eggdepo

[Marcelleken]

IK krijg de laatste tijd veel popups binnen en als ik ga googelen met Chrome dan opent zich telkens een venster "www.eggdepo.com"

Kan je mij aub helpen want dit is zeer vervelend !

Bedankt MARCELLEKEN

[Maxstar]

Hoi,

Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:

DDS - Bleeping Computer download.

DDS - Bleeping Computer download.

DDS - Infospyware.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met DDS (hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

• 
  
• Windows XP: Dubbelklik op DDS om de tool te starten.
  
• Windows Vista,7,8: Rechtsklik op DDS en klik op "Als administrator uitvoeren".
  
• Vink in het volgende scherm dds.txt en attach.txt aan en klik op "Start"
  
• Laat de tool ongehinderd zijn werk doen. Als de scan gereed is klikt u op "OK"
  
• Post de inhoud van het geopende DDS.txt in het volgende bericht.
  (Plaats het attach logje alleen indien hierom wordt gevraagd!)
  

[Marcelleken]

Maxstar bedankt voor je vlugge reactie

IK hoop dat ik de logjes goed verstuurd heb !

Marcelleken

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16618 BrowserJavaVersion: 10.21.2

Run by Chris at 16:03:54 on 2013-07-09

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1043.18.3836.2144 [GMT 2:00]

.

AV: Panda Global Protection 2012 *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}

SP: Panda Global Protection 2012 *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Panda Personal Firewall 2012 *Disabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PskSvc.exe

C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\TPSrvWow.exe

C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA GLOBAL PROTECTION 2012\WebProxy.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\spoolsv.exe

c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe

C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe

C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe

C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsCtrls.exe

C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PavFnSvr.exe

C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe

C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\pavsrvx86.exe

C:\Windows\SysWOW64\IoctlSvc.exe

C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\AVENGINE.EXE

c:\program files (x86)\panda security\panda global protection 2012\firewall\PSHOST.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsImSvc.exe

C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\System32\alg.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files (x86)\CaptureWiz\Pro\CaptureWiz.exe

C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\taskmgr.exe

C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\SRVLOAD.EXE

C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PavBckPT.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

C:\Windows\system32\sc.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://www.google.be/

BHO: safeee ssAVee: {57164ECD-A680-7DA1-6FA3-C7C64BADEBB6} - C:\ProgramData\safeee ssAVee\51c8874a9d58f.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe

uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

uRun: [9B76BD8E0E6C799CA95AC4260DAE52D2CD6E0D82._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE" /s

mRun: [sCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\Inicio.exe"

mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\CAPTUR~1.LNK - C:\Program Files (x86)\CaptureWiz\Pro\CaptureWiz.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoDriveAutorun = dword:0

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

Trusted Zone: clubs.nl

Trusted Zone: hotfile.com

Trusted Zone: linksave.in

Trusted Zone: ottsttfre.exe

Trusted Zone: outlook.com

Trusted Zone: rapidshare.com

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://belgacom.extrafilm.be/ImageUploader5.cab

DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} - file:///C:/Users/Chris/Videos/Porto_Bello_mei_2011/components/wmvhdrating.ocx

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{77490D4C-FFD6-425E-99DB-9CA0282F1091} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{77490D4C-FFD6-425E-99DB-9CA0282F1091}\64F4E4F52454C4741434F4D4 : DHCPNameServer = 195.238.2.22 195.238.2.21

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= c:\progra~2\safesa~1\sprote~1.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: avldr - avldr64.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npPxPlay.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll

.

============= SERVICES / DRIVERS ===============

.

R0 pavboot;Panda boot driver;C:\Windows\System32\drivers\pavboot64.sys [2012-12-11 30792]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-3-31 55856]

R1 ShldFlt;Panda File Shield Driver;C:\Windows\System32\drivers\ShldFlt.sys [2012-12-11 48136]

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-8 169312]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-9-4 203264]

R2 AmFSM;AmFSM;C:\Windows\System32\drivers\amm6460.sys [2012-12-11 65608]

R2 APPFLT;App Filter Plugin;C:\Windows\System32\drivers\APPFLT64.SYS [2012-12-11 129096]

R2 ComFiltr;Panda Anti-Dialer;C:\Windows\System32\drivers\COMFiltr.sys [2012-12-11 15928]

R2 DSAFLT;DSA Filter Plugin;C:\Windows\System32\drivers\dsaflt64.sys [2012-12-11 82952]

R2 ePowerSvc;Acer ePower Service;C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2009-8-24 844320]

R2 FNETMON;NetMon Filter Plugin;C:\Windows\System32\drivers\fnetm64.sys [2012-12-11 31752]

R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-6-4 1150496]

R2 IDSFLT;Ids Filter Plugin;C:\Windows\System32\drivers\idsflt64.sys [2012-12-11 78920]

R2 NETFLTDI;Panda Net Driver [TDI Layer];C:\Windows\System32\drivers\NETTDI64.SYS [2012-12-11 170504]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2009-8-21 62720]

R2 Panda Software Controller;Panda Software Controller;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PsCtrlS.exe [2012-12-11 173312]

R2 PAVFNSVR;Panda Function Service;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\PavFnSvr.exe [2012-12-11 202016]

R2 PavPrSrv;Panda Process Protection Service;C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe [2012-12-11 62768]

R2 PAVSRV;Panda On-Access Anti-Malware Service;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\pavsrvx86.exe [2012-12-11 314176]

R2 PskSvcRetail;Panda PSK service;C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\psksvc.exe [2012-12-11 28992]

R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-8-24 240160]

R2 WNMFLT;Wifi Monitor Filter Plugin;C:\Windows\System32\drivers\wnmflt64.sys [2012-12-11 74760]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-8-25 317480]

R3 NETIMFLT01060044;PANDA NDIS IM Filter Miniport v1.6.0.44;C:\Windows\System32\drivers\n64i1644.sys [2012-12-11 216648]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-2-16 34872]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-5-24 103064]

S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-4-15 37344]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-26 19456]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-8-24 222208]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-5-24 203672]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-26 57856]

S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-17 1255736]

S4 PuranDefrag;PuranDefrag;C:\Windows\System32\PuranDefragS.exe [2012-1-31 290816]

.

=============== File Associations ===============

.

FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [userChoice]

.

=============== Created Last 30 ================

.

2013-07-09 11:44:36 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4FB85088-E199-43F6-8EC1-9B0EF0597944}\mpengine.dll

2013-06-24 17:07:06 -------- d-----w- C:\ProgramData\StarApp

2013-06-24 17:02:55 -------- d-----w- C:\Program Files (x86)\SafeSaver

2013-06-24 17:02:49 -------- d-----w- C:\ProgramData\safeee ssAVee

2013-06-24 17:01:33 -------- d-----w- C:\ProgramData\InstallMate

2013-06-24 10:15:27 -------- d-----w- C:\Users\Chris\AppData\Roaming\PhotoCollageMax

2013-06-24 10:15:27 -------- d-----w- C:\ProgramData\PhotoCollageMax

2013-06-24 09:32:58 -------- d-----w- C:\Users\Chris\AppData\Roaming\ParetoLogic

2013-06-24 09:32:58 -------- d-----w- C:\Users\Chris\AppData\Roaming\DriverCure

2013-06-24 09:32:25 -------- d-----w- C:\ProgramData\ParetoLogic

2013-06-12 19:35:03 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-06-12 19:35:03 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-06-12 19:35:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-12 19:33:06 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-06-12 19:33:06 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-06-12 19:33:02 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2013-06-12 19:33:02 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-06-12 19:32:53 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-06-12 19:32:53 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-06-12 19:32:52 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-06-12 19:32:52 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-06-12 19:32:52 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-06-12 19:32:52 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-06-12 19:32:52 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-06-12 19:32:52 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-06-12 19:32:52 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-06-12 19:32:52 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-06-12 19:32:40 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2013-06-12 19:32:40 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

.

==================== Find3M ====================

.

2013-07-06 10:17:00 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-07-06 10:17:00 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-02 00:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2010-04-02 15:06:06 1364522 ----a-w- C:\Program Files (x86)\wrar393.exe

.

============= FINISH: 16:07:34.50 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 31-Mar-10 12:01:12 PM

System Uptime: 09-Jul-13 3:56:30 PM (1 hours ago)

.

Motherboard: Packard Bell | | EasyNote LJ71

Processor: AMD Athlon II Dual-Core M300 | Socket S1G3 | 2000/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 584 GiB total, 82.809 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}

Description: AJ457764 IDE Controller

Device ID: ACPI\PNPA000\4&5D18F2DF&0

Manufacturer: (Standard mass storage controllers)

Name: AJ457764 IDE Controller

PNP Device ID: ACPI\PNPA000\4&5D18F2DF&0

Service: argzgpaj

.

==== System Restore Points ===================

.

RP1511: 06-Jul-13 12:05:00 PM - Windows Update

RP1512: 06-Jul-13 12:19:10 PM - Windows Update

RP1513: 07-Jul-13 8:26:08 PM - Windows Update

RP1514: 08-Jul-13 12:38:54 PM - Windows Update

RP1515: 08-Jul-13 9:46:30 PM - Windows Update

RP1516: 09-Jul-13 8:51:28 AM - Windows Update

RP1517: 09-Jul-13 2:55:28 PM - Windows Update

RP1518: 09-Jul-13 4:05:46 PM - Installed Java 7 Update 25

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

AbiWord 2.8.4

Acrobat.com

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop Elements 7.0

Adobe Reader XI (11.0.03) - Nederlands

Advertising Center

All Office Converter Platinum 6.1

AMD USB Filter Driver

AoA Audio Extractor Platinum

Apple Application Support

Apple Software Update

Ashampoo Burning Studio 10.0.3

Ashampoo Burning Studio 9.03

ATI Catalyst Install Manager

Audacity 1.2.6

AVS Screen Capture version 2.0.1

AVS Update Manager 1.0

AVS Video Recorder 2.4

AVS Video ReMaker 4.0.4.134

AVS4YOU Software Navigator 1.4

Backup Manager Basic

Basissoftware voor HP Deskjet 3050A J611 series

CaptureWizPro 3.00

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

CyberLink PowerDVD 8

D3DX10

dBpoweramp Music Converter

DolbyFiles

Easy Video Splitter 1.28

ESET Online Scanner v3

FormatFactory 2.90

Foto's op TV Deluxe 7

Free YouTube Download 2.9

Free YouTube to MP3 Converter version 3.11.32.918

FrostWire 5.5.2

Google Chrome

Google Update Helper

HiJackThis

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

HP Deskjet 3050A J611 series Haelp

HP Photo Creations

HP Update

Identity Card

ImagXpress

IrfanView (remove only)

Java 7 Update 25

Java Auto Updater

JavaFX 2.1.1

KaraFun Player

KarAll versie 1.23.08(1)

Karaoke for DirectX (remove only)

Lame ACM MP3 Codec

LAME v3.98.2 for Audacity

Magic Video Converter 8.0.8.25

MAGIX 3D Maker (embedded MSI)

MAGIX Foto's op CD & DVD 9 deluxe Download-versie

MAGIX Speed 2 (MSI)

MAGIX Xtreme Photo Designer 6

Malwarebytes Anti-Malware versie 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Dutch) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office Language Pack 2007 - Dutch/Nederlands

Microsoft Office O MUI (Dutch) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (Dutch)

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Professional Plus 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared 64-bit MUI (Dutch) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)

Microsoft Office SharePoint Designer MUI (Dutch) 2007

Microsoft Office Word MUI (Dutch) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Office X MUI (Dutch) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Microsoft XML Parser

MixMeister Express Demo 7.0.9

Mozilla Firefox 13.0.1 (x86 nl)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyFreeCodec

Native Instruments Traktor DJ Mixer v1.02

Nero 8

Nero ControlCenter

Nero Installer

Nero StartSmart OEM

neroxml

Ots CD Scratch 1200 1.00.048

OtsTurntables Free 1.00.047

Packard Bell InfoCentre

Packard Bell MyBackup

Packard Bell Power Management

Packard Bell Recovery Management

Packard Bell Registration

Packard Bell ScreenSaver

Packard Bell Updater

Panda ActiveScan 2.0

Panda Global Protection 2012

Panda Secure Vault 5

Panda USB Vaccine 1.0.1.16

Picasa 3

Picture Collage Maker

PresentationPro PowerPresenter v1.2

ProShow Gold

Puran Defrag Free Edition 7.3

QuickTime

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

safeee ssAVee

SafeSaver 1.74

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)

Siglos Karaoke Player/Recorder

Synaptics Pointing Device Driver

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

Ulead PhotoImpact 12

Uninstall 1.0.0.1

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

vanBasco's Karaoke Player

VC80CRTRedist - 8.0.50727.6195

VCRedistSetup

Video Web Camera

Welcome Center

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Messenger

Windows Live Movie Maker

Windows Live OneCare safety scanner

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR

Wondershare DVD Slideshow Builder Deluxe(Build 6.1.1.44)

Wondershare PPT2DVD 5.2.0.240

Word Artist 1.2

Xvid Video Codec

Youtube Downloader HD v. 2.9.6

.

==== End Of File ===========================

9 juli 2013 aangepast door Marcelleken

[Maxstar]

Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

(hier of hier) kan je lezen hoe je dat doet.

• 
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

   
  iedefaults:https://www.google.be
  {57164ECD-A680-7DA1-6FA3-C7C64BADEBB6};c
  C:\ProgramData\safeee ssAVee;fs
  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows];r
  "AppInit_DLLs"=-;r
  C:\Program Files (x86)\SafeSaver;fs
  C:\ProgramData\safeee ssAVee;fs
  C:\ProgramData\InstallMate;fs
  chromelook;
  firefoxlook;
  startupall; 
  filesrcm; 
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Marcelleken]

Hallo Maxstar, hier ben ik terug...

Hier dan het logje

Zoek.exe Version 4.0.0.3 Updated 05-July-2013

Tool run by Chris on 09-Jul-13 at 16:54:26.02.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

C:\zoek-results04-May-13-0123-PM.log 414 bytes

C:\zoek-results04-May-13-0125-PM.log 462 bytes

C:\zoek-results04-May-13-0131-PM.log 22021 bytes

C:\zoek-results30-Jan-12-0101-PM.log 210 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-828370553-1514782745-4058475767-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{57164ECD-A680-7DA1-6FA3-C7C64BADEBB6} deleted successfully

HKEY_USERS\S-1-5-21-828370553-1514782745-4058475767-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{57164ECD-A680-7DA1-6FA3-C7C64BADEBB6} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{57164ECD-A680-7DA1-6FA3-C7C64BADEBB6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57164ECD-A680-7DA1-6FA3-C7C64BADEBB6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{57164ECD-A680-7DA1-6FA3-C7C64BADEBB6} deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

"C:\ProgramData\safeee ssAVee" deleted

"C:\Program Files (x86)\SafeSaver" deleted

"C:\ProgramData\safeee ssAVee" deleted

"C:\ProgramData\InstallMate" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Chris\AppData\Local\Temp ====

2013-07-09 14:08:06 3BC853FCC8DABE43A64823C4D2968EDF 489936 ----a-w- C:\Users\Chris\AppData\Local\Temp\APNSetup.exe

====== C:\Windows\SysWOW64 =====

2013-07-09 14:07:38 351D111CD5C5479946EB724DBBB1275E 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-06-12 19:35:01 9849EA3843A2ADBDD1497E97A85D8CAE 1910632 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\Program Files (x86) =====

2013-07-09 14:10:12 -------- d-----w- C:\Program Files (x86)\AskPartnerNetwork

======= C: =====

====== C:\Users\Chris\AppData\Roaming ======

2013-07-05 19:21:38 -------- d-----w- C:\users\Chris\AppData\Locallow\safeee ssAVee

2013-06-24 10:15:27 -------- d-----w- C:\users\Chris\AppData\Roaming\PhotoCollageMax

2013-06-24 09:32:58 -------- d-----w- C:\users\Chris\AppData\Roaming\DriverCure

====== C:\Users\Chris ======

2013-07-09 14:10:12 -------- d-----w- C:\ProgramData\AskPartnerNetwork

2013-07-09 14:10:07 -------- d-----w- C:\ProgramData\APN

2013-07-09 14:01:50 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Chris\Desktop\dds.com

2013-06-24 17:07:06 -------- d-----w- C:\ProgramData\StarApp

2013-06-24 17:02:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\safeee ssAVee

2013-06-24 10:15:27 -------- d-----w- C:\ProgramData\PhotoCollageMax

====== C: exe-files ==

2013-07-09 14:10:12 DEA1D1757F8F8624E498092684B55D58 169632 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe

2013-07-09 14:10:12 D2274FB0381D5338DD66DAE727B66C2E 117408 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe

2013-07-09 14:10:12 7D988F739584FC10CF062ACE8D7A8999 113312 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe

2013-07-09 14:10:12 292A26909A43B2431BA2764ED4C691E6 265888 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe

2013-07-09 14:10:12 055C94C8429EAB0573A31C5BF7B505B0 1541584 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

2013-07-09 14:08:06 3BC853FCC8DABE43A64823C4D2968EDF 489936 ----a-w- C:\Users\Chris\AppData\Local\Temp\APNSetup.exe

2013-07-09 14:08:06 3BC853FCC8DABE43A64823C4D2968EDF 489936 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe

2013-07-08 10:11:43 C3190BA6ED6220369EEEED081A14DDFC 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateOnDemand.exe

2013-07-08 10:11:43 1017788353D8349BF6086B9CDDC8CB7B 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateBroker.exe

2013-07-08 10:11:42 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateSetup.exe

2013-07-08 10:11:37 CA35155F6B4C4DB2513AAAA868BAFF47 324488 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exe

2013-07-08 10:11:37 09C87F376507122A5FE1CBE06E015512 239496 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe

2013-07-08 10:11:33 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdate.exe

2013-07-08 10:11:31 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.149\GoogleUpdateSetup.exe

=== C: other files ==

2013-07-09 14:14:59 A5CC44013CA4083AF20F1DC1D84F7E58 448217 ----a-w- C:\Users\Chris\AppData\Local\Temp\scoped_dir_6108_21087\ToolbarCR.crx

2013-07-09 14:10:12 A5CC44013CA4083AF20F1DC1D84F7E58 448217 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\ToolbarCR.crx

2013-07-09 14:10:12 A5CC44013CA4083AF20F1DC1D84F7E58 448217 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\Toolbar.crx

2013-07-09 14:10:12 0EF2EE2E14039D0E5A0479CD562A566E 448205 ----a-w- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_ORJ-V7@apn.ask.com.xpi

2013-07-09 14:01:50 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Chris\Desktop\dds.com

2013-07-09 06:06:49 91C20AA5DA62ED2405E8D610DA24F96B 343747 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\Back up 5 nov_20130709_080622_INC.zip

2013-07-08 18:02:21 01C9350F8AC21EB6958A7410313C924D 29631266 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\Nieuwe kopie_20130708_200139_INC.zip

2013-07-08 18:01:14 9C0782D9260DEC218692944CD30C9B69 21774251 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\kopiëren Nieuwe kopie_20130708_200057_INC.zip

2013-07-07 18:11:06 670C7583FA0F272E4C62E80F35AA258E 18581 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\Back up 5 nov_20130707_201106_INC.zip

2013-07-07 18:10:50 7D4F76249C788E00C0EF999FA61EF098 18455 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\Nieuwe kopie_20130707_201050_INC.zip

2013-07-07 18:10:24 182BAA12358943B7C0167072661116C0 10065229 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\kopiëren Nieuwe kopie_20130707_201024_INC.zip

2013-07-05 20:12:25 07A4253123B86B474EDB349054AD598F 18581 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\Back up 5 nov_20130705_221225_INC.zip

2013-07-05 20:12:00 7B40840F78BD1753DE766B34F758DD7F 27272424 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\Nieuwe kopie_20130705_221117_INC.zip

2013-07-05 20:04:21 729D310BF456645D6BD6C3478041A458 7354715 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\kopiëren Nieuwe kopie_20130705_210443_TOTAL.zip

2013-07-04 10:20:35 01D6C1B13376650640C513A0EBAA432E 29772194 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\Nieuwe kopie_20130704_121822_INC.zip

2013-07-04 10:17:55 543EFC64064EED8E2ED636BA36E4BD8F 23562720 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\kopiëren Nieuwe kopie_20130704_121727_INC.zip

2013-07-03 06:51:47 741823B9966B5E266CD9772106AB3553 18582 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\Back up 5 nov_20130703_085147_INC.zip

2013-07-02 18:57:57 51CF19C233AC252E62D2BF7E834BA386 17155616 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\Nieuwe kopie_20130702_205750_INC.zip

2013-07-02 18:57:17 FA376C485697CC720C43A72ABA4A0687 20125416 ----a-w- C:\ProgramData\Backup\BackupRepository\Backup\kopiëren Nieuwe kopie_20130702_205657_INC.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-828370553-1514782745-4058475767-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Xvid"="C:\Program Files (x86)\Xvid\CheckUpdate.exe"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

"9B76BD8E0E6C799CA95AC4260DAE52D2CD6E0D82._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"APVXDWIN"="C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\APVXDWIN.EXE /s"

"SCANINICIO"="C:\Program Files (x86)\Panda Security\Panda Global Protection 2012\Inicio.exe"

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Xvid"="C:\Program Files (x86)\Xvid\CheckUpdate.exe"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

"9B76BD8E0E6C799CA95AC4260DAE52D2CD6E0D82._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"Google Update"="\"C:\\Users\\Chris\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"Freecorder FLV Service"="\"C:\\Program Files (x86)\\Freecorder\\FLVSrvc.exe\" /run"

"StartCCC"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun"

"PDVD8LanguageShortcut"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD8\\Language\\Language.exe\""

"RemoteControl8"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD8\\PDVD8Serv.exe\""

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray]

"command"="\"C:\\Program Files (x86)\\NewTech Infosystems\\Packard Bell MyBackup\\BackupManagerTray.exe\" -h -k"

"hkey"="HKLM"

"item"="BackupManagerTray"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

"command"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe"

"hkey"="HKLM"

"item"="HP Software Update"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan]

"command"="\"C:\\Program Files (x86)\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""

"hkey"="HKLM"

"item"="NBKeyScan"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe"

"hkey"="HKLM"

"item"="RtHDVCpl"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]

"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"

"hkey"="HKLM"

"item"="SynTPEnh"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ulead AutoDetector v2]

"command"="C:\\Program Files (x86)\\Common Files\\Ulead Systems\\AutoDetector\\monitor.exe"

"hkey"="HKLM"

"item"="Ulead AutoDetector v2"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VideoWebCamera]

"command"="\"C:\\Program Files (x86)\\VideoWebCamera\\VideoWebCamera.exe\" -a"

"hkey"="HKLM"

"item"="VideoWebCamera"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Acer ePower Management"="C:\\Program Files\\Packard Bell\\Packard Bell Power Management\\ePowerTray.exe"

==== Startup Folders ======================

2010-03-31 17:05:58 1093 ----a-w- C:\users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CaptureWiz.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-Jul-13 04:15 PM]

C:\Windows\tasks\Basis-opruiming.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-May-13 08:06 AM]

C:\Windows\tasks\HP Photo Creations Messager.job --a------ C:\ProgramData\HP Photo Creations\MessageCheck.exe [15-Feb-11 12:11 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Beheer\AppData\Roaming\Mozilla\Firefox\Profiles\0

- Torntv - %ProfilePath%\extensions\torntv@torntv.com.xpi

ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default

- Undetermined - %ProfilePath%\extensions\staged

- DownTango Launcher - %ProfilePath%\extensions\{7ab91d78-f18c-4215-b305-c896fec0ec73}

- DVDVideoSoft Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

- GoPhotoIt - %ProfilePath%\extensions\gophoto@gophoto.it.xpi

- Collusion - %ProfilePath%\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi

- Torntv 2 - %ProfilePath%\extensions\torntv2@torntv.com.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default

7574626BFE1FA915B3C1AF624675E0E9 - C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npPxPlay.dll - Photodex Presenter Plugin

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aaaajpkhjdkhhnkmgfjodbkfpbmibkkk - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx[07-Jun-13 12:58 AM]

gpicboiclhmnllnjdcfcffifpoaebgkm - C:\Program Files (x86)\Freecorder extension\Freecorder.crx[]

jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files (x86)\TornTV.com\torn11.crx[]

nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[]

pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[31-Jul-12 01:58 PM]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Chris\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[03-Oct-12 03:26 PM]

Ask Toolbar - Chris - Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk

Google Docs - Chris - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Chris - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Chris - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Chris - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

safeee ssAVee - Chris - Default\Extensions\lpkfjfaikifgnpnmpinpfpppkbmcckgo

Gmail - Chris - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== EOF on 09-Jul-13 at 17:05:20.09 ======================

[Maxstar]

Hoi,

Start Zoek.exe nogmaals met het volgende script.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

(hier of hier) kan je lezen hoe je dat doet.

• 
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

   
  C:\users\Chris\AppData\Locallow\safeeessAVee;fs
  C:\users\Chris\AppData\Locallow\safeee ssAVee;fs
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\safeeessAVee;fs
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\safeee ssAVee;fs
  C:\Users\Beheer\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi;f
  C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\{7ab91d78-f18c-4215-b305-c896fec0ec73};fs
  C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C};fs
  C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\gophoto@gophoto.it.xpi;f
  C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\torntv2@torntv.com.xpi;f
  C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi;f
  aaaajpkhjdkhhnkmgfjodbkfpbmibkkk;chr
  gpicboiclhmnllnjdcfcffifpoaebgkm;chr
  jbpkiefagocgkmemidfngdkamloieekf;chr
  nbmafkdmkkckhggblphicnnhlgljnoje;chr
  pfmopbbadnfoelckkcmjjeaaegjpjjbk;chr
  lpkfjfaikifgnpnmpinpfpppkbmcckgo;chr
  autoclean;
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Marcelleken]

Ik hoop dat ik mijn werk goed doe Maxstar,want ik ken niet zoveel van computer af.

Ik moet U n u al bedanken voor al het werk dat U aan mij besteed.

Ik moest mijn computer opnieuw opstarten om het logje te kunnen bekijken

Groetjes Marcelleken

Zoek.exe Version 4.0.0.3 Updated 05-July-2013

Tool run by Chris on 09-Jul-13 at 18:28:27.89.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

C:\zoek-results04-May-13-0123-PM.log 414 bytes

C:\zoek-results04-May-13-0125-PM.log 462 bytes

C:\zoek-results04-May-13-0131-PM.log 22021 bytes

C:\zoek-results09-Jul-13-0505-PM.log 17501 bytes

C:\zoek-results30-Jan-12-0101-PM.log 210 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-828370553-1514782745-4058475767-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C6AEBA4D-49FF-4379-B9F0-186CDBC567ED} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-828370553-1514782745-4058475767-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Beheer\AppData\Roaming\Mozilla\Firefox\Profiles\0

user.js not found

---- Lines CT1060933 removed from prefs.js ----

---- Lines CT1060933 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines Torntv removed from prefs.js ----

---- Lines Torntv modified from prefs.js ----

---- Lines speedbit removed from prefs.js ----

---- Lines speedbit modified from prefs.js ----

---- Lines helperbar removed from prefs.js ----

---- Lines helperbar modified from prefs.js ----

---- Lines smartbar removed from prefs.js ----

---- Lines smartbar modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs__0129_.backup

prefs__0638_.backup

ProfilePath: C:\Users\Beheer\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found

---- Lines CT1060933 removed from prefs.js ----

---- Lines CT1060933 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines Torntv removed from prefs.js ----

---- Lines Torntv modified from prefs.js ----

---- Lines speedbit removed from prefs.js ----

---- Lines speedbit modified from prefs.js ----

---- Lines helperbar removed from prefs.js ----

---- Lines helperbar modified from prefs.js ----

---- Lines smartbar removed from prefs.js ----

---- Lines smartbar modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs__0638_.backup

ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default

user.js not found

---- Lines CT1060933 removed from prefs.js ----

---- Lines CT1060933 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

user_pref("extensions.enabledItems", "helperbar@helperbar.com:1.0,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,engine@conduit.com:3.3.3.2,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17");

---- Lines Torntv removed from prefs.js ----

---- Lines Torntv modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1344418637143}}},{\"name\":\"app-profile\",\"addons\":{\"gophoto@gophoto.it\":{\"descriptor\":\"C:\\\\Users\\\\Chris\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hvkxidll.default\\\\extensions\\\\gophoto@gophoto.it.xpi\",\"mtime\":1343735958000},\"jid1-F9UJ2thwoAm5gQ@jetpack\":{\"descriptor\":\"C:\\\\Users\\\\Chris\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hvkxidll.default\\\\extensions\\\\jid1-F9UJ2thwoAm5gQ@jetpack.xpi\",\"mtime\":1335706424789},\"torntv2@torntv.com\":{\"descriptor\":\"C:\\\\Users\\\\Chris\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hvkxidll.default\\\\extensions\\\\torntv2@torntv.com.xpi\",\"mtime\":1367483599080},\"{7ab91d78-f18c-4215-b305-c896fec0ec73}\":{\"descriptor\":\"C:\\\\Users\\\\Chris\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hvkxidll.default\\\\extensions\\\\{7ab91d78-f18c-4215-b305-c896fec0ec73}\",\"mtime\":1362504494239},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\Chris\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hvkxidll.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\",\"mtime\":1349270428557},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Chris\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hvkxidll.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1362505211699}}}]");

---- Lines speedbit removed from prefs.js ----

user_pref("speedbit.dap_installed", true);

user_pref("speedbitvideodownloader.cache.tbs_include_xml_spd", "18/18/3/1/111");

user_pref("speedbitvideodownloader.firstlaunch", "0");

user_pref("speedbitvideodownloader.guid", "%7B49B6741E-2E86-96DC-7C6B-FF2932E2B19D%7D");

user_pref("speedbitvideodownloader.popupblockedcnt", "8");

user_pref("speedbitvideodownloader.userId", "%12");

user_pref("speedbitvideodownloader.Var1", "0");

user_pref("speedbitvideodownloader.Var10", "0");

user_pref("speedbitvideodownloader.Var2", "0");

user_pref("speedbitvideodownloader.Var3", "0");

user_pref("speedbitvideodownloader.Var4", "0");

user_pref("speedbitvideodownloader.Var5", "0");

user_pref("speedbitvideodownloader.Var6", "0");

user_pref("speedbitvideodownloader.Var7", "0");

user_pref("speedbitvideodownloader.Var8", "0");

user_pref("speedbitvideodownloader.Var9", "0");

user_pref("speedbitvideodownloader_installed_version", "2.3.1");

---- Lines speedbit modified from prefs.js ----

---- Lines helperbar removed from prefs.js ----

---- Lines helperbar modified from prefs.js ----

user_pref("extensions.enabledItems", "helperbar@helperbar.com:1.0,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,engine@disabled.com:3.3.3.2,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17");

---- Lines smartbar removed from prefs.js ----

user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://jixey.com/?id={14FB71DE-3416-4e08-9D50-6A5AF1A879D2}&brand=&ver=2.2.7&src=adr&q=");

---- Lines smartbar modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs__0129_.backup

prefs__0638_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

"C:\users\Chris\AppData\Locallow\safeeessAVee" not found

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\safeeessAVee" not found

"C:\Users\Beheer\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\gophoto@gophoto.it.xpi" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\torntv2@torntv.com.xpi" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi" deleted

"C:\Users\Beheer\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\torntv@torntv.com.xpi" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\torntv2@torntv.com.xpi" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Web Search.xml" deleted

"C:\Users\Chris\AppData\Roaming\pacemaker.ini" deleted

"C:\Users\Chris\AppData\Roaming\UserFlag.ini" deleted

"C:\ProgramData\Setting.dat" deleted

"C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data" deleted

"C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences" deleted

"C:\windows\SysNative\Tasks\BrowserProtect" deleted

"C:\Windows\Launcher.exe" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\searchplugins\BrowserProtect.xml" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\bProtector_extensions.rdf" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\bProtector_extensions.sqlite" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\bProtector_prefs.js" deleted

"C:\Users\Chris\Desktop\Youtube Downloader HD.lnk" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted

"C:\users\Chris\AppData\Locallow\safeee ssAVee" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\safeee ssAVee" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\{7ab91d78-f18c-4215-b305-c896fec0ec73}" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted

"C:\Program Files (x86)\Wondershare" deleted

"C:\Program Files (x86)\Gophoto.it" deleted

"C:\Program Files (x86)\AskPartnerNetwork" not deleted

"C:\Program Files (x86)\Common Files\Wondershare" deleted

"C:\Users\Chris\AppData\Roaming\GoforFiles" deleted

"C:\Users\Chris\AppData\Roaming\DVDVideoSoftIEHelpers" deleted

"C:\Users\Chris\AppData\Roaming\ParetoLogic" deleted

"C:\Users\Chris\AppData\Roaming\DriverCure" deleted

"C:\ProgramData\AskPartnerNetwork" deleted

"C:\ProgramData\APN" deleted

"C:\ProgramData\StarApp" deleted

"C:\ProgramData\ParetoLogic" deleted

"C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted

"C:\Users\Chris\AppData\Local\CRE" deleted

"C:\Users\Chris\AppData\Local\Wondershare" deleted

"C:\Users\Chris\AppData\LocalLow\SimplyTech" deleted

"C:\Windows\SysWow64\searchplugins" deleted

"C:\Windows\SysWow64\Extensions" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\jetpack" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\extensions\staged" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\CT1060933" deleted

"C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\CT1060933" deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" not deleted

"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default

7574626BFE1FA915B3C1AF624675E0E9 - C:\Users\Chris\AppData\Roaming\Mozilla\plugins\npPxPlay.dll - Photodex Presenter Plugin

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aaaajpkhjdkhhnkmgfjodbkfpbmibkkk - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx[]

gpicboiclhmnllnjdcfcffifpoaebgkm - C:\Program Files (x86)\Freecorder extension\Freecorder.crx[]

jbpkiefagocgkmemidfngdkamloieekf - C:\Program Files (x86)\TornTV.com\torn11.crx[]

nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[]

pfmopbbadnfoelckkcmjjeaaegjpjjbk - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Chris\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[03-Oct-12 03:26 PM]

Ask Toolbar - Chris - Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk

safeee ssAVee - Chris - Default\Extensions\lpkfjfaikifgnpnmpinpfpppkbmcckgo

==== Chrome Fix ======================

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk deleted successfully

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkfjfaikifgnpnmpinpfpppkbmcckgo deleted successfully

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lpkfjfaikifgnpnmpinpfpppkbmcckgo_0.localstorage deleted successfully

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lpkfjfaikifgnpnmpinpfpppkbmcckgo_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Unknown Url="Not_Found"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-828370553-1514782745-4058475767-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-828370553-1514782745-4058475767-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gpicboiclhmnllnjdcfcffifpoaebgkm deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Chris\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Chris\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\AskPartnerNetwork" not found

==== EOF on 09-Jul-13 at 19:47:20.21 ======================

9 juli 2013 aangepast door Marcelleken

[Maxstar]

Hoi,

Ja hoor gaat helemaal prima, en Zoek.exe heeft flink wat verwijderd maar voer ook het onderstaande nog eens uit.

1. Download AdwCleaner by Xplode naar het bureaublad.

• 
  
• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.

Nadat de PC opnieuw is opgestart, opent een logfile.

Post aansluitend de inhoud van dit log in je volgende bericht.

Download de 32 of 64 bit versie van HitmanPro naar het bureaublad.

• 
  
• HitmanPro (32bit)
  
• HitmanPro (64bit)

Klik hier voor een uitgebreide handleiding van HitmanPro.

• 
  
• Dubbelklik op "HitmanPro.exe" en klik op "volgende"
  
• Vink de optie "Ik accepteer de voorwaarden van de gebruikersovereenkomst aan" en klik op "Volgende"
  
• Klik in het setup scherm nu nogmaals op "Volgende", nu zal automatisch de scan starten, doe verder niets op de computer totdat de scan gereed is.
  
• Als de scan klaar is klik je op "volgende"
  
• Activeer nu de gratis licentie, hiermee kunt u 30 dagen gratis HitmanPro gebruiken en de gevonden infecties verwijderen.
  
• Note: indien u reeds eerder gebruik hebt gemaakt van de 30 dagen trial-versie van HitmanPro is het niet meer mogelijk om gratis de gevonden infecties te verwijderen.
  
• Als het verwijderen gereed is klik je onderin het scherm op "Save log" of "Logbestand opslaan" en sla deze op bijvoorbeeld het bureaublad op.
  Post dit logje.
  
• Klik nu op de knop "Herstarten".

[Marcelleken]

Hallo Maxstar, wat is dit allemaal ingewikkeld voor mij...

Hierbij dan de 2 logjes

Ik bedank U nu al voor al dat werk en hoop dat ik de logjes goed gemaakt heb.

Marcelleken

# AdwCleaner v2.304 - Verslag gemaakt op 10/07/2013 om 10:31:24

# Geactualiseerd op 03/07/2013 door Xplode

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruiker : Chris - BEVEREN

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\Chris\Desktop\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

Gestopt & Verwijdert : APNMCP

***** [Files / Mappen] *****

File Verwijderd : C:\Users\Beheer\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi

File Verwijderd : C:\Users\Beheer\Desktop\TornTV.lnk

Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare

Map Verwijderd : C:\ProgramData\Speedbit

Map Verwijderd : C:\ProgramData\Wondershare

Map Verwijderd : C:\Users\Beheer\AppData\LocalLow\SimplyTech

Map Verwijderd : C:\Users\Beheer\AppData\Roaming\DownTangoFTbToolbar

Map Verwijderd : C:\Users\Beheer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com

***** [Register] *****

Sleutel Verwijderd : HKCU\Software\1ClickDownload

Sleutel Verwijderd : HKCU\Software\APN PIP

Sleutel Verwijderd : HKCU\Software\AppDataLow\SProtector

Sleutel Verwijderd : HKCU\Software\AskPartnerNetwork

Sleutel Verwijderd : HKCU\Software\InstallCore

Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}

Sleutel Verwijderd : HKCU\Software\YahooPartnerToolbar

Sleutel Verwijderd : HKCU\Software\f55d98ce738e513

Sleutel Verwijderd : HKLM\Software\AskPartnerNetwork

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHost.Tool

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS

Sleutel Verwijderd : HKLM\Software\PIP

Sleutel Verwijderd : HKLM\Software\SP Global

Sleutel Verwijderd : HKLM\Software\SProtector

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\f55d98ce738e513

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}

Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]

Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]

Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchpredict@speedbit.com]

***** [browsers] *****

-\\ Internet Explorer v10.0.9200.16618

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v13.0.1 (nl)

File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hvkxidll.default\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

File : C:\Users\Beheer\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

File : C:\Users\Beheer\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v27.0.1453.116

File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[R1].txt - [39977 octets] - [03/05/2013 15:28:53]

AdwCleaner[s1].txt - [40615 octets] - [03/05/2013 15:31:37]

AdwCleaner[s2].txt - [8333 octets] - [10/07/2013 10:31:24]

########## EOF - C:\AdwCleaner[s2].txt - [8393 octets] ##########

HitmanPro 3.7.6.201

Home - SurfRight

Computer name . . . . : BEVEREN

Windows . . . . . . . : 6.1.1.7601.X64/2

User name . . . . . . : Beveren\Chris

UAC . . . . . . . . . : Enabled

License . . . . . . . : Trial (Expired)

Scan date . . . . . . : 2013-07-10 10:43:08

Scan mode . . . . . . : Normal

Scan duration . . . . : 10m 20s

Disk access mode . . : Direct disk access (SRB)

Cloud . . . . . . . . : Internet

Reboot . . . . . . . : No

Threats . . . . . . . : 0

Traces . . . . . . . : 866

Objects scanned . . . : 2,140,689

Files scanned . . . . : 40,424

Remnants scanned . . : 523,254 files / 1,577,011 keys

Miniport ____________________________________________________________________

Primary

DriverObject . . . : FFFFFA8004148E70

DriverName . . . . : \Driver\atapi

DriverPath . . . . : \SystemRoot\system32\drivers\atapi.sys

StartIo . . . . . : 0000000000000000 +0

IRP_MJ_SCSI . . . : FFFFFA80040B12C0 +0

Solution

DriverObject . . . : FFFFFA8004148E70

DriverName . . . . : \Driver\atapi

DriverPath . . . . : \SystemRoot\system32\drivers\atapi.sys

StartIo . . . . . : 0000000000000000 +0

IRP_MJ_SCSI . . . : FFFFF88000FB44D8 \SystemRoot\system32\drivers\ataport.SYS+29912

Potential Unwanted Programs _________________________________________________

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)

HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)

Cookies _____________________________________________________________________

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:247realmedia.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.e-kolay.net

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adk2.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.unibet.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.adreactor.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserving.unibet.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:adultfriendfinder.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:adverteerdirect.nl

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:be.sitestat.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:clicksor.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:content-ssl.yieldmanager.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:content.yieldmanager.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:exoclick.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:myroitracking.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.hubrus.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww251.smartadserver.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:etracker Home - forget log-file analysis, this is real-time Web Analytics and online market research

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:www4.smartadserver.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru

C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com

C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\3R5Y4DQ8.txt

[/code]

[Maxstar]

Hoi,

Voer ook het onderstaande nog eens uit.

Download TDSSKiller en plaats het op je bureaublad.

• 
  
• Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.
  
  • 
    
  • Klik hier voor de handleiding van Kaspersky TDSSKiller

  [*] Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).

  [*] Als er door TDSSkiller een update wordt gevonden klikt u op de knop "Load update"

  [*] Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.

  [*] Start nu TDSSkiller opnieuw.

  [*] Klik op "Change parameters" en zorg dat de onderstaande opties allemaal aangevinkt zijn.

  

  [*] Klik op de knop "Start Scan" en volg de instructies.

  • 
    
  • Gebruik nooit de "Delete" of "Quarantaine" optie bij een "Fail signature" melding.
    
  • Wanneer er een herstart nodig was, vind je de logfile in C:\\TDSSKiller.[Version]_[Date]_[Time]_log.txt
    
  • Voeg dit log-bestand als bijlage toe aan het volgende bericht.