Hoe weet ik of politievirus helemaal uit mijn computer is?

[Jion]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

(hier of hier) kan je lezen hoe je dat doet.

• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

 
C:\Users\Sarina\RichMedia;fs
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player;fs

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[robijn]

Nog een vraagje, ik kan geen filmpjes meer bekijken op youtube, heeft dat te maken met het verwijderen van bestanden? O kennelijk net twee filmpjes die verwijderd waren of zo, nu lukt het gelukkig weer.....

20 augustus 2013 aangepast door robijn

[robijn]

Kan ik ervan uitgaan dat mijn computer nu vrij is van allerlei infecties? Ik hoop het. In elk geval hartelijk dank voor de geboden hulp, ik had dit nooit op eigen kracht kunnen oplossen! Ik zal zeker ook een donatie doen, ik ben heel deskundig geholpen en ik vind het geweldig dat jullie tijd vrijmaken om mensen met computerproblemen te helpen! Ik hoor het wel als ik nóg meer actie moet ondernemen......

[Jion]

Wil je dat laatste Zoek logje nog eens plaatsen a.u.b? (zie post 11)

Als alles goed is, hebben we daarna nog 1 algemene opkuisactie te doen en dan is alles ok.

[robijn]

Ha ha, ik denk telkens dat het niet schoner kan, maar kennelijk ben ik een beetje naief als het om bescherming van mijn laptop gaat. Ik dacht dat Java altijd goed was omdat ik steeds alle updates meteen doorvoer, maar kennelijk is dat niet voldoende. De links met uitleg om Spybot S & D en Malawarebytes tijdelijk uit te schakelen werken niet, als ik de rechtermuis knop gebruik is er nergens een optie voor tijdelijk uitschakelen. Ik heb dus van alles en nog wat aangevinkt om toch maar uit te schakelen en zelfs mijn hele antivirus even tijdelijk verwijderd want ook die kreeg ik met geen mogelijkheid uitgeschakeld (ga ik meteen nu weer downloaden). Nou ja, in elk geval wel gelukt om het programma te laten draaien. Dit is de log:

Zoek.exe Version 4.0.0.4 Updated 19-08-2013

Tool run by Sarina on di 20-08-2013 at 16:15:30,84.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Sarina\Desktop\zoek.exe [script inserted]

==== System Restore Info ======================

20-8-2013 16:16:25 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\Users\Sarina\AppData\Local\Rich Media Player" not found

"C:\Users\Sarina\AppData\Local\Lockdir6" deleted

"C:\windows\wininit.ini" deleted

"C:\windows\Syswow64\SETCB89.tmp" deleted

"C:\windows\Syswow64\SETD6A3.tmp" deleted

"C:\Program Files (x86)\Softonic" deleted

"C:\Program Files (x86)\WinZipper" deleted

"C:\Users\Sarina\AppData\Roaming\Omiga Plus" deleted

"C:\Users\Sarina\AppData\Roaming\337" deleted

"C:\ProgramData\Partner" deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====

====== C:\Users\Sarina\AppData\Local\Temp ====

====== C:\windows\SysWOW64 =====

2013-08-19 00:01:13 351D111CD5C5479946EB724DBBB1275E 96168 ----a-w- C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2013-08-15 21:59:18 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\windows\SysWOW64\ieui.dll

2013-08-15 21:59:18 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\windows\SysWOW64\mshtml.tlb

2013-08-15 21:59:17 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\windows\SysWOW64\iertutil.dll

2013-08-15 21:59:17 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-15 21:59:17 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\windows\SysWOW64\iesetup.dll

2013-08-15 21:59:17 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\windows\SysWOW64\iernonce.dll

2013-08-15 21:59:17 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\windows\SysWOW64\iesysprep.dll

2013-08-15 21:59:15 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\windows\SysWOW64\msfeeds.dll

2013-08-15 21:59:15 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\windows\SysWOW64\jscript.dll

2013-08-15 21:59:14 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\windows\SysWOW64\jscript9.dll

2013-08-15 21:59:14 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\windows\SysWOW64\urlmon.dll

2013-08-15 21:59:13 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\windows\SysWOW64\wininet.dll

2013-08-15 21:59:13 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\windows\SysWOW64\jsproxy.dll

2013-08-15 21:59:11 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\windows\SysWOW64\ieframe.dll

2013-08-15 21:59:08 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\windows\SysWOW64\mshtml.dll

2013-08-14 16:14:38 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\windows\SysWOW64\crypt32.dll

2013-08-14 16:14:38 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\windows\SysWOW64\cryptsvc.dll

2013-08-14 16:14:38 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\windows\SysWOW64\cryptnet.dll

2013-08-14 16:14:38 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\windows\SysWOW64\wintrust.dll

2013-08-14 16:14:29 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\windows\SysWOW64\WMVDECOD.DLL

2013-08-14 16:14:03 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\windows\SysWOW64\tzres.dll

2013-08-14 16:12:56 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\windows\SysWOW64\rpcrt4.dll

2013-08-14 16:12:50 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\windows\SysWOW64\ntoskrnl.exe

2013-08-14 16:12:49 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\windows\SysWOW64\ntkrnlpa.exe

2013-08-14 16:12:48 528D298F9914C558EA7A9809BE598E65 1292192 ----a-w- C:\windows\SysWOW64\ntdll.dll

2013-08-14 16:12:47 77F5D2CB80697EB96C45E79A869A6FAC 14336 ----a-w- C:\windows\SysWOW64\ntvdm64.dll

2013-08-14 16:12:45 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\windows\SysWOW64\instnm.exe

2013-08-14 16:12:45 4E77948A7BD16BA5724EC79C60176B03 5120 ----a-w- C:\windows\SysWOW64\wow32.dll

2013-08-14 16:12:45 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\windows\SysWOW64\setup16.exe

2013-08-14 16:12:44 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\windows\SysWOW64\user.exe

====== C:\windows\SysWOW64\drivers =====

====== C:\windows\Sysnative =====

2013-08-19 00:05:00 CCEEF313799948CE1D32E641B839FFAC 108968 ----a-w- C:\windows\Sysnative\WindowsAccessBridge-64.dll

2013-08-15 22:20:24 23948829C6D049B8ADE0E0FB87305AC3 17272 ----a-w- C:\windows\Sysnative\sdnclean64.exe

2013-08-15 21:59:18 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\windows\Sysnative\ieui.dll

2013-08-15 21:59:18 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\windows\Sysnative\mshtml.tlb

2013-08-15 21:59:17 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\windows\Sysnative\iesysprep.dll

2013-08-15 21:59:17 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\windows\Sysnative\iesetup.dll

2013-08-15 21:59:17 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\windows\Sysnative\ie4uinit.exe

2013-08-15 21:59:17 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\windows\Sysnative\iernonce.dll

2013-08-15 21:59:17 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\windows\Sysnative\RegisterIEPKEYs.exe

2013-08-15 21:59:16 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\windows\Sysnative\iertutil.dll

2013-08-15 21:59:15 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\windows\Sysnative\msfeeds.dll

2013-08-15 21:59:15 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\windows\Sysnative\jscript9.dll

2013-08-15 21:59:15 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\windows\Sysnative\jscript.dll

2013-08-15 21:59:13 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\windows\Sysnative\urlmon.dll

2013-08-15 21:59:13 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\windows\Sysnative\jsproxy.dll

2013-08-15 21:59:12 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\windows\Sysnative\wininet.dll

2013-08-15 21:59:10 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\windows\Sysnative\ieframe.dll

2013-08-15 21:59:10 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\windows\Sysnative\mshtml.dll

2013-08-14 16:14:38 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\windows\Sysnative\cryptnet.dll

2013-08-14 16:14:38 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\windows\Sysnative\wintrust.dll

2013-08-14 16:14:38 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\windows\Sysnative\cryptsvc.dll

2013-08-14 16:14:38 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\windows\Sysnative\crypt32.dll

2013-08-14 16:14:30 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\windows\Sysnative\WMVDECOD.DLL

2013-08-14 16:14:03 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\windows\Sysnative\tzres.dll

2013-08-14 16:12:56 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\windows\Sysnative\rpcrt4.dll

2013-08-14 16:12:49 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\windows\Sysnative\ntoskrnl.exe

2013-08-14 16:12:48 D6180FBBADA79BC28E5FD8187EBE7F64 243712 ----a-w- C:\windows\Sysnative\wow64.dll

2013-08-14 16:12:48 8E45DD84F8F786B2DB94AD95225B9246 1732032 ----a-w- C:\windows\Sysnative\ntdll.dll

====== C:\windows\Sysnative\drivers =====

2013-08-19 00:17:36 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\windows\Sysnative\drivers\mbam.sys

2013-08-14 16:12:36 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\windows\Sysnative\drivers\tssecsrv.sys

2013-08-14 16:12:33 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\windows\Sysnative\drivers\tcpip.sys

====== C:\windows\Tasks ======

2013-08-19 00:15:03 EBAE0FB0697806F17DF7EC9F66CF77F9 3026 ----a-w- C:\windows\Sysnative\Tasks\{4E371388-A13D-416A-9D89-F3E016C8B2A4}

2013-08-18 22:27:14 6A26DBD61CE1ADAB169147F1BF35EB84 2992 ----a-w- C:\windows\Sysnative\Tasks\{4FAC7C57-3420-44E7-B46A-98E8A605B52D}

2013-08-15 22:21:49 -------- d-----w- C:\windows\Sysnative\Tasks\Safer-Networking

2013-08-15 22:04:05 9B7DD89F133CA1BD9830886D99F9EC12 3230 ----a-w- C:\windows\Sysnative\Tasks\SidebarExecute

====== C:\windows\Temp ======

======= C:\Program Files =====

2013-08-18 23:43:23 -------- d-----w- C:\Program Files\Opera x64

2013-08-18 23:05:19 -------- d-----w- C:\Program Files\WinZip

======= C:\Program Files (x86) =====

2013-08-17 12:13:57 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-08-15 22:20:18 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-07-26 23:23:09 -------- d-----w- C:\Program Files (x86)\TomTom International B.V

2013-07-26 23:23:05 -------- d-----w- C:\Program Files (x86)\MyTomTom 3

======= C: =====

2013-08-15 22:35:15 FF8AB5D04DF68AE33EEB1175FBCCD27C 358 ----a-w- C:\Start_.cmd

====== C:\Users\Sarina\AppData\Roaming ======

2013-08-20 13:05:55 534624DB0014AEC935DE507EB6CDC77A 82 ----a-w- C:\users\Sarina\AppData\Roaming\mbam.context.scan

2013-08-18 23:05:54 -------- d-----w- C:\users\Sarina\AppData\Local\WinZip

2013-08-18 22:38:45 -------- d-----w- C:\users\Sarina\AppData\Roaming\Radiocom

2013-08-18 22:38:40 -------- d-----w- C:\users\Sarina\AppData\Local\Radiocom

2013-08-15 22:19:57 -------- d-----w- C:\users\Sarina\AppData\Local\Programs

2013-08-15 22:03:36 -------- d-----w- C:\users\Sarina\AppData\Roaming\TuneUp Software

2013-08-15 21:58:36 -------- d-----w- C:\users\Sarina\AppData\Local\MFAData

2013-08-14 01:28:53 -------- d-----w- C:\users\Sarina\AppData\Locallow\Sun

2013-07-26 23:23:13 -------- d-----w- C:\users\Sarina\AppData\Local\TomTom

====== C:\Users\Sarina ======

2013-08-19 00:16:51 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Sarina\Desktop\mbam-setup-1-75-0-1300.exe

2013-08-18 23:05:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip

2013-08-18 23:05:19 -------- d-----w- C:\ProgramData\WinZip

2013-08-18 22:38:40 -------- d-----w- C:\Users\Sarina\RichMedia

2013-08-15 22:21:39 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-08-15 22:21:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player

2013-08-15 22:20:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2013-08-15 22:20:09 -------- d-----w- C:\ProgramData\TuneUp Software

2013-08-15 22:20:05 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2013-08-15 21:58:36 -------- d--h--w- C:\ProgramData\Common Files

2013-08-15 21:58:36 -------- d-----w- C:\ProgramData\MFAData

2013-08-03 19:56:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

2013-07-26 23:23:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom

====== C: exe-files ==

2013-08-19 00:16:51 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Sarina\Desktop\mbam-setup-1-75-0-1300.exe

2013-08-18 23:43:24 501E90E3D3BA961715FCBD46E1829BB7 940384 ----a-w- C:\Program Files\Opera x64\opera.exe

2013-08-18 23:02:51 5E3108C6D6A927284C9E01F8D4F777E9 424352 ----a-w- C:\Users\Sarina\Desktop\Documents\WinZip175.exe

2013-08-15 22:42:14 CCB25CF61CA160DF11758FE6DFD0B84C 49152 ----a-w- C:\32788R22FWJFW\License\DS.exe

2013-08-15 22:42:14 C742F34713915F957B70CCEF2630F930 49152 ----a-w- C:\32788R22FWJFW\License\LS.exe

2013-08-15 22:42:14 BD414A5E74BAA67A1382DE5D0643A259 49152 ----a-w- C:\32788R22FWJFW\License\CS.exe

2013-08-15 22:42:14 7CD73A47284F352988E7FD76975D3604 49152 ----a-w- C:\32788R22FWJFW\License\SF.exe

2013-08-15 22:42:03 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\32788R22FWJFW\PEV.exe

2013-08-15 22:42:03 92BD80F82FE8A28385B7D9D3F215E8B3 73728 ----a-w- C:\32788R22FWJFW\pv.exe

2013-08-15 22:42:03 753BC16326FEE4A421ACB636CCD602F4 60416 ----a-w- C:\32788R22FWJFW\NircmdB.exe

2013-08-15 22:20:44 D5AD5E8830E3613B2CFA3378237014EE 126640 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookHelper.exe

2013-08-15 22:20:44 9B17FF79B20D59E71E4AE522E33B9210 248712 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookInst32.exe

2013-08-15 22:20:44 6AE8E702D1027A9627DDE2B77BB9992B 171928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

2013-08-15 22:20:44 0655F97E68430250FF645BAF75226847 316632 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookInst64.exe

2013-08-15 22:20:43 275D7DEE68B77A5D3EDE23D327E63ED7 132560 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\blindman.exe

2013-08-15 22:20:41 D31398D4BB4907B517B6E784C2100C4A 1033688 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

2013-08-15 22:20:41 66F296D86873FE65E6E9F09FFE5D949F 2977768 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPrepPos.exe

2013-08-15 22:20:40 01F441F655D8CC4214BDF411D39D04AF 3881928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

2013-08-15 22:20:39 B9DF317275DC6EB461ACED5EBEBC254D 5042648 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSBIEdit.exe

2013-08-15 22:20:38 AED8D2D7AE0E77AB72D3887FD2E74016 223184 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPESetup.exe

2013-08-15 22:20:38 39CEC90CF1E9541EA41E3ECCC69E498F 4352984 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScript.exe

2013-08-15 22:20:37 3F8111AB50845D0DF5ABCE01ED44B5FC 2729432 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPEStart.exe

2013-08-15 22:20:36 5D8057F6C56082ECC2533B89899A0F56 3580888 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDBootCD.exe

2013-08-15 22:20:35 EBF236A412C38EDF04D3E18425EE393E 4812744 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSettings.exe

2013-08-15 22:20:34 D3BF70B531AB5468B4CBFE98C2459CD1 4563928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe

2013-08-15 22:20:33 A58EAD767EAE964ED463FEDF25E750A2 3609552 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

2013-08-15 22:20:32 D71699B1030F1021E663DBD567F7B018 3642312 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe

2013-08-15 22:20:32 03250DB0886A23B1F6C077C5D9F152B0 3859928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe

2013-08-15 22:20:31 03250DB0886A23B1F6C077C5D9F152B0 3859928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

2013-08-15 22:20:29 E3399927C23E8B35B550B09602411310 221216 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanHelper.exe

2013-08-15 22:20:29 95AA9E165C7DE1B64A11E8B18E91E499 1817560 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

2013-08-15 22:20:29 63B4C70F88BB8DF11E6A0FA5ABE3C34B 4255184 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe

2013-08-15 22:20:28 5FFCEDD10D4E21CF2A857BCBC3437A6F 2935760 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exe

2013-08-15 22:20:27 1C7B265E8C1F7EE5767542E972959596 3611600 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe

2013-08-15 22:20:27 09E9425AD8C61664A37ED84B8B58BDCF 3830224 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

2013-08-15 22:20:24 23948829C6D049B8ADE0E0FB87305AC3 17272 ----a-w- C:\Windows\System32\sdnclean64.exe

2013-08-15 22:20:21 AC8BD92DDEFE7A1BED5C7AFB37E4ADDC 2988496 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDShell.exe

2013-08-15 22:20:21 7A693C96C87EFE7E047A9042CFDCDA75 3502032 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSysRepair.exe

2013-08-15 22:20:21 76ABF19EBC873704960D191E22C8A4A5 127984 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPRE.exe

2013-08-15 22:20:20 D906E46C649BFEC3F11287531516FE4E 5347288 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTools.exe

2013-08-15 22:20:20 23146C8162411DFFB5B4DF48A708312E 3124688 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDShred.exe

2013-08-15 22:20:19 EE962F34EB2A8904B2597CF73BB56FDD 1272624 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe

2013-08-15 22:20:19 BB9E4FA5783686595CA8A7BC90CE7997 3330000 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe

2013-08-15 22:20:19 B1B174A83FDCF9FF76DC463FE243BF0E 3436000 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPhoneScan.exe

2013-08-15 22:20:19 98F2272A7D1BA8E3155FBEA167BCC613 91648 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\xcacls.exe

2013-08-15 22:20:19 566F7FAB0CFA43CC277249C7CC699707 2674128 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe

2013-08-15 21:59:17 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-15 21:59:17 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\System32\ie4uinit.exe

2013-08-15 21:59:17 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-08-15 21:59:15 7BA1862B8A5698DC5FCFDFF3BC359DE9 770648 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2013-08-15 21:59:15 133CEF30905806A35606652D409EEEBA 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-08-15 21:55:11 DDC4ED373D3F839B757C11B29089126F 4491816 ----a-w- C:\Users\Sarina\AppData\Local\Opera\Opera\temporary_downloads\avg_isct_stb_all_2013_3392_cm5.exe

2013-08-14 16:12:50 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2013-08-14 16:12:49 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2013-08-14 16:12:49 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-08-14 16:12:45 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2013-08-14 16:12:45 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2013-08-14 16:12:44 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe

=== C: other files ==

2013-08-20 14:08:39 0BE568FD1E7D6C6D64D2272649F5C716 111 ----a-w- C:\Users\Sarina\AppData\Local\Temp\scripttest.vbs

2013-08-19 00:17:36 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-08-18 23:46:41 CCCBF5A14ED31876AAA79198D1DBC514 240 ----a-w- C:\Program Files\Opera x64\k.bat

2013-08-15 22:42:14 EC0AACEF3B461AABEFEC88BD659F8235 159 ----a-w- C:\32788R22FWJFW\License\RS.bat

2013-08-15 22:42:14 D4A307466E8274EBAEE0C306C86DF092 102 ----a-w- C:\32788R22FWJFW\License\SFs.bat

2013-08-15 22:42:14 3C4057B650507D5A11C6860D708DC3C7 318 ----a-w- C:\32788R22FWJFW\License\FS.bat

2013-08-15 22:42:04 D875037251B54BFEB674F591350D3B23 19 ----a-w- C:\32788R22FWJFW\CHCP.bat

2013-08-15 22:41:32 EDA15B354CCA3DEB64D7F914AE021F78 633 ----a-w- C:\32788R22FWJFW\VerCF.bat

2013-08-15 22:20:44 E6BAF67CB6C590E3A57D35004AB28CDA 63776 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys

2013-08-15 22:20:44 723E71EC3F271041AE3D8AA736B3C163 46120 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv32.sys

2013-08-15 00:40:09 01C5992C6935111A6E2FABBD40C4B34C 129901007 ----a-w- C:\Users\Sarina\AppData\Local\Opera\Opera\temporary_downloads\avg_arl_ffi_all_120_130801a6481.zip

2013-08-14 16:12:36 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2013-08-14 16:12:33 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP"

[HKEY_USERS\S-1-5-21-3469448533-1631189447-2863162061-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"EPLTarget\P0000000000000000"="C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX235"

"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

"EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"NeroCheck"="C:\windows\SysWOW64\NeroCheck.exe"

"ISUSPM Startup"="C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup"

"ISUSScheduler"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe -start"

"RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"EPLTarget\P0000000000000000"="C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT EPLTarget\P0000000000000000 /M Epson Stylus SX235"

"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"SRS Premium Sound HD"="C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe /f=C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip /h"

"IgfxTray"="C:\windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\windows\system32\hkcmd.exe"

"Persistence"="C:\windows\system32\igfxpers.exe"

"CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}"="C:\Users\Sarina\AppData\Local\Temp\cis411B.exe --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82}"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NBAgent"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Nero\\Nero 11\\Nero BackItUp\\NBAgent.exe\" /WinStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Teco]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Teco"

"hkey"="HKLM"

"command"="\"%ProgramFiles%\\TOSHIBA\\TECO\\Teco.exe\" /r"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TOPI.EXE]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TOPI.EXE"

"hkey"="HKCU"

"command"="C:\\Program Files (x86)\\TOSHIBA\\TOSHIBA Online Product Information\\topi.exe /STAR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Toshiba Registration]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Toshiba Registration"

"hkey"="HKLM"

"command"="C:\\Program Files\\TOSHIBA\\Registration\\ToshibaReminder.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Toshiba TEMPRO]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Toshiba TEMPRO"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Toshiba TEMPRO\\TemproTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ToshibaServiceStation]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ToshibaServiceStation"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\TOSHIBA\\TOSHIBA Service Station\\ToshibaServiceStation.exe\" /hide:60"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosSENotify]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TosSENotify"

"hkey"="HKLM"

"command"="C:\\Program Files\\TOSHIBA\\TOSHIBA HDD SSD Alert\\TosWaitSrv.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosVolRegulator]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TosVolRegulator"

"hkey"="HKLM"

"command"="C:\\Program Files\\TOSHIBA\\TosVolRegulator\\TosVolRegulator.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosWaitSrv]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TosWaitSrv"

"hkey"="HKLM"

"command"="%ProgramFiles%\\TOSHIBA\\TPHM\\TosWaitSrv.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TPwrMain]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="TPwrMain"

"hkey"="HKLM"

"command"="%ProgramFiles%\\TOSHIBA\\Power Saver\\TPwrMain.EXE"

==== Startup Folders ======================

2012-05-03 12:17:38 1262 ----a-w- C:\users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

2012-05-03 12:17:38 1262 ----a-w- C:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

2013-02-16 10:45:40 2050 ----a-w- C:\users\kinderen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

2012-05-03 12:04:52 773 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk

2013-04-18 10:50:43 930 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update-agent.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-07-2013 00:04]

C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-05-2013 20:44]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA"

"Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{1AE69020-AC1B-427C-816A-B3743FE10F13}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{1AE69020-AC1B-427C-816A-B3743FE10F13} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3469448533-1631189447-2863162061-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1AE69020-AC1B-427C-816A-B3743FE10F13} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\kinderen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\kinderen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\kinderen\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\kinderen\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Sarina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Sarina\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sarina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6807D60Y will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied

C:\Users\Sarina\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Sarina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6807D60Y" not found

"C:\users\kinderen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\EM2F2J49\games.mtvnservices.com" not found

"C:\users\kinderen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\EM2F2J49\skype.com" not found

"C:\users\Sarina\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GMJTCAUE\atv.disney.go.com" not found

==== EOF on di 20-08-2013 at 16:55:06,58 ======================

[Jion]

Dit is een kopie van post 10 (met het eerste Zoek logje).

Heb je Zoek daarna nog is uitgevoerd met de instructies van post 11? Het is dat logje dat ik nodig heb. ;-)

[robijn]

O dat was heel suf van mij, dacht het dezelfde post was, ik had niet gezien dat er een andere zoekopdracht instond. Nou, in elk geval is het deze keer wel gelukt om alle anti virus en malware programma's uit te schakelen, ik merk dat ik er steeds handiger in word xD. Hier volgt het logje van de allerlaatste zoekactie (hoop ik....) Misschien kan ik hierna op 'OPGELOST' klikken..... Ik hoor het wel.

Zoek.exe Version 4.0.0.4 Updated 19-08-2013

Tool run by Sarina on za 24-08-2013 at 23:28:39,99.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Sarina\Desktop\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results20-08-2013-1655.log 30675 bytes

==== Deleting Files \ Folders ======================

"C:\Users\Sarina\RichMedia" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player" deleted

==== EOF on za 24-08-2013 at 23:30:44,54 ======================

[Jion]

Voer als laatste dit nog eens uit:

Download AdwCleaner by Xplode naar je bureaublad.

• 
  
• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op Scan.
  
• Klik vervolgens op Clean als er items zijn gevonden.
  
• Klik bij Herstarten Noodzakelijk op OK
  

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.

Post aansluitend de inhoud van dit log in je volgende bericht.

[robijn]

En de log van AdwCleaner. Ik ben benieuwd....

# AdwCleaner v3.001 - Report created 25/08/2013 at 02:38:57

# Updated 24/08/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Sarina - SARINATOSH

# Running from : C:\Users\Sarina\Desktop\adwcleaner.exe

# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\Users\Sarina\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\ilivid

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

Key Found : HKCU\Software\Softonic

Key Found : [x64] HKCU\Software\ilivid

Key Found : [x64] HKCU\Software\Softonic

Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_fl-studio_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_fl-studio_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

*************************

AdwCleaner[R0].txt - [1674 octets] - [25/08/2013 02:38:57]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1734 octets] ##########

[Jion]

Mooi zo.

Je systeem is terug clean. Tijd voor de grote schoonmaak:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Activate UAC
  
• Remove disinfection tools
  
• Create registry backup
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Hoewel de problemen nu verholpen zijn adviseer ik je nog wel om de onderstaande tips uit te voeren:

1) Windows updates

Malware maakt heel vaak gebruik van securitylekken in software. Zorg daarom dat je Windows geupdate is. De beste manier is dat je dit automatisch laat gebeuren via Windows Update. Laat de updates automatisch downloaden en installeren. Op deze manier heb je telkens de nieuwste updates en securitypatches voor je besturingssysteem.

2) Software up-to-date houden

Veel malware komt je computer binnen via lekken in de software die je gebruikt. Het is daarom belangrijk om je systeem up-to-date te houden. Om dit makkelijker te maken kun je gebruik maken van Secunia PSI.

Download Secunia PSI op deze website en installeer deze. Maak van dit programma gebruik om je systeem up-to-date te houden.

3) Malwarepreventie

Bekijk ook eens aandachtig DEZE anti-malware tips. Dankzij deze tips kan je de kans op infecties in de toekomst sterk verminderen.

Als je verder geen vragen meer hebt, mag je op de knop "Markeer als Opgelost" klikken.