Mededeling

Collapse
No announcement yet.

Vaker melding van PUP's (MBAM) en veranderd windows thema

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Vaker melding van PUP's (MBAM) en veranderd windows thema

    Goedemorgen,

    Na een hele tijd nergens last van te hebben gehad, merk ik dat MBAM er de laatste tijd steeds meer zogenaamde PUP's uithaalt. Nu is plotseling ook mijn windows thema naar klassiek is veranderd wat ik ook niet meer zelf kan veranderen. Tevens ook af en toe obscure pop-ups. Daardoor rijst mijn vermoeden dat ik mogelijk een probleempje heb. ik hoop dat iemand er misschien even naar wil kijken? Bij voorbaat dank.

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2013.08.18.05

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Rutger :: PC_VAN_RUTGER [administrator]

    19-8-2013 10:45:50
    mbam-log-2013-08-19 (10-45-50).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 215896
    Verstreken tijd: 11 minuut/minuten, 36 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 1
    HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.25.2
    Run by Rutger at 11:16:52 on 2013-08-19
    .
    ============== Running Processes ================
    .
    C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
    C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\AVG\AVG2013\avgidsagent.exe
    C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Windows\system32\PnkBstrA.exe
    C:\Windows\system32\PnkBstrB.exe
    C:\Program Files\AVG\AVG2013\avgnsx.exe
    C:\Program Files\AVG\AVG2013\avgemcx.exe
    C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
    C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
    C:\Windows\system32\TODDSrv.exe
    c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\DRIVERS\xaudio.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\AVG\AVG2013\avgui.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEE&bmod=TSEE
    uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
    BHO: Adobe PDF Reader Help bij koppelingen: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [NDSTray.exe] NDSTray.exe
    mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
    mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
    mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
    mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
    mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    dRun: [TOSHIBA Online Product Information] c:\program files\toshiba\toshiba online product information\topi.exe
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: Free YouTube to MP3 Converter - c:\users\rutger\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
    IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?NL
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/...k-21&site=home
    IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://service.futuremark.com/gom/receiver/tc/FMSI.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 212.54.35.25 212.54.40.25
    TCP: Interfaces\{25341F4D-D9D2-443A-8868-CF10BA9DE24E} : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{2CA72B69-58D2-4D24-B32B-DD3850A3004D} : DHCPNameServer = 212.54.35.25 212.54.40.25
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    AppInit_DLLs= c:\progra~1\google\google~1\googledesktopnetwork3.dll
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R? GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335
    R? jswpsapi;Jumpstart Wifi Protected Setup
    R? Partner Service;Partner Service
    R? SkypeUpdate;Skype Updater
    R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
    S? AVGIDSAgent;AVGIDSAgent
    S? AVGIDSDriver;AVGIDSDriver
    S? AVGIDSHX;AVGIDSHX
    S? AVGIDSShim;AVGIDSShim
    S? Avgldx86;AVG AVI Loader Driver
    S? Avglogx;AVG Logging Driver
    S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
    S? Avgrkx86;AVG Anti-Rootkit Driver
    S? Avgtdix;AVG TDI Driver
    S? avgwd;AVG WatchDog
    S? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
    S? ConfigFree Service;ConfigFree Service
    S? FontCache;Windows Font Cache Service
    S? FwLnk;FwLnk Driver
    S? jswpslwf;JumpStart Wireless Filter Driver
    S? SmartFaceVWatchSrv;SmartFaceVWatchSrv
    S? TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO)
    S? TOSHIBA SMART Log Service;TOSHIBA SMART Log Service
    .
    =============== Created Last 30 ================
    .
    2013-08-15 09:00:29 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
    2013-08-15 09:00:29 15872 ----a-w- c:\windows\system32\icaapi.dll
    2013-08-15 09:00:28 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-08-15 09:00:14 2048 ----a-w- c:\windows\system32\tzres.dll
    2013-08-15 09:00:07 783360 ----a-w- c:\windows\system32\rpcrt4.dll
    2013-08-15 09:00:04 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-08-15 09:00:04 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-08-15 09:00:04 1205168 ----a-w- c:\windows\system32\ntdll.dll
    2013-08-15 08:59:59 992768 ----a-w- c:\windows\system32\crypt32.dll
    2013-08-15 08:59:59 98304 ----a-w- c:\windows\system32\cryptnet.dll
    2013-08-15 08:59:59 172544 ----a-w- c:\windows\system32\wintrust.dll
    2013-08-15 08:59:59 133120 ----a-w- c:\windows\system32\cryptsvc.dll
    2013-07-28 06:36:19 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    .
    ==================== Find3M ====================
    .
    2013-08-15 10:34:52 138376 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2013-08-15 10:34:43 202448 ----a-w- c:\windows\system32\PnkBstrB.exe
    2013-07-28 06:36:08 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
    2013-07-28 06:36:08 789416 ----a-w- c:\windows\system32\deployJava1.dll
    2013-07-25 02:32:35 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2013-07-25 02:26:10 1129472 ----a-w- c:\windows\system32\wininet.dll
    2013-07-25 02:25:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-07-25 02:23:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2013-07-25 02:23:58 420864 ----a-w- c:\windows\system32\vbscript.dll
    2013-07-25 02:22:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2013-06-12 12:03:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-06-12 12:03:42 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-06-04 01:50:43 2049024 ----a-w- c:\windows\system32\win32k.sys
    2013-06-01 04:06:08 505344 ----a-w- c:\windows\system32\qedit.dll
    .
    ============= FINISH: 11:17:23,99 ===============
    GMER 2.1.19163 - http://www.gmer.net
    Rootkit scan 2013-08-19 11:38:48
    Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200BEVS-26VAT0 rev.11.01A11 298,09GB
    Running: 6lppv1e0.exe; Driver: C:\Users\Rutger\AppData\Local\Temp\kgrdqpow.sys


    ---- System - GMER 2.1 ----

    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeKey [0x9117D14A]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeMultipleKeys [0x9117D21A]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenProcess [0x9117CD7C]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendProcess [0x9117CF6A]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendThread [0x9117D000]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateProcess [0x9117CE32]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateThread [0x9117CECE]
    SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwWriteVirtualMemory [0x9117D09C]

    ---- Kernel code sections - GMER 2.1 ----

    .text ntkrnlpa.exe!KeSetEvent + 3BD 828B5A08 8 Bytes [4A, D1, 17, 91, 1A, D2, 17, ...] {DEC EDX; RCL DWORD [EDI], 0x1; XCHG ECX, EAX; SBB DL, DL; POP SS; XCHG ECX, EAX}
    .text ntkrnlpa.exe!KeSetEvent + 3F1 828B5A3C 4 Bytes [7C, CD, 17, 91] {JL 0xffffffcf; POP SS; XCHG ECX, EAX}
    .text ntkrnlpa.exe!KeSetEvent + 611 828B5C5C 8 Bytes [6A, CF, 17, 91, 00, D0, 17, ...] {PUSH -0x31; POP SS; XCHG ECX, EAX; ADD AL, DL; POP SS; XCHG ECX, EAX}
    .text ntkrnlpa.exe!KeSetEvent + 621 828B5C6C 8 Bytes [32, CE, 17, 91, CE, CE, 17, ...] {XOR CL, DH; POP SS; XCHG ECX, EAX; INTO ; INTO ; POP SS; XCHG ECX, EAX}
    .text ntkrnlpa.exe!KeSetEvent + 681 828B5CCC 4 Bytes [9C, D0, 17, 91] {PUSHF ; RCL BYTE [EDI], 0x1; XCHG ECX, EAX}
    .text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x83B50000, 0x4036D, 0xE8000020]
    .dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x83B99000, 0x510, 0x40000040]
    .text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x9020C000, 0x1FB52A, 0xE8000020]
    ? C:\Users\Rutger\AppData\Local\Temp\mbr.sys Het systeem kan het opgegeven bestand niet vinden. !

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtCreateFile + 6 77C0426A 4 Bytes [28, D8, 01, 01] {SUB AL, BL; ADD [ECX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtCreateFile + B 77C0426F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtMapViewOfSection + 6 77C049BA 4 Bytes [28, DB, 01, 01] {SUB BL, BL; ADD [ECX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtMapViewOfSection + B 77C049BF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenFile + 6 77C04A4A 4 Bytes [68, D8, 01, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenFile + B 77C04A4F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcess + 6 77C04ACA 4 Bytes [A8, D9, 01, 01] {TEST AL, 0xd9; ADD [ECX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcess + B 77C04ACF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcessToken + 6 77C04ADA 4 Bytes CALL 76C14CB8 C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcessToken + B 77C04ADF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcessTokenEx + 6 77C04AEA 4 Bytes [A8, DA, 01, 01] {TEST AL, 0xda; ADD [ECX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenProcessTokenEx + B 77C04AEF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThread + 6 77C04B3A 4 Bytes [68, D9, 01, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThread + B 77C04B3F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThreadToken + 6 77C04B4A 4 Bytes [68, DA, 01, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThreadToken + B 77C04B4F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThreadTokenEx + 6 77C04B5A 4 Bytes CALL 76C14D39 C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtOpenThreadTokenEx + B 77C04B5F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtQueryAttributesFile + 6 77C04BEA 4 Bytes [A8, D8, 01, 01] {TEST AL, 0xd8; ADD [ECX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtQueryAttributesFile + B 77C04BEF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtQueryFullAttributesFile + 6 77C04C9A 4 Bytes CALL 76C14E77 C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtQueryFullAttributesFile + B 77C04C9F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtSetInformationFile + 6 77C0517A 4 Bytes [28, D9, 01, 01] {SUB CL, BL; ADD [ECX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtSetInformationFile + B 77C0517F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtSetInformationThread + 6 77C051CA 4 Bytes [28, DA, 01, 01] {SUB DL, BL; ADD [ECX], EAX}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtSetInformationThread + B 77C051CF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtUnmapViewOfSection + 6 77C0546A 4 Bytes [68, DB, 01, 01]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[1540] ntdll.dll!NtUnmapViewOfSection + B 77C0546F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtCreateFile + 6 77C0426A 4 Bytes [28, C0, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtCreateFile + B 77C0426F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtMapViewOfSection + 6 77C049BA 4 Bytes [28, C3, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtMapViewOfSection + B 77C049BF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenFile + 6 77C04A4A 4 Bytes [68, C0, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenFile + B 77C04A4F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenProcess + 6 77C04ACA 4 Bytes [A8, C1, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenProcess + B 77C04ACF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenProcessToken + 6 77C04ADA 4 Bytes CALL 76C0F5A0 C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenProcessToken + B 77C04ADF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenProcessTokenEx + 6 77C04AEA 4 Bytes [A8, C2, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenProcessTokenEx + B 77C04AEF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenThread + 6 77C04B3A 4 Bytes [68, C1, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenThread + B 77C04B3F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenThreadToken + 6 77C04B4A 4 Bytes [68, C2, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenThreadToken + B 77C04B4F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenThreadTokenEx + 6 77C04B5A 4 Bytes CALL 76C0F621 C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtOpenThreadTokenEx + B 77C04B5F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtQueryAttributesFile + 6 77C04BEA 4 Bytes [A8, C0, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtQueryAttributesFile + B 77C04BEF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtQueryFullAttributesFile + 6 77C04C9A 4 Bytes CALL 76C0F75F C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtQueryFullAttributesFile + B 77C04C9F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtSetInformationFile + 6 77C0517A 4 Bytes [28, C1, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtSetInformationFile + B 77C0517F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtSetInformationThread + 6 77C051CA 4 Bytes [28, C2, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtSetInformationThread + B 77C051CF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtUnmapViewOfSection + 6 77C0546A 4 Bytes [68, C3, AA, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[2844] ntdll.dll!NtUnmapViewOfSection + B 77C0546F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtCreateFile + 6 77C0426A 4 Bytes [28, 44, 32, 00] {SUB [EDX+ESI+0x0], AL}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtCreateFile + B 77C0426F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtMapViewOfSection + 6 77C049BA 4 Bytes [28, 47, 32, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtMapViewOfSection + B 77C049BF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenFile + 6 77C04A4A 4 Bytes [68, 44, 32, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenFile + B 77C04A4F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenProcess + 6 77C04ACA 4 Bytes [A8, 45, 32, 00] {TEST AL, 0x45; XOR AL, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenProcess + B 77C04ACF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenProcessToken + 6 77C04ADA 4 Bytes CALL 76C07D24 C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenProcessToken + B 77C04ADF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenProcessTokenEx + 6 77C04AEA 4 Bytes [A8, 46, 32, 00] {TEST AL, 0x46; XOR AL, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenProcessTokenEx + B 77C04AEF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenThread + 6 77C04B3A 4 Bytes [68, 45, 32, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenThread + B 77C04B3F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenThreadToken + 6 77C04B4A 4 Bytes [68, 46, 32, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenThreadToken + B 77C04B4F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenThreadTokenEx + 6 77C04B5A 4 Bytes CALL 76C07DA5 C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtOpenThreadTokenEx + B 77C04B5F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtQueryAttributesFile + 6 77C04BEA 4 Bytes [A8, 44, 32, 00] {TEST AL, 0x44; XOR AL, [EAX]}
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtQueryAttributesFile + B 77C04BEF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtQueryFullAttributesFile + 6 77C04C9A 4 Bytes CALL 76C07EE3 C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtQueryFullAttributesFile + B 77C04C9F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtSetInformationFile + 6 77C0517A 4 Bytes [28, 45, 32, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtSetInformationFile + B 77C0517F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtSetInformationThread + 6 77C051CA 4 Bytes [28, 46, 32, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtSetInformationThread + B 77C051CF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtUnmapViewOfSection + 6 77C0546A 4 Bytes [68, 47, 32, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5516] ntdll.dll!NtUnmapViewOfSection + B 77C0546F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtCreateFile + 6 77C0426A 4 Bytes [28, 80, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtCreateFile + B 77C0426F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtMapViewOfSection + 6 77C049BA 4 Bytes [28, 83, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtMapViewOfSection + B 77C049BF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenFile + 6 77C04A4A 4 Bytes [68, 80, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenFile + B 77C04A4F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenProcess + 6 77C04ACA 4 Bytes [A8, 81, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenProcess + B 77C04ACF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenProcessToken + 6 77C04ADA 4 Bytes CALL 76C0CC60 C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenProcessToken + B 77C04ADF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenProcessTokenEx + 6 77C04AEA 4 Bytes [A8, 82, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenProcessTokenEx + B 77C04AEF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenThread + 6 77C04B3A 4 Bytes [68, 81, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenThread + B 77C04B3F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenThreadToken + 6 77C04B4A 4 Bytes [68, 82, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenThreadToken + B 77C04B4F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenThreadTokenEx + 6 77C04B5A 4 Bytes CALL 76C0CCE1 C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtOpenThreadTokenEx + B 77C04B5F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtQueryAttributesFile + 6 77C04BEA 4 Bytes [A8, 80, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtQueryAttributesFile + B 77C04BEF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtQueryFullAttributesFile + 6 77C04C9A 4 Bytes CALL 76C0CE1F C:\Windows\system32\USP10.dll
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtQueryFullAttributesFile + B 77C04C9F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtSetInformationFile + 6 77C0517A 4 Bytes [28, 81, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtSetInformationFile + B 77C0517F 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtSetInformationThread + 6 77C051CA 4 Bytes [28, 82, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtSetInformationThread + B 77C051CF 1 Byte [E2]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtUnmapViewOfSection + 6 77C0546A 4 Bytes [68, 83, 81, 00]
    .text C:\Program Files\Google\Chrome\Application\chrome.exe[5668] ntdll.dll!NtUnmapViewOfSection + B 77C0546F 1 Byte [E2]

    ---- Devices - GMER 2.1 ----

    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys
    AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys
    AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys
    AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys

    ---- EOF - GMER 2.1 ----

  • #2
    Probeer dit eens.

    Download zoek.exe naar het bureaublad.
    • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
      (hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
    • Dubbelklik op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
      Code:
      emptyclsid;
      firefoxlook; 
      Chromelook; 
      chrdefaults;
      autoclean; 
      iedefaults;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Bedankt voor het reageren Juisterr. Hieronder het logje. Heb in ieder geval de oude, vertrouwde taakbalk weer terug.

      Zoek.exe Version 4.0.0.4 Updated 19-08-2013
      Tool run by Rutger on ma 19-08-2013 at 14:30:16,14.
      Windows Vista (TM) Home Premium 6.0.6002 Service Pack 2 x86 WMI=failure
      Running in: Normal Mode Internet Access Detected
      Launched: C:\Users\Rutger\Desktop\zoek.exe [Script inserted]

      ==== System Restore Info ======================

      19-8-2013 14:32:18 Zoek.exe System Restore Point Created Succesfully.

      ==== Deleting CLSID Registry Keys ======================

      HKEY_USERS\S-1-5-21-934359270-808232566-713874300-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
      HKEY_USERS\S-1-5-21-934359270-808232566-713874300-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
      HKEY_USERS\S-1-5-21-934359270-808232566-713874300-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

      ==== Deleting CLSID Registry Values ======================


      ==== Deleting Services ======================

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Partner Service deleted successfully
      HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Partner Service deleted successfully

      ==== Deleting Files \ Folders ======================

      "C:\Windows\system32\appdata" deleted
      "C:\Program Files\Common Files\DVDVideoSoft\TB" deleted
      "C:\Program Files\Common Files\DVDVideoSoft\bin" deleted
      "C:\Users\Rutger\AppData\Roaming\DVDVideoSoftIEHelpers" deleted
      "C:\ProgramData\Babylon" deleted
      "C:\Users\Rutger\AppData\Local\Bundled software uninstaller" deleted
      "C:\Windows\System32\searchplugins" deleted
      "C:\Windows\System32\Extensions" deleted

      ==== Chrome Look ======================

      HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
      nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Rutger\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[25-09-2012 08:44]

      AdBlock - Rutger - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

      ==== Set IE to Default ======================

      Old Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://www.google.com/ig/redirectdomain?brand=TSEE&bmod=TSEE"
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
      @="http://www.google.com/search/?q=%s"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

      New Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
      "(Default)"="http://search.msn.com/results.asp?q=%s"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

      ==== All HKCU SearchScopes ======================

      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
      {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
      {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"
      {70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=9ohWEodZ0zn7XjXIXw0g3aJAgvE?q={searchTerms}"
      {F3D5037E-187E-44D3-B2AF-FBA6A43FAAC8} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncodin g}&oe={outputEncoding}&rlz=1I7TSEE_nlNL345"

      ==== Reset Google Chrome ======================

      C:\users\Rutger\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
      C:\users\Rutger\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

      ==== Empty IE Cache ======================

      C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Rutger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

      ==== Empty FireFox Cache ======================

      No FireFox Profiles found

      ==== Empty Chrome Cache ======================

      C:\users\Rutger\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

      ==== Empty All Flash Cache ======================

      Flash Cache Emptied Successfully

      ==== Empty All Java Cache ======================

      Java Cache cleared successfully

      ==== After Reboot ======================

      ==== Empty Temp Folders ======================

      C:\Windows\Temp successfully emptied
      C:\Users\Rutger\AppData\Local\Temp successfully emptied

      ==== Empty Recycle Bin ======================

      C:\$RECYCLE.BIN successfully emptied

      ==== Deleting Files / Folders ======================

      "C:\Users\Rutger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

      ==== EOF on ma 19-08-2013 at 14:41:23,47 ======================

      Comment


      • #4
        Dat is mooi, klachten over nu ?

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Voorzover ik kan zien zijn de klachten verholpen. Nogmaals bedankt!

          Comment


          • #6
            Dan gaan we opruimen.

            1.
            Download AdwCleaner by Xplode naar het bureaublad.
            • Sluit alle openstaande vensters.
            • Dubbelklik op AdwCleaner om hem te starten.
            • Klik vervolgens op Verwijderen.
            • Klik bij AdwCleaner – Informatie op OK
            • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK


            Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.
            Nadat de PC opnieuw is opgestart, opent een logfile.
            Post aansluitend de inhoud van dit log in je volgende bericht als bijlage.


            2.
            Download Delfix by Xplode naar het bureaublad.

            Dubbelklik op Delfix.exe om de tool te starten.
            Zet nu vinkjes voor de volgende items:
            • Activate UAC
            • Remove disinfection tools
            • Create registry backup
            • Purge System Restore
            • Reset system settings

            Klik nu op "Run" en wacht geduldig tot de tool gereed is.
            Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Het logje van adwcleaner:

              # AdwCleaner v2.306 - Verslag gemaakt op 19/08/2013 om 18:22:47
              # Geactualiseerd op 19/07/2013 door Xplode
              # Besturingssysteem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
              # Gebruiker : Rutger - PC_VAN_RUTGER
              # Opstarten Modus : Normale modus
              # Gelanceerd vanaf : C:\Users\Rutger\Desktop\adwcleaner.exe
              # Optie [Verwijderen]


              ***** [Diensten] *****


              ***** [Files / Mappen] *****


              ***** [Register] *****

              Sleutel Verwijderd : HKCU\Software\5953dcd8e13ee412
              Sleutel Verwijderd : HKCU\Software\BI
              Sleutel Verwijderd : HKCU\Software\IGearSettings
              Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
              Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
              Sleutel Verwijderd : HKCU\Software\Softonic
              Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar
              Sleutel Verwijderd : HKLM\Software\Babylon
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
              Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
              Sleutel Verwijderd : HKLM\Software\DataMngr
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
              Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
              Sleutel Verwijderd : HKLM\SOFTWARE\Software
              Waarde Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

              ***** [Browsers] *****

              -\\ Internet Explorer v9.0.8112.16502

              [OK] Het register bevat geen enkele ongeoorloofde invoer.

              -\\ Google Chrome v28.0.1500.95

              File : C:\Users\Rutger\AppData\Local\Google\Chrome\User Data\Default\Preferences

              [OK] De file bevat geen enkele ongeoorloofde invoer.

              *************************

              AdwCleaner[S1].txt - [3570 octets] - [19/08/2013 18:22:47]

              ########## EOF - C:\AdwCleaner[S1].txt - [3630 octets] ##########

              Comment


              • #8
                Ik neem haast aan dat je klachten over zijn, als dat zo is mag je het topic op opgelost zetten.

                Windows 10 opstarten in Veilige Modus

                Comment


                • #9
                  Ik bemerk tot op heden geen problemen. Ik denk dat alles dan ook opgelost is. Nogmaals bedankt voor de hulp Juisterr.

                  Comment


                  • #10
                    Graag gedaan.

                    Windows 10 opstarten in Veilige Modus

                    Comment

                    Sorry, you are not authorized to view this page
                    Working...
                    X