Pagina 1 van 3 123 LaatsteLaatste
Weergegeven resultaten: 1 t/m 10 van 22
  1. #1
    Gevorderd   lex11's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    x
    Berichten
    118
    Bedankjes
    6
    Bedankt
    8 keer in 6 posts

    Beschaamd zeer langzaam laptop bij opstart en programma's openen

    hier de gevraagde logjes GMER liep telkens vast dus hiervan geen log
    alvast vooraf bedankt

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org


    Databaseversie: v2013.12.07.03


    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Rosetteke tet :: PC_VAN_ROSETTE [administrator]


    8/12/2013 8:29:50
    mbam-log-2013-12-08 (08-29-50).txt


    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 219849
    Verstreken tijd: 40 minuut/minuten, 7 seconde


    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)


    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)


    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)


    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)


    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)


    Mappen gedetecteerd: 1
    C:\Users\Rosetteke tet\AppData\Local\Slick Savings (PUP.Optional.Spigot.A) -> Succesvol in quarantaine geplaatst en verwijderd.


    Bestanden gedetecteerd: 1
    C:\Users\Rosetteke tet\AppData\Local\Slick Savings\coupons.crx (PUP.Optional.Spigot.A) -> Succesvol in quarantaine geplaatst en verwijderd.


    (einde)
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16520 BrowserJavaVersion: 1.6.0_24
    Run by Rosetteke tet at 9:48:55 on 2013-12-08
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3070.1965 [GMT 1:00]
    .
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Program Files\Common Files\SPBA\upeksvr.exe
    C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\agrsmsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
    C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
    C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
    C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
    C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    C:\Windows\system32\mfevtps.exe
    C:\Acer\Mobility Center\MobilityService.exe
    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
    C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    \\?\C:\Windows\system32\wbem\WMIADAP.EXE
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxps://www.google.be/
    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0109&m=aspire_ 6530g
    uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
    uURLSearchHooks: PHPNukeDU Toolbar: {46735dee-f862-49d1-876d-6382794dc625} - c:\program files\phpnukedu\tbPHPN.dll
    mURLSearchHooks: PHPNukeDU Toolbar: {46735dee-f862-49d1-876d-6382794dc625} - c:\program files\phpnukedu\tbPHPN.dll
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.130\McAfeeMSS_IE.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: PHPNukeDU Toolbar: {46735dee-f862-49d1-876d-6382794dc625} - c:\program files\phpnukedu\tbPHPN.dll
    BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan enterprise\scriptsn.dll
    BHO: ShowBarObj Class: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - c:\program files\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - <orphaned>
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\s wg.dll
    BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - c:\program files\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: PHPNukeDU Toolbar: {46735dee-f862-49d1-876d-6382794dc625} - c:\program files\phpnukedu\tbPHPN.dll
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: DisableCAD = dword:1
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {10954C80-4F0F-11d3-B17C-00C0DFE39736} - c:\program files\acer\acer bio protection\PwdBank.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{5A1627D3-4F47-4309-9793-CD213B961F90} : DHCPNameServer = 192.168.0.1
    Handler: skype-ie-addon-data - <Clsid value has no data>
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: AWinNotifyVitaKey MC3000 - c:\program files\acer\acer bio protection\WinNotify.dll
    Notify: spba - c:\program files\common files\spba\homefus2.dll
    AppInit_DLLs= c:\progra~1\google\google~1\GoogleDesktopNetwork3. dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\insta ller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\drivers\AlfaFF.sys [2008-12-31 43184]
    S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [2010-2-24 35712]
    .
    =============== Created Last 30 ================
    .
    2013-12-07 16:35:13 -------- d-----w- c:\users\rosetteke tet\appdata\roaming\DriverCure
    2013-12-07 16:35:12 -------- d-----w- c:\users\rosetteke tet\appdata\roaming\ParetoLogic
    2013-12-07 16:34:40 -------- d-----w- c:\programdata\ParetoLogic
    2013-12-07 14:47:55 -------- d-----w- c:\windows\Migration
    2013-12-07 14:09:46 -------- d-----w- c:\users\rosetteke tet\appdata\local\temp
    2013-12-07 14:07:03 -------- d-sh--w- C:\$RECYCLE.BIN
    2013-12-07 12:24:39 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
    2013-12-07 11:58:15 -------- d-----w- c:\programdata\ProductData
    2013-12-07 11:57:19 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
    2013-12-07 11:57:12 -------- d-----w- c:\programdata\IObit
    2013-12-07 11:57:10 -------- d-----w- c:\users\rosetteke tet\appdata\roaming\IObit
    2013-12-07 11:56:27 -------- d-----w- c:\program files\common files\Spigot
    2013-12-07 11:55:17 -------- d-----w- c:\program files\IObit
    2013-12-07 11:45:01 -------- d-----w- c:\program files\iPod
    2013-12-07 11:44:49 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-12-07 11:44:48 -------- d-----w- c:\program files\iTunes
    2013-12-07 09:10:27 -------- d-----w- c:\users\rosetteke tet\appdata\roaming\Malwarebytes
    2013-12-07 09:09:29 -------- d-----w- c:\programdata\Malwarebytes
    2013-12-07 09:09:14 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-12-07 09:09:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2013-12-07 07:23:37 208896 ----a-w- c:\windows\MBR.exe
    2013-12-07 07:23:31 256000 ----a-w- c:\windows\PEV.exe
    2013-12-07 07:23:30 98816 ----a-w- c:\windows\sed.exe
    2013-12-07 06:54:29 -------- d-----w- c:\windows\pss
    2013-12-07 06:39:09 7772552 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c5993bd1-95ce-47fe-9dc0-0d9e689ced74}\mpengine.dll
    2013-12-05 12:13:48 297984 ----a-w- c:\windows\system32\gdi32.dll
    2013-12-05 12:13:23 993792 ----a-w- c:\windows\system32\crypt32.dll
    2013-12-05 12:12:21 444928 ----a-w- c:\windows\system32\IKEEXT.DLL
    2013-12-05 12:12:19 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL
    .
    ==================== Find3M ====================
    .
    2013-11-19 02:33:38 230048 ------w- c:\windows\system32\MpSigStub.exe
    2013-10-13 09:48:06 1806848 ----a-w- c:\windows\system32\jscript9.dll
    2013-10-13 09:35:52 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-10-13 09:35:38 1129472 ----a-w- c:\windows\system32\wininet.dll
    2013-10-13 09:30:14 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2013-10-13 09:29:02 420864 ----a-w- c:\windows\system32\vbscript.dll
    2013-10-13 09:25:39 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2013-10-12 09:26:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-10-12 09:26:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-09-11 20:21:54 863344 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
    2013-09-11 20:21:54 501872 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
    2013-09-11 20:21:54 28776 ----a-w- c:\windows\system32\aspnet_counters.dll
    2013-09-11 20:21:54 18000 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
    .
    ============= FINISH: 9:52:28,79 ===============

  2. #2
    Gevorderd   lex11's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    x
    Berichten
    118
    Bedankjes
    6
    Bedankt
    8 keer in 6 posts
    Hulp graag dank u

  3. #3
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Citaat Oorspronkelijk geplaatst door lex11 Bekijk bericht
    Hulp graag dank u
    Een beetje geduld graag? Ik heb ook een familieleven en heb ook wat tijd nodig om de log te lezen!!

    Download Zoek.zip naar het bureaublad.

    1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
    2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.


    • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
      Code:
       
      torpigcheck;
      emptyclsid;
      emptyfolderscheck;delete 
      autoclean; 
      iedefaults; 
      filesrcm;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

  4. De volgende gebruiker bedankt Rosty voor deze nuttige post:

    retlawv ( 9 December 2013)

  5. #4
    Gevorderd   lex11's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    x
    Berichten
    118
    Bedankjes
    6
    Bedankt
    8 keer in 6 posts
    Sorry voor mijn ongeduld!!!!
    Heb verschillende keer geprobeerd 'zoek' uit te voeren, helaas pc blijft steeds hangen. Lukt dus niet
    Alvast dank! !

  6. #5
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    Download AdwCleaner by Xplode naar het bureaublad.




    • Sluit alle openstaande vensters.
    • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
    • Voor XP: Gewoon dubbelklikken op AdwCleaner.
    • Klik vervolgens op Verwijderen.
    • Klik bij AdwCleaner – Information op OK
    • Klik bij AdwCleaner – Restart Required op OK



    Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
    Nadat de PC opnieuw is opgestart, opent een logfile.
    Post aansluitend de inhoud van dit log in je volgende bericht.

    Probeer nu "zoek.exe"nog eens.

  7. #6
    Gevorderd   lex11's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    x
    Berichten
    118
    Bedankjes
    6
    Bedankt
    8 keer in 6 posts
    "zoek" lukt nog niet
    heb adwcleaner enkel in veilige modus kunnen uitvoeren

  8. #7
    Gevorderd   lex11's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    x
    Berichten
    118
    Bedankjes
    6
    Bedankt
    8 keer in 6 posts
    in veilige modus nu
    zoekresultaat
    Zoek.exe Version 4.0.0.5 Updated 05-December-2013
    Tool run by Rosetteke tet on ma 09/12/2013 at 19:35:54,35.
    Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
    Running in: Safe Mode NETWORK Internet Access Detected
    Launched: C:\Users\Rosetteke tet\Desktop\zoek\zoek.exe [Script inserted]


    ==== Older Logs ======================


    C:\zoek-results2013-12-09-145939.log 435 bytes
    C:\zoek-results2013-12-09-173209.log 16434 bytes


    ==== Torpig Check ======================


    HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandle rs\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} shell32.dll
    HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandle rs\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} ntshrui.dll

  9. #8
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Is dit de volledige log?

  10. #9
    Gevorderd   lex11's schermafbeelding
    Geregistreerd
    11 May 2005
    Locatie
    x
    Berichten
    118
    Bedankjes
    6
    Bedankt
    8 keer in 6 posts
    zag older log, heb dit gezocht, het vorige dat ik toestuurde was volledig


    Zoek.exe Version 4.0.0.5 Updated 05-December-2013
    Tool run by Rosetteke tet on ma 09/12/2013 at 17:19:55,04.
    Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Rosetteke tet\Desktop\zoek\zoek.exe [Script inserted]


    ==== Older Logs ======================


    C:\zoek-results2013-12-09-145939.log 435 bytes


    ==== Torpig Check ======================


    HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandle rs\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} shell32.dll
    HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandle rs\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} ntshrui.dll




    ==== Empty Folders Check ======================


    C:\Program Files\MSXML 4.0 deleted successfully
    C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
    C:\Users\Rosetteke tet\AppData\Roaming\PeerNetworking deleted successfully


    ==== Deleting CLSID Registry Keys ======================


    HKEY_USERS\S-1-5-21-1701051360-2230672613-2151814346-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully
    HKEY_USERS\S-1-5-21-1701051360-2230672613-2151814346-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E93DD846-324E-4C80-8529-BF63250C7D1B} deleted successfully
    HKEY_USERS\S-1-5-21-1701051360-2230672613-2151814346-1000\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully


    ==== Deleting CLSID Registry Values ======================




    ==== Deleting Services ======================




    ==== FireFox Fix ======================


    ProfilePath: C:\Users\Rosetteke tet\AppData\Roaming\Mozilla\Firefox\Profiles\r9frn aye.default


    ---- Lines browser.startup.page removed from prefs.js ----
    user_pref("browser.startup.page", 3);
    ---- FireFox user.js and prefs.js backups ----


    user_20130912_1817_.backup
    prefs_20130912_1817_.backup


    ==== Deleting Files \ Folders ======================


    C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
    C:\Windows\system32\appdata deleted
    C:\Program Files\Convesoft deleted
    C:\Program Files\PHPNukeDU deleted
    C:\Program Files\Conduit deleted
    C:\Program Files\Common Files\Spigot deleted
    C:\Users\Rosetteke tet\AppData\Roaming\ParetoLogic deleted
    C:\Users\Rosetteke tet\AppData\Roaming\DriverCure deleted
    C:\ProgramData\ParetoLogic deleted
    C:\Users\Rosetteke tet\AppData\LocalLow\PHPNukeDU deleted
    C:\Users\Rosetteke tet\AppData\LocalLow\Conduit deleted
    C:\Windows\system32\config\systemprofile\AppData\L ocalLow\Application Updater deleted
    C:\Windows\wininit.ini deleted
    C:\Users\Rosetteke tet\AppData\Roaming\Mozilla\Firefox\Profiles\r9frn aye.default\extensions\savingsslider@mybrowserbar. com deleted


    ==== Files Recently Created / Modified ======================


    ====== C:\Windows ====
    2013-12-07 07:23:37 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
    2013-12-07 07:23:31 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
    2013-12-07 07:23:30 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
    2013-12-07 07:23:30 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
    2013-12-07 07:23:29 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
    ====== C:\Users\ROSETT~1\AppData\Local\Temp ====
    ====== Java Cache =====
    ====== C:\Windows\system32 =====
    2013-12-06 08:37:52 B798365F54AF889BFD7D04ED75C016B7 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-12-06 08:37:52 3CC9655434741363AF977498A2B5E425 73216 ----a-w- C:\Windows\System32\mshtmled.dll
    2013-12-06 08:37:51 677857FAC307E46E44F710B6C6F84607 420864 ----a-w- C:\Windows\System32\vbscript.dll
    2013-12-06 08:37:48 E2E9F49C84C49C2DB5ADAF85D8CD8F1C 142848 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-12-06 08:37:48 E26C86DE3AC36D09D201691B9D482D5B 176640 ----a-w- C:\Windows\System32\ieui.dll
    2013-12-06 08:37:48 375652E4B01E421683437896DA8D76C4 65024 ----a-w- C:\Windows\System32\jsproxy.dll
    2013-12-06 08:37:47 E1092FB18A2D53DFC20D2EA8AC158E4B 607744 ----a-w- C:\Windows\System32\msfeeds.dll
    2013-12-06 08:37:46 FFA200640B887CBB737DA74C299BCE62 717824 ----a-w- C:\Windows\System32\jscript.dll
    2013-12-06 08:37:46 C36E38AD3C7FAFF0E30C4CBCB28CE7FB 1129472 ----a-w- C:\Windows\System32\wininet.dll
    2013-12-06 08:37:45 D36137E26569D22B6C395EB68CBE0018 1806848 ----a-w- C:\Windows\System32\jscript9.dll
    2013-12-06 08:37:44 26ED02FA7B11FBFD87D4FF304EFFFFBF 231936 ----a-w- C:\Windows\System32\url.dll
    2013-12-06 08:37:43 58C300DB5ED80A46A778DECB9D02DA57 1796096 ----a-w- C:\Windows\System32\iertutil.dll
    2013-12-06 08:37:42 B8D440F705D52D9167C572ECF6522E89 1104896 ----a-w- C:\Windows\System32\urlmon.dll
    2013-12-06 08:37:41 AB3F4974C87DC6DE7E427CF713E88B28 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-12-06 08:37:39 048FF8515CE100990423E96678112CDF 9739264 ----a-w- C:\Windows\System32\ieframe.dll
    2013-12-06 08:37:38 AC986A1AD35CDBF07B0E5D1AC9D527B5 12344832 ----a-w- C:\Windows\System32\mshtml.dll
    2013-12-05 12:13:48 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll
    2013-12-05 12:13:23 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll
    2013-12-05 12:12:21 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL
    2013-12-05 12:12:20 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF
    2013-12-05 12:12:19 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
    ====== C:\Windows\system32\drivers =====
    2013-12-07 12:24:39 46B40982AF166BF89C3F51FB13E60D6D 15672 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
    2013-12-07 09:09:14 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys
    ====== C:\Windows\Tasks ======
    ====== C:\Windows\Temp ======
    ======= C:\Program Files =====
    2013-12-07 11:55:17 -------- d-----w- C:\Program Files\IObit
    2013-12-07 11:45:01 -------- d-----w- C:\Program Files\iPod
    2013-12-07 11:44:48 -------- d-----w- C:\Program Files\iTunes
    ======= C: =====
    ====== C:\Users\Rosetteke tet\AppData\Roaming ======
    2013-12-07 14:09:46 -------- d-----w- C:\Users\Rosetteke tet\AppData\Local\temp
    2013-12-07 14:09:46 -------- d-----w- C:\Users\Public\AppData\Local\temp
    2013-12-07 14:09:46 -------- d-----w- C:\Users\Default\AppData\Local\temp
    2013-12-07 14:09:46 -------- d-----w- C:\Users\Default User\AppData\Local\temp
    2013-12-07 12:26:48 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\R oaming\IObit
    2013-12-07 11:58:22 -------- d-----w- C:\Users\Rosetteke tet\AppData\Locallow\IObit
    2013-12-07 11:57:10 -------- d-----w- C:\Users\Rosetteke tet\AppData\Roaming\IObit
    2013-12-07 11:13:25 -------- d-----w- C:\Users\Rosetteke tet\AppData\Locallow\Apple Computer
    ====== C:\Users\Rosetteke tet ======
    2013-12-07 16:32:44 63C3C419200755087C7496933C298F8F 5162600 ----a-w- C:\Users\Rosetteke tet\Downloads\Repair-tool.exe
    2013-12-07 11:58:15 -------- d-----w- C:\ProgramData\ProductData
    2013-12-07 11:57:12 -------- d-----w- C:\ProgramData\IObit
    2013-12-07 11:51:56 7567F8A2077504334E030586D27FAAE4 34466768 ----a-w- C:\Users\Rosetteke tet\Downloads\asc-setup (1).exe
    2013-12-07 11:51:31 7567F8A2077504334E030586D27FAAE4 34466768 ----a-w- C:\Users\Rosetteke tet\Downloads\asc-setup.exe
    2013-12-07 11:50:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2013-12-07 11:44:49 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-12-07 08:45:32 -------- d-----w- C:\Users\Public\AppData


    ====== C: exe-files ==
    2013-12-09 15:52:23 CEE5D5ADBB2F7091D76449FA1A55CDA0 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1701051360-2230672613-2151814346-1000\$I7HXKQ0.exe
    2013-12-07 11:57:33 BEFF149A82F78B648046108EB9D28893 2151200 ----a-w- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
    2013-12-07 07:24:58 8D8E67E5A438E9906CC90C5ED4AA1AD7 35337056 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.63\31.0.1650.63_chrome_ins taller.exe
    2013-12-06 08:37:44 06085B62BC7E0C8E2605CEA38774D956 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
    2013-12-05 18:09:20 CB3091FB191AB59FCF68CB1E8137A7B5 13435232 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.63\31.0.1650.63_30.0.1599. 101_chrome_updater.exe
    === C: other files ==
    2013-12-09 15:56:39 1C8B31F7A7BA60B89DC9C760F9322B6D 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1701051360-2230672613-2151814346-1000\$IUI5SJW.zip
    2013-12-09 15:56:13 FAFA407BA87C2C39455FC72D3DA863FE 4050563 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1701051360-2230672613-2151814346-1000\$RUI5SJW.zip
    2013-12-09 15:55:31 DCC2D356CD862DD78B2577835CB0D8C8 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1701051360-2230672613-2151814346-1000\$IVAASDB.zip
    2013-12-09 15:55:23 9F068467914CBDBB1F05B4CFB0AEA5AA 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1701051360-2230672613-2151814346-1000\$IM769P6.zip
    2013-12-09 15:55:18 BD926C8D5269A0FFC39400956B5EA75E 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1701051360-2230672613-2151814346-1000\$I0HQNDB.zip
    2013-12-09 15:54:49 FAFA407BA87C2C39455FC72D3DA863FE 4050563 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1701051360-2230672613-2151814346-1000\$RVAASDB.zip
    2013-12-09 15:54:41 FAFA407BA87C2C39455FC72D3DA863FE 4050563 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1701051360-2230672613-2151814346-1000\$RM769P6.zip
    2013-12-09 15:54:35 FAFA407BA87C2C39455FC72D3DA863FE 4050563 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1701051360-2230672613-2151814346-1000\$R0HQNDB.zip
    2013-12-09 15:53:29 9E3C322546434C2F31B0D0FA519B5162 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1701051360-2230672613-2151814346-1000\$IL8V1ZN.com


    ==== Folders in C:\ProgramData 0-6 Months Old ======================


    2013-12-07 09:09:29 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-12-07 11:44:49 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-12-07 11:57:12 -------- d-----w- C:\ProgramData\IObit
    2013-12-07 11:58:15 -------- d-----w- C:\ProgramData\ProductData


    ==== Firefox Extensions Registry ======================


    [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extens ions]
    "fe_7.0@nokia.com"="C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0" [18/11/2011 09:07]


    ==== Firefox Extensions ======================


    ProfilePath: C:\Users\Rosetteke tet\AppData\Roaming\Mozilla\Firefox\Profiles\r9frn aye.default
    - Undetermined - C:\Program Files\IObit Apps Toolbar\FF
    - Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
    - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    - Start Page - %ProfilePath%\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
    - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be .xpi


    AppDir: C:\Program Files\Mozilla Firefox
    - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be


    ==== Firefox Plugins ======================


    Profilepath: C:\Users\Rosetteke tet\AppData\Roaming\Mozilla\Firefox\Profiles\r9frn aye.default
    9D4A0B314CB9CF134CA27E1E0217E51E - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
    1B05342DC6A8896A90952AF2084620F5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer .dll - RocketLife Secure Plug-In Layer
    6F120933F87E7DEC972476170288A267 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
    0BD343C45B4ECCF8D6AF94D6C3ADC310 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
    6F120933F87E7DEC972476170288A267 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat
    9D35E12B661581B83DD74EB910EA9E6D - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.240.7
    9D35E12B661581B83DD74EB910EA9E6D - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll - Java Deployment Toolkit 6.0.240.7
    4EBB5B4DCABEC18B29D01F9F607B0114 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U24
    AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation




    ==== Chrome Look ======================


    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensio ns
    hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx[]
    icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.2.crx[]
    mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Users\Rosetteke tet\AppData\Local\Slick Savings\coupons.crx[]
    pfndaklgolladniicklehhancnlgocpp - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx[]


    Google Drive - Rosetteke tet - Default\Extensions\apdfllckaahabafndbhieahigkjlhal f
    YouTube - Rosetteke tet - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbe o
    Google Search - Rosetteke tet - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjp f
    Ebay Shopping Assistant by Spigot - Rosetteke tet - Default\Extensions\hbcennhacfaagdopikcegfcobcadeoc j
    Domain Error Assistant - Rosetteke tet - Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpoo j
    Google Wallet - Rosetteke tet - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmied a
    Amazon Shopping Assistant by Spigot - Rosetteke tet - Default\Extensions\pfndaklgolladniicklehhancnlgocp p
    Gmail - Rosetteke tet - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedi a


    ==== Chrome Fix ======================


    C:\Users\Rosetteke tet\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobc adeocj deleted successfully
    C:\Users\Rosetteke tet\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpm kmpooj deleted successfully
    C:\Users\Rosetteke tet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancn lgocpp deleted successfully


    ==== Set IE to Default ======================


    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://www.google.be/"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0109&m=aspire_ 6530g"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    @="http://www.google.com/search/?q=%s"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    "DefaultScope"="{E93DD846-324E-4C80-8529-BF63250C7D1B}"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E93DD846-324E-4C80-8529-BF63250C7D1B}] not found


    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://www.google.be/"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    "(Default)"="http://search.msn.com/results.asp?q=%s"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"


    ==== All HKCU SearchScopes ======================


    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.micros oft:{language}:{referrer:source?}&ie={inputEncodin g}&oe={outputEncoding}&rlz=1I7GGLL_nl"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"
    {70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=O-5IYMlrpLD5FkEJfzD8W7Zx8xQ?q={searchTerms}"

  11. #10
    Spyware Slayer   Rosty's schermafbeelding
    Geregistreerd
    19 May 2005
    Locatie
    Zandvliet/ Ledegem
    Berichten
    4.212
    Bedankjes
    1.205
    Bedankt
    2.705 keer in 1.758 posts
    Al verbetering merkbaar?

Discussie informatie

Users Browsing this Thread

Momenteel bekijken 1 gebruikers deze discussie. (0 leden en 1 gasten)

Soortgelijke discussies

  1. Mijn laptop start zeer langzaam op
    Door Jean ev in forum HijackThis
    Reacties: 11
    Laatste bericht: 16 October 2010, 17:35
  2. grafiche kaart problemen bij opstart
    Door flosh in forum Grafische kaarten & monitors
    Reacties: 4
    Laatste bericht: 16 February 2006, 18:27
  3. krijg foutmelding bij opstart
    Door kurt0015 in forum HijackThis
    Reacties: 3
    Laatste bericht: 21 July 2005, 17:47
  4. Start bij opstart ssdiag op.
    Door Prutsy in forum Discussie over tips & trucs
    Reacties: 6
    Laatste bericht: 19 June 2005, 13:45

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •