leobus

Hallo Jion Ok dan laat ik Malwarebytes staan Nogmaals hartelijk dank voor de hulp. Zal ik nu maar markeren als OPGELOST? vrgr Leobus.

Hallo Jion Heb programma Delfix by Explode gebruikt alleen Malware bytes anti malware blijft op mijn bureaublad staan moet ik die via de normale weg verwijderen? Groet Leobus

Hallo Jion Het gaat weer goed de browsers werken weer met Google als startpagina Hartelijk dank

Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by v Duuren on vr 21-03-2014 at 21:59:21,08. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\v Duuren\Desktop\zoek.exe [scan all users] [Quick Scan] [Auto Clean] ==== Older Logs ====================== C:\zoek-results04-08-2013-2123.log 0 bytes C:\zoek-results2013-08-04-193111.log 14685 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\Users\Gast\AppData\Local\VirtualStore deleted successfully C:\Users\v Duuren\AppData\Local\DriverToolkit deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\VDUURE~1\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default user.js not found ---- Lines gophoto.it removed from prefs.js ---- user_pref("extensions.gophotoit.lastB", "http://search.gophoto.it/?pl=2&ch=v1noadmin_1402"); user_pref("keyword.URL", "http://search.gophoto.it/?pl=1&ch=v1noadmin_1402&q="); ---- FireFox user.js and prefs.js backups ---- user_04-08-2013_2035_.backup prefs_04-08-2013_2035_.backup prefs_04-08-2013_2128_.backup prefs_21-03-2014_2207_.backup ProfilePath: C:\Users\VDUURE~1\AppData\Roaming\Thunderbird\Profiles\2lae99jt.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_21-03-2014_2207_.backup ProfilePath: C:\Users\VDUURE~1\AppData\Roaming\TomTom\HOME\Profiles\chueyl4e.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_21-03-2014_2207_.backup ==== Deleting Files \ Folders ====================== C:\Users\v Duuren\daemonprocess.txt deleted C:\Users\v Duuren\.android deleted C:\Users\v Duuren\AppData\Local\cache deleted C:\Users\v Duuren\AppData\LocalLow\Cool Mirage Ltd deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\VDUURE~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-03-21 05:32:25 07B5CC5559ED3F55A3F940B3211D89C2 124416 ----a-w- C:\WINDOWS\SysWOW64\poqexec.exe 2014-03-13 13:53:02 D34CE666D9BA3D5232609D3C15075B70 5770752 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll 2014-03-13 13:53:01 ECEBFCEF5799B57BFF242D24B27E4FE4 2143960 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2014-03-13 13:53:00 6C8AC5035C39C818624EFA962B24AB3D 1036288 ----a-w- C:\WINDOWS\SysWOW64\kernel32.dll 2014-03-13 13:53:00 34823DAA381423CAE81FEE7C2EEE52F4 669352 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-03-13 13:53:00 2A3626E0B7F5A5317902EBDAF2B4CCE0 1371824 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2014-03-13 13:52:59 FCD51A3EB7E47FBCE17382A95FD3AB35 2873344 ----a-w- C:\WINDOWS\SysWOW64\dbgeng.dll 2014-03-13 13:52:59 878B3C936C3C2850A57C24C6F104EBC5 208896 ----a-w- C:\WINDOWS\SysWOW64\rdpencom.dll 2014-03-13 13:52:59 17500825FE6C7094ACC6E7DC6B578399 369280 ----a-w- C:\WINDOWS\SysWOW64\Faultrep.dll 2014-03-13 13:52:58 F5033F3C6F8E706D78ACB9351EBF7B3E 1238016 ----a-w- C:\WINDOWS\SysWOW64\dbghelp.dll 2014-03-13 13:52:58 D4A17A8DEB194D77AD9651F0EE0C76EB 138752 ----a-w- C:\WINDOWS\SysWOW64\DWWIN.EXE 2014-03-13 13:52:58 249DE8C6F690646CC8EC53D49ABC6BE9 408480 ----a-w- C:\WINDOWS\SysWOW64\WerFault.exe 2014-03-13 13:52:57 D0B6EB329D696A5C2122352EAE722290 855552 ----a-w- C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-03-13 13:52:57 3DA5CD1E3B9BDAF79731CB6CB1029CB3 53248 ----a-w- C:\WINDOWS\SysWOW64\tsgqec.dll 2014-03-13 13:52:53 F80E8CF9E4A051C2CC338C85088A046C 488448 ----a-w- C:\WINDOWS\SysWOW64\qedit.dll 2014-03-13 13:52:47 70462E0A4E293FC80620AB945D8A59BB 17074688 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2014-03-13 13:52:39 4831AA1A6A112ACCEE240C9D5FA2108B 11266048 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2014-03-13 13:52:38 FC46FE32B043CA7251B1D707B91BA6A7 4244480 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2014-03-13 13:52:38 BD5E6C894130E7BB7ECE9A0925383068 2168320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2014-03-13 13:52:37 AAFEAB4FC9D70253F8C7E353E879E8A2 1820160 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2014-03-13 13:52:37 A045DAE4D242A9A50FF6902774C55BE0 524288 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2014-03-13 13:52:37 4605E0295C8E742B28FD63D255322795 703488 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-03-13 13:52:37 0FF358906F2333B26267BC0064DC02C4 1156096 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-03-21 05:32:26 4A8D40E38BC2C57E5D630AD6994A85CB 139776 ----a-w- C:\WINDOWS\Sysnative\poqexec.exe 2014-03-13 13:53:40 1A1DDFD4BA6523979C76BE188984C3AC 1643584 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2014-03-13 13:53:39 695C842DAA76536CE44C336C9E27B25D 1507704 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2014-03-13 13:53:03 C993A0B97BECD3AAF5158E3869878465 6353960 ----a-w- C:\WINDOWS\Sysnative\sppsvc.exe 2014-03-13 13:53:03 BAAD43360A7DF630ECC414671AEFA28C 6640640 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll 2014-03-13 13:53:02 977F77CE98456F6B115E5360A1160449 2133208 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2014-03-13 13:53:01 C039246195C736A602F581D29F18A43D 1928144 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2014-03-13 13:53:00 CFADC50692A845BAC30940E203393219 1287064 ----a-w- C:\WINDOWS\Sysnative\kernel32.dll 2014-03-13 13:53:00 C7B69F90B823182CE6BE7C5374832DE5 764864 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll 2014-03-13 13:53:00 819A1E0F89B6AC222E9D95CA000A40B1 4175360 ----a-w- C:\WINDOWS\Sysnative\dbgeng.dll 2014-03-13 13:52:59 C83AFB0B285F293EDECF5EBDEC074A94 458616 ----a-w- C:\WINDOWS\Sysnative\WerFault.exe 2014-03-13 13:52:59 C7DFBE21051D5E44B479CBF74B968335 1486848 ----a-w- C:\WINDOWS\Sysnative\dbghelp.dll 2014-03-13 13:52:59 B5D2EBAD81739185A91D210F5F01824B 407024 ----a-w- C:\WINDOWS\Sysnative\Faultrep.dll 2014-03-13 13:52:59 2684605E822359CBD1ED2BD2C8E76397 249856 ----a-w- C:\WINDOWS\Sysnative\rdpencom.dll 2014-03-13 13:52:58 99453C649DC4B0BE6D062B701CD2917F 716288 ----a-w- C:\WINDOWS\Sysnative\swprv.dll 2014-03-13 13:52:58 94D79382FB796B0A8C90270654A70563 1057280 ----a-w- C:\WINDOWS\Sysnative\rdvidcrl.dll 2014-03-13 13:52:58 735CB57F806D292FB7ABE8BDFD3B5853 233920 ----a-w- C:\WINDOWS\Sysnative\mfps.dll 2014-03-13 13:52:58 724ADFEE7743C26C550ABFE04271DCFD 160256 ----a-w- C:\WINDOWS\Sysnative\DWWIN.EXE 2014-03-13 13:52:58 3FFEC6927D4017829A82ECDB277BB23E 64512 ----a-w- C:\WINDOWS\Sysnative\tsgqec.dll 2014-03-13 13:52:57 AFCAB4DC692CCE37E283B00E2D7B438F 447488 ----a-w- C:\WINDOWS\Sysnative\sppcomapi.dll 2014-03-13 13:52:57 110BE5198A63D3FF3CE9C30F1DC12EC3 386722 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2014-03-13 13:52:53 05894DFC52A78C3B1DD5EF6F30FAD28C 586240 ----a-w- C:\WINDOWS\Sysnative\qedit.dll 2014-03-13 13:52:49 4E0709D9BB951AD1C22E4FF519B90839 23133696 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2014-03-13 13:52:43 9C5ADB26632D46919ABB231CF7DE98B9 13051904 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2014-03-13 13:52:39 76862AAF77C049EC20217FDC209F7F13 2765824 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2014-03-13 13:52:38 D378AB3C9178424588B55AC7B652D7F9 218624 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2014-03-13 13:52:37 E6ACA421DA3E50D7F0A31228F0C547B0 627200 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2014-03-13 13:52:37 DF79CE9B950C62677D232154E93A81C7 2334208 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2014-03-13 13:52:37 CF1C73DE1FADE3D3C44FCAF254F57DB2 5768704 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2014-03-13 13:52:37 BA0A21F761CE5001DF712C51BF11F953 1393664 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2014-03-13 13:52:37 48ED94DA88F65684B28FCD87C01288A7 817664 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2014-03-13 13:52:29 1A69D165DDA78A4329B854D4FEDAD132 4189184 ----a-w- C:\WINDOWS\Sysnative\win32k.sys ====== C:\WINDOWS\Sysnative\drivers ===== 2014-03-17 14:15:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2014-03-13 13:53:32 C52148456E0F6EAD9E903020A79207FC 236888 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2014-03-13 13:53:31 241895E8A9C158DF86E12FDD21033A32 35856 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys 2014-03-13 13:53:30 57F22324FAAF92ADF957B281E88F1743 124760 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys 2014-03-13 13:53:01 ECC68BD5347BDE9631EE68274858A41F 2543960 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2014-03-13 13:52:58 C85C075DE5B6D0FE116043054DE8EE02 311640 ----a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-03-17 14:41:37 -------- d-----w- C:\Program Files\trend micro 2014-02-24 16:17:48 -------- d-----w- C:\Program Files\Windows Live ======= C:\PROGRA~2 ===== 2014-02-23 13:14:42 -------- d-----w- C:\PROGRA~2\Crazybump ======= C: ===== ====== C:\Users\v Duuren\AppData\Roaming ====== ====== C:\Users\v Duuren ====== 2014-03-21 12:11:06 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2014-03-20 18:27:04 EB95E2DFC183115E7EC07916474FB1B9 53904525 ----a-w- C:\Users\v Duuren\Downloads\blender-2.70-windows64.exe 2014-03-17 15:19:32 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\v Duuren\Desktop\adwcleaner (1).exe 2014-03-17 15:18:27 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\v Duuren\Downloads\adwcleaner (2).exe 2014-03-17 14:41:23 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\v Duuren\Downloads\RSITx64.exe 2014-03-17 14:12:46 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\v Duuren\Downloads\mbam-setup-1.75.0.1300 (1).exe 2014-03-17 14:12:28 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\v Duuren\Downloads\mbam-setup-1.75.0.1300.exe 2014-03-17 14:00:16 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\v Duuren\Downloads\adwcleaner (1).exe 2014-03-17 13:59:05 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\v Duuren\Downloads\adwcleaner.exe 2014-03-11 12:20:15 6463A4FA57AEE1597C26EC75DFD911D2 2836400 ----a-w- C:\Users\v Duuren\Downloads\ib2013_win_setup.exe 2014-03-03 08:13:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie 2014-02-24 16:18:28 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2014-02-23 13:20:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crazybump ====== C: exe-files == 2014-03-21 21:01:24 C7DE897A46AFC29D629FCE40E8ABF7F3 18544 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updated\plugin-container.exe 2014-03-21 21:01:24 B1E2F6E26655B6CF15B646C1BC969438 119408 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updated\maintenanceservice.exe 2014-03-21 21:01:24 A2A54A911099982B218F69020075061B 117360 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updated\crashreporter.exe 2014-03-21 21:01:24 A1F8B58F1EC431485F8377A273E02223 390256 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updated\thunderbird.exe 2014-03-21 21:01:24 91B8479623513D10665A4D3FBE91542C 22640 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updated\WSEnable.exe 2014-03-21 21:01:24 77511D8E1DE5A8D06E5885705AA3284C 901232 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updated\uninstall\helper.exe 2014-03-21 21:01:24 4F88FC3AD6998E873CBE8626C5B054B0 275056 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updated\updater.exe 2014-03-21 21:01:24 3451E9AAD090387DCF5033A3E1014954 194176 ----a-w- C:\Program Files (x86)\Mozilla Thunderbird\updated\maintenanceservice_installer.exe 2014-03-21 21:01:23 A49E66E6FED2CD4CD1CBA0A12353BA62 274032 ----a-w- C:\Users\v Duuren\AppData\Local\Thunderbird\Mozilla Thunderbird\updates\0\updater.exe 2014-03-21 05:32:26 4A8D40E38BC2C57E5D630AD6994A85CB 139776 ----a-w- C:\Windows\System32\poqexec.exe 2014-03-21 05:32:25 07B5CC5559ED3F55A3F940B3211D89C2 124416 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2014-03-20 18:27:04 EB95E2DFC183115E7EC07916474FB1B9 53904525 ----a-w- C:\Users\v Duuren\Downloads\blender-2.70-windows64.exe 2014-03-19 20:23:10 73FE9F755799C867E0AC58C6E9A05CF4 83938816 ----a-w- C:\Program Files\Blender Foundation\Blender\blender.exe 2014-03-19 20:23:02 858D64B40DB36E3EA4E3B0ED13C8C3C6 34294272 ----a-w- C:\Program Files\Blender Foundation\Blender\blenderplayer.exe 2014-03-17 15:19:32 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\v Duuren\Desktop\adwcleaner (1).exe 2014-03-17 15:18:27 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\v Duuren\Downloads\adwcleaner (2).exe 2014-03-17 14:41:37 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\v Duuren.exe 2014-03-17 14:41:23 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\v Duuren\Downloads\RSITx64.exe 2014-03-17 14:12:46 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\v Duuren\Downloads\mbam-setup-1.75.0.1300 (1).exe 2014-03-17 14:12:28 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\v Duuren\Downloads\mbam-setup-1.75.0.1300.exe 2014-03-17 14:00:16 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\v Duuren\Downloads\adwcleaner (1).exe 2014-03-17 13:59:05 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\v Duuren\Downloads\adwcleaner.exe 2014-03-15 14:05:41 E677174AA15D1B9D9E0B0F1C8DB8CC56 892120 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.154\33.0.1750.154_33.0.1750.146_chrome_updater.exe === C: other files == 2014-03-17 14:15:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-916307411-1588903604-153646724-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "SandboxieControl"="C:\Program Files\Sandboxie\SbieCtrl.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "ASUSWebStorage"="C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S" "F-Secure Manager"="C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE /splash" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "F-Secure Hoster (45123)"="C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe -app -hosterid:1" "WebStorage"="C:\Program Files (x86)\ASUS\WebStorage\2.0.4.229\ASUSWSLoader.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "SandboxieControl"="C:\Program Files\Sandboxie\SbieCtrl.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "ACMON"="C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11-03-2014 19:19] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06-12-2012 11:30] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06-12-2012 11:30] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\WINDOWS\SysNative\tasks\ASUS Touchpad Launcher (x64)" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\WINDOWS\SysNative\tasks\AsusVibeSchedule" ["C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\VDUURE~1\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default - GoPhoto.it - C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default\extensions\ffxtlbr@gophotoit.com - GoPhoto.it - %ProfilePath%\extensions\ffxtlbr@gophotoit.com ProfilePath: C:\Users\VDUURE~1\AppData\Roaming\Thunderbird\Profiles\2lae99jt.default - Silvermel - %ProfilePath%\extensions\silvermel@pardal.de.xpi - Silvermel and Charamel XT - %ProfilePath%\extensions\silvermelxt@pardal.de.xpi - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi ProfilePath: C:\Users\VDUURE~1\AppData\Roaming\TomTom\HOME\Profiles\chueyl4e.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default 95812430959AE88CDD0301AB3A71913B - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash 66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director ==== Deleted Firefox Extensions ====================== C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default\extensions\ffxtlbr@gophotoit.com deleted ==== Chrome Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions begbnpffhnpedhocnobliippgejhjpfp - C:\Users\v Duuren\AppData\Roaming\Cool Mirage Ltd\gophotoit\1.8.29.5\gophotoit.crx[] Google Docs - v Duuren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - v Duuren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf GoPhotoIt Chrome Extension - v Duuren\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp YouTube - v Duuren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - v Duuren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - v Duuren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - v Duuren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\v Duuren\AppData\Local\Google\Chrome\User Data\Default\Extensions\begbnpffhnpedhocnobliippgejhjpfp deleted successfully C:\Users\v Duuren\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_begbnpffhnpedhocnobliippgejhjpfp_0.localstorage deleted successfully C:\Users\v Duuren\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_begbnpffhnpedhocnobliippgejhjpfp_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/webhp?tab=ww&ei=5CAsU_LgM6j8ywO--4LADQ&ved=0CBEQ1S4" "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="https://www.google.nl/webhp?tab=ww&ei=5CAsU_LgM6j8ywO--4LADQ&ved=0CBEQ1S4" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-916307411-1588903604-153646724-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13499502-1BA1-6C68-B798-E83355B97F0B} deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\begbnpffhnpedhocnobliippgejhjpfp deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\v Duuren\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\v Duuren\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\v Duuren\AppData\Local\Mozilla\Firefox\Profiles\8puwcrs9.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\v Duuren\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=283 folders=34 3615704 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Users\v Duuren\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\VDUURE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 21-03-2014 at 22:25:23,29 ======================

Hallo Jion Ik had problemen met het versturen van de log bestanden hopelijk gaat het met de bijlagen nu goed. vriendelijke groet Leobus AdwCleaner[S0].txt mbam-log-2014-03-17 (15-20-19).txt RSIT log.txt

Goede morgen Is er iemand die mij kan helpen om Zoekmachine Nation Zoom te verwijderen als startpagina bij Google chroom als wel expl . Krijg het met geen mogelijkheid verwijderd. Heb zoiets ook een keer gehad met windows XP toen heeft PC_helpforum mij fantastisch geholpen. Comp draait nu op windows 8.1 v gr Leobus.

Sorry voor gemarkeert als opgelost 1é keer op een forum Hier log adw cleaner. # AdwCleaner v2.306 - Verslag gemaakt op 05/08/2013 om 19:20:13 # Geactualiseerd op 19/07/2013 door Xplode # Besturingssysteem : Windows 8 (64 bits) # Gebruiker : v Duuren - VANDUURENPC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\v Duuren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VDX1OANZ\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** ***** [Register] ***** Data Verwijderd : HKLM\...\StartMenuInternet\FIREFOX.EXE [(Default)] = C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9BC904357&ts=1375472709 Data Verwijderd : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9BC904357&ts=1375472709 Sleutel Verwijderd : HKCU\Software\1ClickDownload Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Crossrider Sleutel Verwijderd : HKCU\Software\BabSolution Sleutel Verwijderd : HKCU\Software\InstallCore Sleutel Verwijderd : HKCU\Software\OCS Sleutel Verwijderd : HKCU\Software\Softonic Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Sleutel Verwijderd : HKLM\Software\qvo6Software Sleutel Verwijderd : HKLM\Software\systweak Sleutel Verwijderd : HKLM\SOFTWARE\Tarma Installer ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16537 Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9BC904357&ts=1375472709 --> hxxp://www.google.com Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST500LM012XHN-M500MBB_S2TUJ9BC904357&ts=1375472709 --> hxxp://www.google.com -\\ Mozilla Firefox v22.0 (nl) File : C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v28.0.1500.95 File : C:\Users\v Duuren\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [2911 octets] - [05/08/2013 19:20:13] ########## EOF - C:\AdwCleaner[s1].txt - [2971 octets] ##########

Hallo Juisterr IE,Google en firefoxe werken weer zoals ik gewend was Perfect Hartelijk dank voor de hulp Zal discussie markeren als opgelost Groet Leobus

Hallo juister hier het 2é logje van zoek exe. Zoek.exe Version 4.0.0.4 Updated 31-07-2013 Tool run by v Duuren on zo 04-08-2013 at 21:25:04,92. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\v Duuren\Downloads\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results04-08-2013-2123.log 0 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.nl/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CDAQFjAA&url=http%3A%2F%2Fahwijndomein.ah.nl%2Fwijnkennis%2Fbewaren-serveren&ei=b***UeaRCsLaOeSOgYAO&usg=AFQjCNECpz9oYcy4HFYWKtZkx2L1Wq55mQ&bvm=bv.47244034,d.ZWU"); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default\prefs.js: user_pref("browser.startup.homepage", "Google"); user_pref("browser.search.defaulturl", "Google="); user_pref("browser.newtab.url", "Google"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "Google="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== Profilepath: C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default 0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director ==== Chrome Look ====================== Docs - v Duuren - Default\Extensions\aohghmighlieiainnegkcijnfilokake ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset Google Chrome ====================== C:\users\v Duuren\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\v Duuren\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\v Duuren\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe C:\Users\v Duuren\Desktop\GIMP 2.lnk - C:\Program Files\GIMP 2\bin\gimp-2.8.exe C:\Users\v Duuren\Desktop\GrabIt.lnk - C:\Program Files (x86)\GrabIt\GrabIt.exe C:\Users\v Duuren\Desktop\HiJackThis.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\v Duuren\Desktop\IrfanView Thumbnails.lnk - C:\Program Files (x86)\IrfanView\i_view32.exe /thumbs C:\Users\v Duuren\Desktop\IrfanView.lnk - C:\Program Files (x86)\IrfanView\i_view32.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\ASUS Vibe Fun Center.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe C:\Users\Public\Desktop\ASUS Install.lnk - C:\eSupport\eDriver\AsInsWiz.exe C:\Users\Public\Desktop\ASUS Instant Connect Installer.lnk - C:\Windows\Installer\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}\_77CD0D17CE4BC69D3FCD39.exe C:\Users\Public\Desktop\ASUS InstantOn.lnk - C:\Windows\Installer\{749F674B-2674-47E8-879C-5626A06B2A91}\_5071C9DBC1BB2B48AAB6B3.exe C:\Users\Public\Desktop\ASUS Product Demo Movie.Lnk - C:\Windows\ASUSProductDemoMovie\ASUS Product Demo Movie.exe C:\Users\Public\Desktop\ASUS Tutor.lnk - C:\windows\Installer\{58172D66-2F69-4215-9AEC-ED8196023736}\_ECAE39551DF09CB0079E46.exe C:\Users\Public\Desktop\Benodigdheden kopen - HP Deskjet 1050 J410 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 1050 J410 series\Bin\hpqDTSS.exe C:\Users\Public\Desktop\Blender.lnk - C:\Program Files\Blender Foundation\Blender\blender.exe C:\Users\Public\Desktop\eManual.Lnk - C:\eSupport\Manual\eManual.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 1050 J410 series\Bin\HP Deskjet 1050 J410 series.exe -Start UDCDevicePage C:\Users\Public\Desktop\Manual CanoScan 3000,3000F.lnk - C:\Program Files (x86)\Canon\CanoScan 3000,3000F\CanoScan.htm C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\Public\Desktop\PhotoStudio 5.lnk - C:\Program Files (x86)\ArcSoft\PhotoStudio\PhotoStudio.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe C:\Users\Public\Desktop\Spotnet.lnk - C:\Program Files (x86)\Spotnet\Spotnet.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\WebStorage Sync Agent.lnk - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe C:\Users\Public\Desktop\Ziggo Internetbeveiliging.lnk - C:\Program Files (x86)\Internetbeveiliging\trigger.exe --open-launchpad --operator-id 45123 C:\Users\Public\Desktop\ASUS\Business tool\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\ASUS\Entertainment\Build-a-lot 4 - Power Source.lnk - C:\Users\Public\Desktop\ASUS\Entertainment\Delicious Emily's Childhood Memories.lnk - C:\Users\Public\Desktop\ASUS\Entertainment\Jewel Quest Mysteries 2.lnk - C:\Users\Public\Desktop\ASUS\Entertainment\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe C:\Users\Public\Desktop\ASUS\Entertainment\Snark Busters - Welcome to the Club.lnk - C:\Users\Public\Desktop\ASUS\Entertainment\The Treasures of Montezuma 3.lnk - C:\Users\Public\Desktop\ASUS\Multimedia\ASUSDVD.lnk - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe C:\Users\Public\Desktop\ASUS\System tool\ASUS On-Screen Display.lnk - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSDMgr.exe C:\Users\Public\Desktop\ASUS\System tool\Power4Gear Hybrid.lnk - C:\Windows\Installer\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}\_C80B063CCF3F6EE7CFF8AA.exe C:\Users\Public\Desktop\ASUS\System tool\Splendid Utility.Lnk - C:\Program Files (x86)\ASUS\Splendid\Backbone.exe ==== shortcuts in Users Start Menu ====================== C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden (2).lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Blender.lnk - C:\Program Files\Blender Foundation\Blender\blender.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Copyright.lnk - C:\Program Files\Blender Foundation\Blender\copyright.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\GPL-license.lnk - C:\Program Files\Blender Foundation\Blender\GPL-license.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Readme.lnk - C:\Program Files\Blender Foundation\Blender\readme.html C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Uninstall.lnk - C:\Program Files\Blender Foundation\Blender\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setDX C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setOGL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\Windows\SysWOW64\msiexec.exe /x {96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GrabIt.lnk - C:\Program Files (x86)\GrabIt\GrabIt.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OUTLOOK.EXE /recycle C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Corel PHOTO-PAINT 7.LNK - C:\Corel\Draw70\programs\photopnt.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CorelDRAW 7.LNK - C:\Corel\Draw70\programs\coreldrw.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Libraries C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\v Duuren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\v Duuren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\v Duuren\AppData\Local\Mozilla\Firefox\Profiles\8puwcrs9.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\v Duuren\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\VDUURE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 04-08-2013 at 21:31:11,43 ======================

Hallo Juisterr Dit is het logje vanzoek exe Zoek.exe Version 4.0.0.4 Updated 31-07-2013 Tool run by v Duuren on zo 04-08-2013 at 20:20:59,70. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\v Duuren\Downloads\zoek.exe [script inserted] ==== System Restore Info ====================== 4-8-2013 20:33:19 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default ---- Lines delta removed from prefs.js ---- user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "orgnl"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.id", "fa4907d400000000000012689df3dc5a"); user_pref("extensions.delta.instlDay", "15877"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.521:28:39"); user_pref("extensions.delta.vrsni", "1.8.21.5"); ---- Lines delta modified from prefs.js ---- ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "fa4907d400000000000012689df3dc5a"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15877"); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsni", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.521:28:39"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "orgnl"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta_i.babTrack", ""affID=10588&tl=gcn63164" srcExt=def"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.srcExt", ""); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "14043b69ad02e151a5c9658216b812c7"); ---- Lines crossrider modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- user_04-08-2013_2035_.backup prefs_04-08-2013_2035_.backup ==== Deleting Files \ Folders ====================== "C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default\searchplugins\delta.xml" deleted "C:\Users\v Duuren\Downloads\SoftonicDownloader_voor_gimp.exe" deleted "C:\Windows\wininit.ini" deleted "C:\Windows\SysNative\roboot64.exe" deleted "C:\Windows\Tasks\Dealply.job" deleted "C:\windows\SysNative\Tasks\Dealply" not deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted "C:\Program Files (x86)\Babylon" deleted "C:\Program Files\Babylon" deleted "C:\Program Files (x86)\DealPly" deleted "C:\Program Files (x86)\DealPlyLive" deleted "C:\Program Files (x86)\MyPC Backup" deleted "C:\Users\v Duuren\AppData\Roaming\BabSolution" deleted "C:\Users\v Duuren\AppData\Roaming\Systweak" deleted "C:\ProgramData\APN" deleted "C:\ProgramData\eSafe" deleted "C:\ProgramData\StarApp" deleted "C:\ProgramData\DealPlyLive" deleted "C:\ProgramData\InstallMate" deleted "C:\ProgramData\Tarma Installer" deleted "C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com" deleted "C:\Users\v Duuren\AppData\LocalLow\BabylonToolbar" deleted "C:\Users\v Duuren\AppData\LocalLow\Delta" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default - FT Downloader - %ProfilePath%\extensions\ftd@ftd.com.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default 0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 66640A55AEFF3819C94E0A8D40D7E0AD - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director ==== Deleting Files \ Folders ====================== "C:\Users\v Duuren\AppData\Roaming\Mozilla\Firefox\Profiles\8puwcrs9.default\extensions\ftd@ftd.com.xpi" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ejnmnhkgiphcaeefbaooconkceehicfi - C:\Program Files (x86)\DealPly\DealPly.crx[] lgnbhdnimikkoodkogjlcllngimhlapp - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {33BB0A4E-99AF-4226-BDF6-49120163DE86} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-916307411-1588903604-153646724-1002\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\v Duuren\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe C:\Users\v Duuren\Desktop\GIMP 2.lnk - C:\Program Files\GIMP 2\bin\gimp-2.8.exe C:\Users\v Duuren\Desktop\GrabIt.lnk - C:\Program Files (x86)\GrabIt\GrabIt.exe C:\Users\v Duuren\Desktop\HiJackThis.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\v Duuren\Desktop\IrfanView Thumbnails.lnk - C:\Program Files (x86)\IrfanView\i_view32.exe /thumbs C:\Users\v Duuren\Desktop\IrfanView.lnk - C:\Program Files (x86)\IrfanView\i_view32.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\ASUS Vibe Fun Center.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe C:\Users\Public\Desktop\ASUS Install.lnk - C:\eSupport\eDriver\AsInsWiz.exe C:\Users\Public\Desktop\ASUS Instant Connect Installer.lnk - C:\Windows\Installer\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}\_77CD0D17CE4BC69D3FCD39.exe C:\Users\Public\Desktop\ASUS InstantOn.lnk - C:\Windows\Installer\{749F674B-2674-47E8-879C-5626A06B2A91}\_5071C9DBC1BB2B48AAB6B3.exe C:\Users\Public\Desktop\ASUS Product Demo Movie.Lnk - C:\Windows\ASUSProductDemoMovie\ASUS Product Demo Movie.exe C:\Users\Public\Desktop\ASUS Tutor.lnk - C:\windows\Installer\{58172D66-2F69-4215-9AEC-ED8196023736}\_ECAE39551DF09CB0079E46.exe C:\Users\Public\Desktop\Benodigdheden kopen - HP Deskjet 1050 J410 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 1050 J410 series\Bin\hpqDTSS.exe C:\Users\Public\Desktop\Blender.lnk - C:\Program Files\Blender Foundation\Blender\blender.exe C:\Users\Public\Desktop\eManual.Lnk - C:\eSupport\Manual\eManual.exe C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 1050 J410 series\Bin\HP Deskjet 1050 J410 series.exe -Start UDCDevicePage C:\Users\Public\Desktop\Manual CanoScan 3000,3000F.lnk - C:\Program Files (x86)\Canon\CanoScan 3000,3000F\CanoScan.htm C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6 C:\Users\Public\Desktop\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\Public\Desktop\PhotoStudio 5.lnk - C:\Program Files (x86)\ArcSoft\PhotoStudio\PhotoStudio.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe C:\Users\Public\Desktop\Spotnet.lnk - C:\Program Files (x86)\Spotnet\Spotnet.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\WebStorage Sync Agent.lnk - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe C:\Users\Public\Desktop\Ziggo Internetbeveiliging.lnk - C:\Program Files (x86)\Internetbeveiliging\trigger.exe --open-launchpad --operator-id 45123 C:\Users\Public\Desktop\ASUS\Business tool\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\ASUS\Entertainment\Build-a-lot 4 - Power Source.lnk - C:\Users\Public\Desktop\ASUS\Entertainment\Delicious Emily's Childhood Memories.lnk - C:\Users\Public\Desktop\ASUS\Entertainment\Jewel Quest Mysteries 2.lnk - C:\Users\Public\Desktop\ASUS\Entertainment\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe C:\Users\Public\Desktop\ASUS\Entertainment\Snark Busters - Welcome to the Club.lnk - C:\Users\Public\Desktop\ASUS\Entertainment\The Treasures of Montezuma 3.lnk - C:\Users\Public\Desktop\ASUS\Multimedia\ASUSDVD.lnk - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe C:\Users\Public\Desktop\ASUS\System tool\ASUS On-Screen Display.lnk - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSDMgr.exe C:\Users\Public\Desktop\ASUS\System tool\Power4Gear Hybrid.lnk - C:\Windows\Installer\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}\_C80B063CCF3F6EE7CFF8AA.exe C:\Users\Public\Desktop\ASUS\System tool\Splendid Utility.Lnk - C:\Program Files (x86)\ASUS\Splendid\Backbone.exe ==== shortcuts in Users Start Menu ====================== C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden (2).lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6 C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6 C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6 C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Blender.lnk - C:\Program Files\Blender Foundation\Blender\blender.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Copyright.lnk - C:\Program Files\Blender Foundation\Blender\copyright.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\GPL-license.lnk - C:\Program Files\Blender Foundation\Blender\GPL-license.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Readme.lnk - C:\Program Files\Blender Foundation\Blender\readme.html C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation\Blender\Uninstall.lnk - C:\Program Files\Blender Foundation\Blender\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setDX C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setOGL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\Windows\SysWOW64\msiexec.exe /x {96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GrabIt.lnk - C:\Program Files (x86)\GrabIt\GrabIt.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6 C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OUTLOOK.EXE /recycle C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Corel PHOTO-PAINT 7.LNK - C:\Corel\Draw70\programs\photopnt.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CorelDRAW 7.LNK - C:\Corel\Draw70\programs\coreldrw.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Libraries C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6 C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6 ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden (2).lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Buienradar.nl - Weer - Actuele neerslag, weerbericht, weersverwachting, sneeuwradar en satellietbeelden.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\v Duuren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\v Duuren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\v Duuren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FCFOS37Q will be deleted at reboot C:\Users\v Duuren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCE65HY5 will be deleted at reboot C:\Users\v Duuren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RO4YOF1C will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\v Duuren\AppData\Local\Mozilla\Firefox\Profiles\8puwcrs9.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\VDUURE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\windows\SysNative\Tasks\Dealply" not found "C:\Users\v Duuren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FCFOS37Q" not found "C:\Users\v Duuren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCE65HY5" not found "C:\Users\v Duuren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RO4YOF1C" not found ==== EOF on zo 04-08-2013 at 20:41:14,86 ======================

Hallo IK krijg Qvo6 niet weg uit IE, Google Chrome, en Firefox wie kan mij helpen bij deze al vast de scan met HijackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:07:55, on 4-8-2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [F-Secure Hoster (45123)] "C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe" -app -hosterid:1 O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10205 bytes