utuberaddblocker virus

[cindyk]

Er gebeurde verder niets meer... Ik zal het nog wel eens proberen en nu langer wachten.

[Jion]

Als het nog steeds niet lukt, probeer het dan eens met deze code (zonder de autoclean functie):

{87775fdb-6972-41f9-ae51-8326e38cb206};c
{6125F634-B791-FAD7-37AB-4DD442B996AB};c
C:\ProgramData\50COupoons;fs
C:\Users\Cindy\AppData\Roaming\Computer.exe;f
c:\progra~3\filtel~1;fs
SpyHunter 4 Service;s
C:\Program Files\Enigma Software Group;fs
C:\ProgramData\UTUbEroAdBlockker;fs
{38F11BDF-6689-0014-9E53-3B17F0DD7428};c
{B6A53A30-719A-2682-59DF-10A2FB37B57B};c
C:\ProgramData\JoniCouppone;fs
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"CINDY-PC"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
"AppInit_DLLs"=-;r
EsgScanner;s
C:\Windows\system32\drivers\EsgScanner.sys;f
C:\sh4ldr;fs
C:\ProgramData\DownSave;fs
esgiguard;s
emptyfolderscheck;delete 
emptyclsid; 
startupall; 
filesrcm;

[cindyk]

gelukt!

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by Cindy on wo 26-03-2014 at 11:53:53,40.

Microsoft Windows 7 Home Premium 6.1.7600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Cindy\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-03-25-230646.log 327 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\BitComet deleted successfully

C:\PROGRA~2\onlinetracks deleted successfully

C:\PROGRA~2\YouWave_Android deleted successfully

C:\Program Files\BitComet deleted successfully

C:\Program Files\mcafee deleted successfully

C:\PROGRA~3\boost_interprocess deleted successfully

C:\PROGRA~3\PCDr deleted successfully

C:\PROGRA~3\SupportSoft deleted successfully

C:\PROGRA~3\{EFEE9A83-B088-419F-B1A2-BCAFEA14C21A} deleted successfully

C:\Users\Cindy\AppData\Local\Dell Edoc Viewer deleted successfully

C:\Users\Cindy\AppData\Local\SupportSoft deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SpyHunter 4 Service deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EsgScanner deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\EsgScanner deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\esgiguard deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\esgiguard deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CINDY-PC"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\50COupoons not found

c:\progra~3\filtel~1 not found

C:\ProgramData\UTUbEroAdBlockker not found

C:\ProgramData\JoniCouppone not found

C:\PROGRA~3\{EFEE9A83-B088-419F-B1A2-BCAFEA14C21A} not found

"C:\Users\Cindy\AppData\Roaming\Computer.exe" not found

C:\Program Files\Enigma Software Group deleted

C:\sh4ldr deleted

C:\ProgramData\DownSave deleted

C:\PROGRA~3\ocianfbjdoijlgcpfkekmhejgjppfdho deleted

C:\Users\Cindy\AppData\LocalLow\{048C6A7B-3D0C-6F8E-8FDB-F6199697BB04} deleted

C:\Users\Cindy\AppData\LocalLow\{4C6B045B-4658-7758-8BFB-B99FDFBF9389} deleted

C:\Users\Cindy\AppData\LocalLow\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted

C:\Users\Cindy\AppData\LocalLow\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted

C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{048C6A7B-3D0C-6F8E-8FDB-F6199697BB04} deleted

C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted

C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{4C6B045B-4658-7758-8BFB-B99FDFBF9389} deleted

C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted

C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted

C:\Users\Cindy\AppData\Local\Packages\windows_ie_ac_001\AC\{B6A53A30-719A-2682-59DF-10A2FB37B57B} deleted

C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{38F11BDF-6689-0014-9E53-3B17F0DD7428} deleted

C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{6125F634-B791-FAD7-37AB-4DD442B996AB} deleted

C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{A4C358C7-C883-A763-63E3-754ECCB7A136} deleted

C:\PROGRA~3\cea2cad3caee4f45 deleted

C:\PROGRA~2\SopCast deleted

C:\PROGRA~3\InstallMate deleted

C:\Users\Cindy\AppData\Local\CRE deleted

C:\Users\Cindy\AppData\LocalLow\uTorrentControl_v2 deleted

C:\Users\Cindy\Downloads\Mannenharten Movie NL 2013 BluRay 1080p x264 NL Subs.exe deleted

"C:\windows\SysNative\drivers\EsgScanner.sys" deleted

"C:\Users\Cindy\AppData\Local\0x35t381ja6w6cmcd2r" deleted

"C:\Users\Cindy\AppData\Local\300v0hrfj2i4" deleted

"C:\ProgramData\0x35t381ja6w6cmcd2r" deleted

"C:\ProgramData\300v0hrfj2i4" deleted

"C:\PROGRA~3\gamiipnagaakobenbkakbpgeaeacglbm\gamiipnagaakobenbkakbpgeaeacglbm.crx" deleted

"C:\PROGRA~3\gamiipnagaakobenbkakbpgeaeacglbm\update.xml" deleted

"C:\PROGRA~3\gamiipnagaakobenbkakbpgeaeacglbm" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Cindy\AppData\Local\Temp ====

2014-03-21 13:24:44 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Cindy\AppData\Local\Temp\ESGScanner.sys

2014-03-21 12:49:15 5C28E508C83A3B0DDBB224B04B1418B9 47329360 ----a-w- C:\Users\Cindy\AppData\Local\Temp\SHSetup.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2014-03-25 19:42:14 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys

2014-03-25 19:41:30 EF3B71BD5920BD4C02302AFBABE210A6 88280 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys

2014-03-25 19:41:30 92008BFC4A409AD92DFBB50AF392AECC 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2014-03-25 19:41:30 5F779F8A5599F2DDA479157088E3836E 63192 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys

====== C:\Windows\Tasks ======

2014-03-25 23:14:24 6C545E3CD7F69DB54554D61AD5A4A483 3120 ----a-w- C:\Windows\Sysnative\Tasks\{229C6AAE-9962-4CFC-8B67-4E104EAB5D96}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-03-25 20:07:08 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-03-14 11:31:33 -------- d-----w- C:\PROGRA~2\Anvisoft

======= C: =====

2014-03-21 13:25:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

====== C:\Users\Cindy\AppData\Roaming ======

2014-03-21 13:24:36 -------- d-----w- C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter

2014-03-09 02:53:22 -------- d-----w- C:\Users\Cindy\AppData\Local\Microsoft Games

====== C:\Users\Cindy ======

2014-03-25 20:06:30 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Cindy\Downloads\RSITx64.exe

2014-03-25 19:39:57 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Cindy\Downloads\mbam-setup-2.0.0.1000.exe

2014-03-22 15:11:59 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\Cindy\Downloads\adwcleaner (2).exe

2014-03-21 12:49:05 29702C25639B549AC5221E546545D56B 728960 ----a-w- C:\Users\Cindy\Downloads\SpyHunter-Installer.exe

2014-03-21 12:38:33 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\Cindy\Downloads\adwcleaner (1).exe

2014-03-14 11:35:49 2075EBB7954277A05193412881EC8FDE 1037734 ----a-w- C:\Users\Cindy\Downloads\JRT.exe

2014-03-14 11:35:41 DF06DC5837316EA78746E3F790A950ED 1950720 ----a-w- C:\Users\Cindy\Downloads\adwcleaner.exe

2014-03-14 11:30:46 28439C70930F79686EA27924CAFAFF1A 1381864 ----a-w- C:\Users\Cindy\Downloads\AnviUnIns.exe

2014-03-09 11:10:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst

====== C: exe-files ==

=== C: other files ==

2014-03-21 13:25:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Mega Manager"="C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray"

"BitComet"="C:\Program Files\BitComet\BitComet.exe /tray"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"FLV Player"="C:\Users\Cindy\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"

"Spotify"="C:\Users\Cindy\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

"Spotify Web Helper"="C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe"

"uTorrent"="C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe"

"SuperAdBlocker"="C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Desktop Disc Tool"="C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

"Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"RIMBBLaunchAgent.exe"="C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"adblock pro"="C:\Program Files (x86)\Adblock Pro\abpmain.exe -m"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

"STToasterLauncher"="C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe"

"20131224"="C:\Program Files\AVAST Software\Avast\setup\emupdate\4e90784d-6117-436e-8071-ad5552bbca8a.exe /check"

"Launcher"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Mega Manager"="C:\Program Files (x86)\Megaupload\Mega Manager\MegaManager.exe /Tray"

"BitComet"="C:\Program Files\BitComet\BitComet.exe /tray"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"FLV Player"="C:\Users\Cindy\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"

"Spotify"="C:\Users\Cindy\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

"Spotify Web Helper"="C:\Users\Cindy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"Copy"="C:\Users\Cindy\AppData\Roaming\Copy\CopyAgent.exe"

"uTorrent"="C:\Users\Cindy\AppData\Roaming\uTorrent\uTorrent.exe"

"SuperAdBlocker"="C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SAdBlock.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"QuickSet"="C:\Program Files\Dell\QuickSet\QuickSet.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\PROGRA~3\\FILTEL~1\\FILTEL~2.DLL"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellComms]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DellComms"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Dell\\DellComms\\bin\\sprtcmd.exe\" /P DellComms"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSupportCenter]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DellSupportCenter"

"hkey"="HKLM"

"command"="\"c:\\Program Files (x86)\\Dell Support Center\\bin\\sprtcmd.exe\" /P DellSupportCenter"

==== Startup Folders ======================

2010-09-28 23:12:00 829 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

2010-09-28 23:10:12 2000 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

2010-09-28 23:12:00 829 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk

2010-09-28 23:10:12 2000 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\{0CA5549F-A442-40B2-870D-8E1570E0F515}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" ]Downloading

"C:\Windows\SysNative\tasks\{50420F0B-4848-0EA7-E14B-1F50CF08F162}" [C:\Users\Cindy\AppData\Roaming\adobe\acrobat\10.0\forms\lawynpt.exe]

"C:\Windows\SysNative\tasks\{730B3EC6-48EE-490F-9AC3-F620BFB00032}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.3.0.120/en/go/help.faq.installer?LastError=1618]

"C:\Windows\SysNative\tasks\{AFDD0997-E364-49D2-B3BC-D1C38383AF12}" ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"]

"C:\Windows\SysNative\tasks\{D2497C30-31FD-4A98-B2C2-8B4F00059DFA}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17-02-2014 14:37]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10-10-2011 17:09]

UTUbEroAdBlockker - Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm

Skype Click to Call - Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

uTorrentBar_NL - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb

uTorrentControl_v2 - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

UTUbEroAdBlockker - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm

Skype Click to Call - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Chrome Fix ======================

C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage deleted successfully

C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage-journal deleted successfully

C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cdn.adbabylon.com_0.localstorage deleted successfully

C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cdn.adbabylon.com_0.localstorage-journal deleted successfully

C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully

C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully

C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm deleted successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamiipnagaakobenbkakbpgeaeacglbm deleted successfully

C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage deleted successfully

C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage-journal deleted successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage deleted successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gamiipnagaakobenbkakbpgeaeacglbm_0.localstorage-journal deleted successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{62E2CB12-1D8A-463B-BE20-673039477F6E} Bing Url="http://www.bing.com/search?FORM=DLCBDF&PC=MDDC&q={searchTerms}&src=IE-SearchBox"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{6E598DAC-23B3-4126-B44E-B36AAD02AF04} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1836166144-1085114356-520303975-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6E598DAC-23B3-4126-B44E-B36AAD02AF04} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C9A4BF4A-BA35-29C0-36A3-7BE82BE1FB2A} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\S-5902107913 deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellComms deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Cindy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Cindy\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Cindy\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Cindy\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Cindy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2452 folders=503 112129130 bytes)

==== Empty Temp Folders ======================

C:\Users\Cindy\AppData\Local\Temp will be emptied at reboot

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Cindy\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Cindy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb" not found

"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda" deleted

"C:\Users\Cindy\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\K73XLLJC\club777.com" not found

==== EOF on wo 26-03-2014 at 12:40:42,72 ======================

- - - Updated - - -

[ATTACH]30939[/ATTACH] dit keer met attachement

zoek-results.log

[Jion]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Start Zoek.exe nogmaals met het onderstaande script.

• 
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

   
  C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter;fs
  C:\Users\Cindy\Downloads\SpyHunter-Installer.exe;f
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r64
  "AppInit_DLLs"=-;r64
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

[cindyk]

[ATTACH]31025[/ATTACH]

zoek-results.log

[Jion]

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• 
  
• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Voer hierna eens ALLE Windows updates uit. Zo mis je nog Service pack 1 voor Windows 7 en heel wat andere belangrijke updates!

Blijf Windows Update herhalen tot er geen enkele update meer aangeboden wordt.

Ook wanneer er bepaalde software aanbiedt om een update te installeren (bvb. Java, Adobe reader enz) dien je deze steeds te accepteren.

Verouderde software zorgt er namelijk voor dat je systeem heel kwetsbaar wordt voor virussen en malware.

[cindyk]

Hartstikke bedankt voor alle hulp!! Blij dat het nu gefixt is!! Was zonder jou hulp nooit gelukt!