:59 -------- d-----r- C:\Documents and Settings\Ik\Menu Start\Programma's\Opstarten

2014-02-03 11:43:59 -------- d-----r- C:\Documents and Settings\Ik\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid

2014-02-03 11:43:59 -------- d-----r- C:\Documents and Settings\Ik\Menu Start\Programma's\Bureau-accessoires\Entertainment

2014-02-03 11:43:59 -------- d-----r- C:\Documents and Settings\Ik\Menu Start\Programma's\Bureau-accessoires

2014-02-03 11:43:59 -------- d-----r- C:\Documents and Settings\Ik\Menu Start\Programma's

2014-02-03 11:43:04 EDDA8ECB6C684789C2EE174643DDC31B 38768 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2014-02-03 11:43:04 -------- d-sh--w- C:\WINDOWS\system32\config\systemprofile\Application Data\.#

2014-02-03 11:43:04 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\SRS Labs

2014-02-03 11:43:04 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft Help

2014-02-03 11:43:04 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Adobe

2014-02-03 11:43:04 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Application Data\InstallShield

2014-02-03 11:43:04 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Application Data\Identities

2014-02-03 11:43:04 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Application Data\ASUS

2014-02-03 11:43:04 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Application Data\Adobe

2014-02-03 11:40:27 EDDA8ECB6C684789C2EE174643DDC31B 38768 ----a-w- C:\Documents and Settings\Default User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2014-02-03 11:40:27 -------- d-----w- C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Systeembeheer

2014-02-03 11:40:27 -------- d-----w- C:\Documents and Settings\Default User\Local Settings\Application Data\SRS Labs

2014-02-03 11:40:27 -------- d-----w- C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft Help

2014-02-03 11:40:27 -------- d-----w- C:\Documents and Settings\Default User\Local Settings\Application Data\Adobe

2014-02-03 11:40:27 -------- d-----w- C:\Documents and Settings\Default User\Application Data\InstallShield

2014-02-03 11:40:27 -------- d-----w- C:\Documents and Settings\Default User\Application Data\Identities

2014-02-03 11:40:27 -------- d-----w- C:\Documents and Settings\Default User\Application Data\ASUS

2014-02-03 11:40:27 -------- d-----w- C:\Documents and Settings\Default User\Application Data\Adobe

====== C:\Documents and Settings\Ik ======

2014-02-03 11:43:59 -------- d-sh--w- C:\Documents and Settings\Ik\Cookies

2014-02-03 11:43:59 -------- d--h--w- C:\Documents and Settings\Ik\Local Settings

2014-02-03 11:43:59 -------- d--h--r- C:\Documents and Settings\Ik\Application Data

2014-02-03 11:43:59 -------- d-----w- C:\Documents and Settings\Ik\Bureaublad

2014-02-03 11:43:59 -------- d-----r- C:\Documents and Settings\Ik\Menu Start

2014-02-03 11:43:59 -------- d-----r- C:\Documents and Settings\Ik\Favorieten

2014-02-03 11:43:58 7D19A444F835CF627FB65127A25778A7 188 --sh--w- C:\Documents and Settings\Ik\ntuser.ini

2014-02-03 11:43:58 -------- d--h--w- C:\Documents and Settings\Ik\Sjablonen

2014-02-03 11:43:58 -------- d--h--w- C:\Documents and Settings\Ik\Netwerkprinteromgeving

2014-02-03 11:43:58 -------- d--h--w- C:\Documents and Settings\Ik\NetHood

2014-02-03 11:43:58 -------- d--h--r- C:\Documents and Settings\Ik\SendTo

2014-02-03 11:43:58 -------- d--h--r- C:\Documents and Settings\Ik\Onlangs geopend

2014-02-03 11:43:58 -------- d-----r- C:\Documents and Settings\Ik\Mijn documenten

2014-02-03 11:40:27 7D19A444F835CF627FB65127A25778A7 188 --sha-w- C:\Documents and Settings\Default User\ntuser.ini

====== C: exe-files ==

2014-02-03 22:46:44 024542793EF5B061EA2AE16D991D2DD3 4845384 ----a-w- C:\Documents and Settings\Ik\Mijn documenten\Downloads\spsetup125.exe

2014-02-03 21:52:15 F8E6FCE618B2987F4FE9A478F3196C8D 137752 ----a-w- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\igfxtray.exe

2014-02-03 21:52:15 D0CD75B957B9B0399DB48CACA0EF67AC 96792 ----a-w- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\PersistenceThread.exe

2014-02-03 21:52:15 8E0011A5210BD5F90EDDF075C2C64EA4 354840 ----a-w- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\hkcmd.exe

2014-02-03 21:52:15 4B5A3E70BF69250867AEEE7E6DFD0AA6 170520 ----a-w- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\igfxext.exe

2014-02-03 21:52:14 FC397B473B31A4DE8131D8EBE0B2F09F 895512 ----a-w- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\igfxcfg.exe

2014-02-03 21:52:14 5BBAB5D0F1A8AF35DDDAB153BA99B7A1 481816 ----a-w- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\igfxsrvc.exe

2014-02-03 21:48:35 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Ik.exe

2014-02-03 21:47:36 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Ik\Mijn documenten\Downloads\RSIT.exe

2014-02-03 20:38:13 4336FBC3A8A75922456D194391A5999C 36528344 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\32.0.1700.107\32.0.1700.107_chrome_installer.exe

2014-02-03 20:36:27 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe

2014-02-03 20:36:27 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe

2014-02-03 20:36:25 1D5F56A2FBB6B8DF6D9DE6334B861406 847344 ----a-w- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe

2014-02-03 20:36:24 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\GoogleUpdate.exe

2014-02-03 20:36:15 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

2014-02-03 20:36:14 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdate.exe

2014-02-03 20:36:14 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe

2014-02-03 20:32:38 1D5F56A2FBB6B8DF6D9DE6334B861406 847344 ----a-w- C:\Documents and Settings\Ik\Mijn documenten\Downloads\ChromeSetup.exe

2014-02-03 20:05:05 99F20CB58E61DAAD19935122AEE8B376 106212 ----a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe

2014-02-03 20:05:03 3B9398E0146855B1DC0E3D9769C80F01 119408 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

2014-02-03 19:49:30 C5C5DE801C3D3EE767574893A7DF656D 24039048 ----a-w- C:\Documents and Settings\Ik\Mijn documenten\Downloads\Firefox Setup Stub 26.0.exe

2014-02-03 19:49:28 C5C5DE801C3D3EE767574893A7DF656D 24039048 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temporary Internet Files\Content.IE5\39NANJGC\Firefox%20Setup%2026.0[1].exe

2014-02-03 19:47:57 A63191FB3EC67F210437FB4038A6DFA5 1364328 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temporary Internet Files\Content.IE5\GE2TKF9F\firefox_downloader[1].exe

2014-02-03 19:37:35 DF9CFB963E527AB4D354D970BB3B6809 4875800 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\oi_{52F00F3F-6C0A-433F-AD52-19C1FD855203}.exe

2014-02-03 19:37:11 9136E7C544C6A1A564C2BAD1DF0580F4 3418968 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\1374592013_PCSpeedMaximizer.exe

2014-02-03 19:37:09 20DCBDE6356EAD474B3C90AC71A12847 2940496 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\safeguard.exe

2014-02-03 19:31:40 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\vcredist_x86.exe

2014-02-03 19:31:05 047B5AF68447F3BA140DE1AAAC4E8A51 10363208 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\BackupSetup.exe

2014-02-03 19:31:03 154F3E364E5356168B976EE1A79AE648 1800040 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\1374509789_SmartPCFixInstaller_ITNTDigiC_appsP.exe

2014-02-03 19:31:01 3B37FD10355AB35CF3E4FC87E5BF8019 73848 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temp\1371786419_Cloud_Backup_Setup.exe

2014-02-03 19:25:25 3E94831EDECC55B40B0AA451F2C42559 606080 ----a-w- C:\Documents and Settings\Ik\Local Settings\Temporary Internet Files\Content.IE5\NDCYVGDH\mozilla_firefox_setup[1].exe

2014-02-03 11:50:08 6B0C06AD1A07458521B5291F37C2AC69 223622 ----a-w- C:\Program Files\VideoLAN\VLC\uninstall.exe

=== C: other files ==

2014-02-04 15:55:48 4FB4C86CEE9DBA2C4DE271C4893BE240 4088082 ----a-w- C:\RECYCLER\S-1-5-21-826894825-3387847929-1879874835-1005\Dc4.zip

2014-02-03 21:52:14 4A1E0F6367FF47F87CBE8A7ECF38B01D 5097632 ----a-w- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\igxpmp32.sys

2014-02-03 19:49:08 F9109736B5ED26CF7EE245B5380405F3 35794 ----a-w- C:\RECYCLER\S-1-5-21-826894825-3387847929-1879874835-1005\Dc1\data.zip

2014-02-03 19:39:25 15ACA2AD17ACECA4814F249783E63AD3 37664 ----a-w- C:\WINDOWS\system32\drivers\avgtpx86.sys

2014-02-03 19:12:51 E178B57D7D59ABF8CEBD8C8D1C7FCAB8 1370673 ----a-w- C:\Program Files\AVG\AVG2013\banners\banners.zip

2014-02-03 19:12:26 7189F0A1DC8C203D021B07A328EABE78 323 ----a-w- C:\Documents and Settings\All Users\Application Data\AVG2013\IDS\config\quarantinedList.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-826894825-3387847929-1879874835-1005\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"SRS Premium Sound"="C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe /hideme"

"Eee Docking"="C:\Program Files\ASUS\Eee Docking\Eee Docking.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE"

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"AsusACPIServer"="C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe"

"AsusEPCMonitor"="C:\Program Files\EeePC\ACPI\AsEPCMon.exe"

"LiveUpdate"="C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto"

"EeeStorageBackup"="C:\Program Files\ASUS\Eee Storage\BackupService.exe"

"ASUS Screen Saver Protector"="C:\WINDOWS\AsScrPro.exe"

"SynAsusAcpi"="C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe"

"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"

"vProt"="C:\Program Files\AVG SafeGuard toolbar\vprot.exe"

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"

"PersistenceThread"="C:\WINDOWS\system32\PersistenceThread.exe"

"EasyMode"=""%ProgramFiles%\\ASUS\\Easy Mode\\Easy Mode.exe" --limitedUserImportRegister"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"SRS Premium Sound"="C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe /hideme"

"Eee Docking"="C:\Program Files\ASUS\Eee Docking\Eee Docking.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Reader_sl"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MsnMsgr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MsnMsgr"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03-02-2014 21:36]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [03-02-2014 21:36]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Ik\Application Data\Mozilla\Firefox\Profiles\2z0or2io.default

D1DC265C3FF7F92B4A75A55B3749D48C - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

93A6E62490C778FE0F8F61D246218998 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat

==== Chrome Look ======================

Google Docs - Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://asus.msn.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://asus.msn.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Ik\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Ik\Local Settings\Application Data\Mozilla\Firefox\Profiles\2z0or2io.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=140 folders=52 35333089 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully

C:\Documents and Settings\Ik\Local Settings\Temp will be emptied at reboot

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Ik\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Ik\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Program Files\AVG SafeGuard toolbar" not found

"C:\Program Files\Common Files\AVG Secure Search" not found

"C:\Documents and Settings\Ik\Local Settings\Application Data\AVG SafeGuard toolbar" deleted

==== EOF on di 04-02-2014 at 18:12:43,51 ======================

  • Reacties 39
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatst:

Download 51a5bf3d99e8a-ComboFixlogo16.pngComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  • Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.

Geplaatst:

heb dit programma gedraaid. maar elke keer loopt mijn notebook vast.De cursor in het zwarte log veld knippert , maar reageert na uren nergens op. de power knop moet ik dan indrukken om 'm uit te zetten.

zojuist voor de vierde keer opgestart. bij internet openen , krijg ik de melding "Google chrome . your profile could not be opened correctly". dit scherm opent zich 4 keer.

Geplaatst:

Dubbelklik op Zoek.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

autoclean;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Reset Chrome
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Geplaatst:

notebook, gewoon goed opgestart vandaag.

gisteren, zoek.exe gedraaid.

ok krijg nu die foute chrome melding meer .

nu combofix weer eens draaien ??

Geplaatst:

Heb je het logje van zoek nog van gisteren: zoek-results.log ? Hang dat even eerst in een bericht, vóór we nog een volgende stap zetten. En de Chrome-melding krijg je dus NIET meer, bedoel je toch ?

Geplaatst:

ik krijg dat chrome bericht nu WEER wel. ( ??!! ) ( was éénmalig dat deze niet verscheen ).

zoek log;

Zoek.exe v5.0.0.0 Updated 31-January-2014

Tool run by Ik on do 06-02-2014 at 2:46:14,10.

Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Ik\Mijn documenten\Downloads\zoek.exe [scan all users] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-02-04-171243.log 26554 bytes

==== Reset Google Chrome ======================

Nothing found to reset

==== C:\zoek_backup content ======================

C:\zoek_backup (files=140 folders=52 35333089 bytes)

==== EOF on do 06-02-2014 at 2:48:38,95 ======================

Geplaatst:

Download 51a5bf3d99e8a-ComboFixlogo16.pngComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  • Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.

Geplaatst:

COmboFix gedraaid.

De autoscan geeft na 1uur nog steeds geen verdere reactie, na die melding dat dit "10 minuten duurt anders dubbel zo lang kan duren".

Cursor knippert nog steeds. PC klok staat echter nog op tijd van 1 uur terug. ( ?? )

na een kleine beweging met muis staat het scherm vast, weg is de cursor, en pc reageert niet meer.

ik moet deze met de power knop uitzetten en opnieuw opstarten.

nog suggesties ??

bij opstaren van chrome krijg ik weer 4 berichten zoals al eerder gemeld.


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.