Weet niet of virus weg is.

[kape]

Waar is je bestand zoek-results.log opgeslagen op de PC ? Als je die locatie kent, kan je het bestand als "bijlage" aan je volgende bericht hangen.

[Gast]

Hier is het logje, het wou nog steeds niet werken:

 

 

Zoek.exe v5.0.0.1 Updated 31-December-2015

Tool run by jonas on ma 13/06/2016 at 21:59:34,46.

Microsoft Windows 10 Home 10.0.10586  x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\jonas\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

 

==== System Restore Info ======================

 

13/06/2016 22:00:52 Zoek.exe System Restore Point Created Successfully.

 

==== Empty Folders Check ======================

 

C:\PROGRA~3\Comms deleted successfully

C:\PROGRA~3\SoftwareDistribution deleted successfully

C:\PROGRA~3\SUPPORTDIR deleted successfully

C:\Users\jonas\AppData\Local\ActiveSync deleted successfully

C:\Users\jonas\AppData\Local\NetworkTiles deleted successfully

C:\Users\jonas\AppData\Local\WMTools Downloaded Files deleted successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0226D483-A989-43EE-BC17-4AC40F1481DE} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07C425F9-288D-47A8-9ED3-F77947011156} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11A41CAB-73A4-41A1-B840-0CF34AD0B7C6} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C870348-3575-4DEB-90B0-20F5E537458F} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A4E8774-EF40-471D-BBED-651DE6B05EE1} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58C38EEE-2589-433A-A347-3B842E0A82ED} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{596EA751-E8C1-4E13-BE5E-ECDDB472B8D2} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63AA72F4-C3A5-42FD-BF37-69449D4E1C00} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63E6F757-D13E-47C7-A8FB-F06A99840EDC} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7666D6BD-3E4C-4A9A-AE4F-041ACE11DC48} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A62FACF-1B48-4417-AC2B-63ADB1335D70} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C255FF8C-3EEC-450A-8291-81B8029303CB} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE5D2C38-31D8-45BA-976D-B032C1894F35} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D49E386C-CB2C-48C1-B995-B066F7D3CEC7} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E851409F-2F8C-4314-B8A1-B48E8FFCAD7D} deleted successfully

HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED7C5808-9F7A-4205-AB30-B92FDCE6E6EC} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

 

==== Deleting Services ======================

 

 

==== FireFox Fix ======================

 

ProfilePath: C:\Users\jonas\AppData\Roaming\Profiles\6dxid72d.default

 

user.js not found

---- Lines searchengine removed from prefs.js ----

user_pref("browser.search.searchengine.hp", "http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBHMnB3QqAU..&v=20160607&uid=E98F73D22289F2CCE2CFDE0550C471E1

user_pref("browser.search.searchengine.sp", "http://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?mode=ffsengext&ptid=epf1&q={searchTerms}&ts=AHEqBHMnB3QqA

user_pref("browser.search.searchengine.uid", "E98F73D22289F2CCE2CFDE0550C471E1");

user_pref("browser.search.searchengine.url", "http://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?mode=ffsengext&ptid=epf1&q={searchTerms}&ts=AHEqBHMnB3Qq

---- Lines searches removed from prefs.js ----

user_pref("browser.urlbar.suggest.searches", true);

---- FireFox user.js and prefs.js backups ---- 

 

prefs_20161306_2223_.backup

 

ProfilePath: C:\Users\jonas\AppData\Roaming\Profiles\tmpdefault

 

user.js not found

---- Lines searchengine removed from prefs.js ----

user_pref("browser.search.searchengine.hp", "http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBHMnB3QqAU..&v=20160607&uid=E98F73D22289F2CCE2CFDE0550C471E1

user_pref("browser.search.searchengine.sp", "http://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?mode=ffsengext&ptid=epf1&q={searchTerms}&ts=AHEqBHMnB3QqA

user_pref("browser.search.searchengine.uid", "E98F73D22289F2CCE2CFDE0550C471E1");

user_pref("browser.search.searchengine.url", "http://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?mode=ffsengext&ptid=epf1&q={searchTerms}&ts=AHEqBHMnB3Qq

---- Lines searches removed from prefs.js ----

user_pref("browser.urlbar.suggest.searches", true);

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 1);

---- FireFox user.js and prefs.js backups ---- 

 

prefs_20161306_2223_.backup

 

ProfilePath: C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\jh61a9pv.default

 

user.js not found

---- FireFox user.js and prefs.js backups ---- 

 

prefs_20161306_2223_.backup

 

==== Deleting Files \ Folders ======================

 

C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted

C:\PROGRA~2\Splashtop deleted

C:\PROGRA~3\Splashtop deleted

C:\PROGRA~3\Package Cache deleted

C:\Users\jonas\AppData\Local\CrashRpt deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted

"C:\Users\jonas\AppData\Roaming\COWON" deleted

 

==== Files Recently Created / Modified ======================

 

====== C:\Windows ====

2016-06-11 09:17:49 BBB2FADD9F22AFA9142CE88D51640C20 804506706 ------w- C:\Windows\MEMORY.DMP

====== C:\Users\jonas\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2016-06-06 17:54:50 D494267BC169604FAC5E3679B9A97FED 444952 ----a-w- C:\Windows\SysWOW64\wrap_oal.dll

2016-06-06 17:54:50 235355A8DD26903E75D5E812ECF50E53 109080 ----a-w- C:\Windows\SysWOW64\OpenAL32.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2016-06-06 17:54:50 549347BCD4AACD63243D78E8F869DBB1 466456 ----a-w- C:\Windows\Sysnative\wrap_oal.dll

2016-06-06 17:54:50 2AD7B4F3C8D2BB686D231EDFF404B7A4 122904 ----a-w- C:\Windows\Sysnative\OpenAL32.dll

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

2016-06-11 06:22:37 5260C6394AF2A41C170FAF95631A6A5D 3490 ----a-w- C:\Windows\Sysnative\Tasks\{DE8767DA-8D3C-4E8E-B890-FD7F634B46AA}

2016-06-08 15:31:10 -------- d-----w- C:\Windows\Sysnative\Tasks\Apple

2016-05-15 11:38:15 -------- d-----w- C:\Windows\Sysnative\Tasks\Hewlett-Packard

====== C:\Windows\Temp ======

======= C:\Program Files =====

2016-06-13 14:55:37 -------- d-----w- C:\Program Files\trend micro

2016-06-12 14:55:47 -------- d-----w- C:\Program Files\Microsoft Silverlight

2016-06-10 20:23:45 -------- d-----w- C:\Program Files\EuropeanBusSimulator_2012Demo_BASIC_ENG

2016-06-08 15:31:27 -------- d---a-w- C:\Program Files\iTunes

2016-06-08 15:31:27 -------- d-----w- C:\Program Files\iPod

2016-06-08 15:30:59 -------- d---a-w- C:\Program Files\Bonjour

2016-06-08 15:30:45 -------- d-----w- C:\Program Files\Common Files\Apple

2016-06-07 16:50:37 -------- d-----w- C:\Program Files\FlightGear 2016.2.1

======= C:\PROGRA~2 =====

2016-06-13 18:08:07 1288192 ----a-w- C:\PROGRA~2\RepaintTool.exe

2016-06-13 15:06:47 -------- d-----w- C:\PROGRA~2\SplitmediaLabs

2016-06-12 14:55:47 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight

2016-06-11 19:52:48 -------- d-----w- C:\PROGRA~2\Steam

2016-06-08 15:31:27 -------- d-----w- C:\PROGRA~2\iTunes

2016-06-08 15:31:09 -------- d---a-w- C:\PROGRA~2\Apple Software Update

2016-06-08 15:30:59 -------- d---a-w- C:\PROGRA~2\Bonjour

2016-06-08 15:30:23 -------- d-----w- C:\PROGRA~2\COMMON~1\Apple

2016-06-06 17:54:50 -------- d-----w- C:\PROGRA~2\OpenAL

2016-05-15 11:38:12 -------- d-----w- C:\PROGRA~2\Hewlett-Packard

======= C: =====

====== C:\Users\jonas\AppData\Roaming ======

2016-06-13 15:07:34 -------- d-----w- C:\Users\jonas\AppData\Local\SplitMediaLabs

2016-06-11 15:07:04 -------- d-----w- C:\Users\jonas\AppData\Local\Profiles

2016-06-10 20:26:17 -------- d-----w- C:\Users\jonas\AppData\Local\European Bus Simulator 2012 Demo

2016-06-08 15:31:47 -------- d-----w- C:\Users\jonas\AppData\Local\Apple Computer

2016-06-08 15:31:10 -------- d-----w- C:\Users\jonas\AppData\Local\Apple

2016-05-31 17:56:28 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow

2016-05-22 17:50:35 -------- d-----w- C:\Users\jonas\AppData\Local\ElevatedDiagnostics

2016-05-15 12:36:50 -------- d-----w- C:\Users\jonas\AppData\Local\Hewlett-Packard

====== C:\Users\jonas ======

2016-06-13 15:06:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit

2016-06-12 14:57:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2016-06-11 19:52:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2016-06-08 15:31:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2016-06-08 15:31:27 -------- d-----w- C:\ProgramData\Apple Computer

2016-06-08 15:30:23 -------- d-----w- C:\ProgramData\Apple

2016-06-07 16:41:08 DB4A2FEE213FA87AAEDAA49884945C19 1561927011 ----a-w- C:\Users\jonas\Downloads\Installer FlightGear.exe

2016-05-22 17:58:38 -------- d-----w- C:\ProgramData\HP

2016-05-15 11:55:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support

2016-05-15 11:55:11 -------- d-----w- C:\ProgramData\Hewlett-Packard

 

====== C: exe-files ==

2016-06-13 18:08:07 695CBB76D75F78D502C9A6A7440EFC5C 1288192 ----a-w- C:\Program Files (x86)\RepaintTool.exe

2016-06-13 15:44:29 81F7480CE94830E378ADA741C8CFF0A3 98 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1444661948-3188908094-294470660-1001\$IAJLS8Q.exe

2016-06-13 14:55:38 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\jonas.exe

2016-06-13 14:53:49 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1444661948-3188908094-294470660-1001\$RAJLS8Q.exe

2016-06-11 19:56:46 695CBB76D75F78D502C9A6A7440EFC5C 1288192 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\SDK\RepaintTool\RepaintTool.exe

2016-06-11 19:56:46 4C933176D058DDB91DFA6EC13DCFF13A 403968 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Splines\Ruede\Zufallsgenerator.exe

2016-06-11 19:56:45 D8E16BF216C14868BBB8A05589E3BBE2 8778256 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Omsi.exe

2016-06-11 19:56:45 BF3F290275C21BDD3951955C9C3CF32C 517976 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\_CommonRedist\DirectX\Jun2010\DXSETUP.exe

2016-06-11 19:56:45 251743DFD3FDA414570524BAC9E55381 50449456 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\_CommonRedist\DotNet\4.0\dotNetFx40_Full_x86_x64.exe

2016-06-11 19:56:44 C9D9EEBCCEF20D637F193490CEC05E79 10274136 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\_CommonRedist\vcredist\2010\vcredist_x64.exe

2016-06-11 19:56:44 1801436936E64598BAB5B87B37DC7F87 8990552 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\_CommonRedist\vcredist\2010\vcredist_x86.exe

2016-06-11 19:53:47 D72ABBEC86BF31BAF25CD425EB276F66 567376 ----a-w- C:\Program Files (x86)\Steam\steamerrorreporter64.exe

2016-06-11 19:53:47 14F1D14AFF0CC79DC158AF2CB173D836 511568 ----a-w- C:\Program Files (x86)\Steam\steamerrorreporter.exe

2016-06-11 19:53:46 E403EAD0ADD5F84CB8D07258D6954A70 2418256 ----a-w- C:\Program Files (x86)\Steam\streaming_client.exe

2016-06-11 19:53:46 6DB7E2328D565BC3B570AB0705530237 392784 ----a-w- C:\Program Files (x86)\Steam\bin\x64launcher.exe

2016-06-11 19:53:46 2863873ECA3D310CCE1A07B90D8EF173 383056 ----a-w- C:\Program Files (x86)\Steam\GameOverlayUI.exe

2016-06-11 19:53:46 25B8AF211453EA780F529E636C203193 2062416 ----a-w- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

2016-06-11 19:53:46 223911E62D4BCD49682A1147F3EFADBD 382544 ----a-w- C:\Program Files (x86)\Steam\bin\x86launcher.exe

2016-06-11 19:53:46 13309AE5C0C1E510FDB08BD3203E4900 1878608 ----a-w- C:\Program Files (x86)\Steam\bin\html5app_steam.exe

2016-06-11 19:53:41 EE57DFA8CDE83118E8745BE09D5E8259 284456 ----a-w- C:\Program Files (x86)\Steam\WriteMiniDump.exe

2016-06-11 19:53:41 9F1AE66D7954FE2E0909A5EBC6B94798 67072 ----a-w- C:\Program Files (x86)\Steam\bin\wow_helper.exe

2016-06-11 19:53:38 E52C1B99FB8622F6F79144F84EA1382D 193784 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_10560.exe

2016-06-11 19:53:38 C34F746ACB2A8C69817AE58AA1DF5D30 238840 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_17300.exe

2016-06-11 19:53:38 B6AE77037F06336CF5046603E715D39F 226552 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_17340.exe

2016-06-11 19:53:38 A23357A49B79CBF46E15F367FBC2028E 500984 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_17330.exe

2016-06-11 19:53:38 9F54C8A9C92C42165575C1428862AF2B 2364920 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_6520.exe

2016-06-11 19:53:38 9F54C8A9C92C42165575C1428862AF2B 2364920 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_6510.exe

2016-06-11 19:53:38 9F0ACFF4C39190F3F84CF87FE4C34085 193784 ----a-w- C:\Program Files (x86)\Steam\steam\games\appid_10540.exe

2016-06-11 11:27:36 492FA93B0901EE6A627CC089B75C4697 1056760 ----a-w- C:\Users\jonas\AppData\Local\Roblox\Versions\version-c044bc45019f474c\RobloxPlayerLauncher.exe

2016-06-11 09:15:06 FB939512BED94C6E899F9FEF4F8A42B8 1518672 ----a-w- C:\Program Files (x86)\Common Files\Steam\SteamServiceTmp.exe

2016-06-11 08:46:08 15397E447111A9199E6DD820FD520321 73369 ----a-w- C:\Users\jonas\AppData\Local\Temp\BC8p3nxesV.exe

2016-06-10 20:23:45 3BE36BBBFDA44149593988EDE6CD5959 131072 ----a-w- C:\Program Files\EuropeanBusSimulator_2012Demo_BASIC_ENG\Bin_Basic_Win32\BusSimulator2012.exe

2016-06-10 16:41:47 369E3C01811F1ECE5FAFE1FE8E81D4FF 3530240 ----a-w- C:\Users\jonas\AppData\Local\Packages\Smartschool.Smartschool_e1120bs0kk1yt\AC\Microsoft\CLR_v4.0_32\NativeImages\Sb.SmartSch11ba6d86#\f52803fb4be2ea32a49bb5817d71fbfe\Sb.SmartSchool.Windows.ni.exe

2016-06-09 16:40:09 C80BB7712777762C847D8ED5FD424E8D 478720 ----a-w- C:\Users\jonas\AppData\Local\Packages\AD2F1837.HPScanandCapture_v10z8vjag6ke6\AC\Microsoft\CLR_v4.0\NativeImages\HPScanandCapture\8aae1bbeda62f788fc1cade4cf3117e9\HPScanandCapture.ni.exe

2016-06-09 16:21:08 97DF1726DA9995D8ED824258298929CF 12829272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\51.0.2704.84\51.0.2704.84_50.0.2661.102_chrome_updater.exe

2016-06-07 16:50:43 E2B47ED7E12650657FCCDB2B91C94135 460800 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\fgpanel.exe

2016-06-07 16:50:43 694F54BD227916B89FC3EB1DB53F0685 809496 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\oalinst.exe

2016-06-07 16:50:42 C134DAC2CE00D4EE6C545D463808A2DF 1224192 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\CrashSender1402.exe

2016-06-07 16:50:42 8194A1B494A1E23D427E7EE06DCDA0D0 2594304 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\fgrun.exe

2016-06-07 16:50:41 F0666DBF4F650C97F9A060BD247414F3 132096 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\UGsmooth.exe

2016-06-07 16:50:41 DFDD901C0A3B08D122237F3CF7DBD93C 390656 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\yasim.exe

2016-06-07 16:50:41 DDE4358B4CBF95B9B5D711BFE91DCBE2 342528 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\yasim-proptest.exe

2016-06-07 16:50:41 1B33697628AD70141DD4E7A954E50BDA 608768 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\terrasync.exe

2016-06-07 16:50:39 E394823B382496A193DCE34F0D8824E6 13312 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\js_demo.exe

2016-06-07 16:50:39 ABA72B96E0F472361383EF4F65033EE3 74752 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\GPSsmooth.exe

2016-06-07 16:50:39 909B13B8A8A4641AEEFFFDC38A3927D1 224256 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\metar.exe

2016-06-07 16:50:39 5282ED405C579D545529C90CD0740F50 302080 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\fgjs.exe

2016-06-07 16:50:39 3F9DA4F74EACC3E5F9CCC85D0579BB2C 76800 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\MIDGsmooth.exe

2016-06-07 16:50:39 3EBCF0BD9B057EF9759E8CCAFD7067D9 1816576 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\fgviewer.exe

2016-06-07 16:50:38 BF6FECD4D6C605B45254BF9F5186AC2B 13539840 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\fgfs.exe

2016-06-07 16:50:38 8F4AA3585141D0A2DA80504628F8C65A 1772032 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\fgelev.exe

2016-06-07 16:50:38 304575A717BE29F4A5924A2D3274EAE0 4111360 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\fgcom.exe

2016-06-07 16:50:37 6664706CF6E6C24C3A9288728CA0221C 378368 ----a-w- C:\Program Files\FlightGear 2016.2.1\bin\fgadmin.exe

2016-06-07 16:50:37 1341D3328A62493FBCA8605F73787ED4 813918 ----a-w- C:\Program Files\FlightGear 2016.2.1\unins000.exe

=== C: other files ==

2016-06-13 15:12:38 4E4018A1DD9ED6C0259A6E9B25E10FD9 40536 ----a-w- C:\Users\jonas\AppData\Local\Temp\LocalStreaming.zip

2016-06-13 15:12:35 1A974C242DA503D23326836D87EA310E 241585 ----a-w- C:\Users\jonas\AppData\Local\Temp\YouTubeLive.zip

2016-06-13 15:12:21 EB5DCAC4B85BB6736A18DAD3F0B0DBDB 166072 ----a-w- C:\Users\jonas\AppData\Local\Temp\VideoPlaylistplg.zip

2016-06-13 15:12:21 16AD88FEE08FD41606284BA4DA5E52BA 355291 ----a-w- C:\Users\jonas\AppData\Local\Temp\WhiteboardOverlayplg.zip

2016-06-13 15:12:19 949C84F8519693391B33229CE8E48032 1400200 ----a-w- C:\Users\jonas\AppData\Local\Temp\titleplg.zip

2016-06-13 15:12:16 167025C3FA5CA3A3010172853677998A 303344 ----a-w- C:\Users\jonas\AppData\Local\Temp\ImageSlideshowplg.zip

2016-06-12 13:40:54 66DE82A446863817EFCD396B37004851 1087 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Sceneryobjects\ADDON_SimpleStreets\install.bat

2016-06-12 13:28:16 B14CF33C0BD3C0C64AC4DD1B1E54B6AC 26230658 ----a-w- C:\Users\jonas\Downloads\CitaroC2Mercedes-Mod-V2.0.zip

2016-06-11 20:01:31 2F887CDC0A628F4B04AD468B8767A48F 255441 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Vehicles\MAN_SD200\Sound\SD-Sounds.zip

2016-06-11 19:59:54 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Splines\Ruede\DDR_Asphalt_variety.zip

2016-06-11 19:56:46 3802BF324EDF936AFABB7725AE067F77 3163293 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Splines\Ruede\texture\DDR_Asphalt_variety.zip

2016-06-07 16:52:31 468F31BEF9F7F666238CF73AD2C494E8 3280 ----a-w- C:\Program Files\FlightGear 2016.2.1\data\Aircraft-uiuc\runfgfs.bat

2016-06-07 16:52:13 6AC5240520155AF7D4F90410303F3D35 4140802 ----a-w- C:\Program Files\FlightGear 2016.2.1\data\Aircraft\c172p\Paintkit\Paintkit.zip

2016-06-07 16:51:56 A562E9977CF15242844C3BAF5FFA176A 16283 ----a-w- C:\Program Files\FlightGear 2016.2.1\data\Aircraft\c172p\io_scene_ac3d.zip

2016-06-07 16:50:48 E4D9C8276EBEE977CB4F76422E518DCF 772220 ----a-w- C:\Program Files\FlightGear 2016.2.1\data\AI\Aircraft\738\AI-738-paint-kit.zip

2016-06-07 16:50:43 61504E64952440A89157488F872AF592 436 ----a-w- C:\Program Files\FlightGear 2016.2.1\data\runfgfs.bat

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

 

[HKEY_USERS\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OneDrive"="C:\Users\jonas\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

"Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe -SpeechUX -Startup"

"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"

"CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"

"PowerDVD12Agent"="C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"OneDrive"="C:\Users\jonas\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

"Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe -SpeechUX -Startup"

"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

 

==== Task Scheduler Jobs ======================

 

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/04/2016 13:41]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/04/2016 13:41]

 

==== Other Scheduled Tasks ======================

 

"C:\Windows\SysNative\tasks\DolbySelectorTask" [%ProgramFiles%\Dolby Digital Plus\ddp.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse" [C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe]

"C:\Windows\SysNative\tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse" [C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe]

"C:\Windows\SysNative\tasks\McAfeeLogon" [C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe]

"C:\Windows\SysNative\tasks\PDVDServ12 Task" [C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe]

"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{B6806DBD-D5F3-486F-8498-BBA220FC9311}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

 

==== Firefox Start and Search pages ======================

 

ProfilePath: C:\Users\jonas\AppData\Roaming\Profiles\6dxid72d.default

user_pref("browser.startup.homepage", "http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBHMnB3QqAU..&v=20160607&uid=E98F73D22289F2CCE2CFDE0550C471E1&ptid=epf1&mode=loadm");

user_pref("browser.newtab.url", "http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBHMnB3QqAU..&v=20160607&uid=E98F73D22289F2CCE2CFDE0550C471E1&ptid=epf1&mode=loadm");

user_pref("browser.search.defaultenginename", "hohosearch");

user_pref("browser.search.selectedEngine", "hohosearch");

 

ProfilePath: C:\Users\jonas\AppData\Roaming\Profiles\tmpdefault

user_pref("browser.startup.homepage", "http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBHMnB3QqAU..&v=20160607&uid=E98F73D22289F2CCE2CFDE0550C471E1&ptid=epf1&mode=loadm");

user_pref("browser.newtab.url", "http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBHMnB3QqAU..&v=20160607&uid=E98F73D22289F2CCE2CFDE0550C471E1&ptid=epf1&mode=loadm");

user_pref("browser.search.defaultenginename", "hohosearch");

user_pref("browser.search.selectedEngine", "hohosearch");

[kape]

Download AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

Als de link naar AdwCleaner niet werkt, probeer dan deze link.

De download start automatisch na enkele seconden.

• Sluit alle openstaande vensters.
• Dubbelklik op AdwCleaner om hem te starten.
• Gebruikers van Windows Vista en later dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Klik op Scan (Engelse versie) of Scannen (Nederlandstalige versie)
• Mocht u gevonden items willen behouden, verwijder deze dan nu uit het lijstje.
• Klik vervolgens op Clean (Engelse versie) of Verwijderen (Nederlandstalige versie)
• Klik bij popup-scherm "AdwCleaner Herstart" op OK
  

Nadat de PC opnieuw is opgestart, opent meestal onmiddellijk een logfile van AdwCleaner.
Anders is het logfile hier terug te vinden C:\AdwCleaner\....

Logbestand plaatsen

• Voeg de logbestandjes met de naam AdwCleaner[s*].txt en AdwCleaner[C*].txt uit de map C:\AdwCleaner\... als bijlagen toe aan het volgende bericht. (*) staat voor een getal. Staan er meerdere, kies dan dit met het hoogste getal.
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

Meer informatie vind je in de handleiding.

[Gast]

sorry ik was even weg hier is het logje:

# AdwCleaner v5.200 - Logbestand aangemaakt 18/06/2016 op 21:46:34
# Laatste update 14/06/2016 door ToolsLib
# Database : 2016-06-17.1 [Server]
# Besturingssysteem : Windows 10 Home  (X64)
# Gebruikersnaam : jonas - JONASPC
# Gestart vanuit : C:\Users\jonas\Downloads\adwcleaner_5.200.exe
# Optie : Verwijderen
# Ondersteuning : https://toolslib.net/forum

***** [ Services ] *****

***** [ Mappen ] *****

***** [ Bestanden ] *****

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Snelkoppelingen ] *****

***** [ Geplande taken ] *****

[-] Taak verwijderd : YCMServiceAgent

***** [ Register ] *****

[-] Sleutel verwijderd : HKCU\Software\distromatic
[-] Sleutel verwijderd : HKLM\SOFTWARE\SrpnFiles
[-] Sleutel verwijderd : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Waarde verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8E2B7AD6-AD6E-48CA-A777-1700D6EA8C76}]
[-] Waarde verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{EFC13919-7F7F-4797-92F7-5E997C4735CE}]
[-] Waarde verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{CF7701E6-DBCC-47BE-BD77-5778F041FD77}]
[-] Waarde verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{030B1DD5-02E8-436E-9491-295CED0904CA}]

***** [ Internetbrowsers ] *****

[-] [C:\Users\jonas\AppData\Roaming\Profiles\6dxid72d.default\prefs.js] verwijderd : user_pref("browser.search.defaultenginename", "hohosearch");
[-] [C:\Users\jonas\AppData\Roaming\Profiles\6dxid72d.default\prefs.js] verwijderd : user_pref("browser.search.selectedEngine", "hohosearch");

*************************

:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1917 bytes] - [18/06/2016 21:46:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [1997 bytes] - [18/06/2016 21:43:57]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2063 bytes] ##########
 

[kape]

Dat ziet er netjes werk uit van AdwCleaner. Krijg je nu nog ongewenste websites of meldingen te zien ?

[Gast]

 

de websites zijn nog niet verdwenen maar we hebben ook al eens anti malwarebyttes laten gaan en die heeft het al veel vermindert. Ik weet niet of ik hier een link mag plaatsen van de website die ik krijg? Alvast bedank!

[kape]

Je mag een aanduiding plaatsen van de website die je krijgt ... maar typ hem dan niet in de vorm van een link (maar bvb. met spaties tussen), zodat hij door andere gebruikers niet aangeklikt kan worden.

[Gast]

@kape

Ik wou dat doen maar nu zijn het terug vele andere websites!  Wat kan ik doen? Ik heb geen problemen meer buiten die reclame websites. 

 

Alvast bedankt,

JonasTheGamer

P.S. Sorry als dit een onnuttig bericht was ik wist het niet zo goed

[kweezie wabbit]

Probeer eens of dit helpt.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

• Dubbelklik op Zoek.exe om de tool te starten.
• Gebruikers van Windows Vista en later dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

resethosts;
ipconfig /flushdns >> "%temp%\log.txt";b

• De optie "Scan All Users" staat standaard aangevinkt.
• Klik nu op de knop "Run script".
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
• Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

[Gast]

Hier is het logje.

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by jonas on wo 22/06/2016 at 12:16:16,75.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jonas\Downloads\zoek (1).exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2016-06-13-203428.log    25684 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 

==== Batch Command(s) Run By Tool======================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

==== C:\zoek_backup content ======================

C:\zoek_backup (files=155 folders=48 105564713 bytes)

==== After Reboot ======================

==== EOF on wo 22/06/2016 at 12:18:49,91 ======================