Logje

Yolanda

14-05-2014 09:25

Logfile of random's system information tool 1.09 (written by random/random)
Run by Yolanda at 2014-05-14 09:24:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 266 GB (46%) free of 579 GB
Total RAM: 3893 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:01, on 14-5-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Yolanda\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
C:\Program Files (x86)\Launch Manager\OSD.exe
C:\Program Files (x86)\Launch Manager\WButton.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\uTorrent\utorrent.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files\trend micro\Yolanda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Launch Manager\HotkeyApp.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Launch Manager\OSD.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Launch Manager\Wbutton.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe” /startup
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-1628058651-2271099288-1710920277-1001\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-1628058651-2271099288-1710920277-1001\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Startup: Dropbox.lnk = Yolanda\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra ‘Tools’ menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: CDMA Device Service - Unknown owner - C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 12375 bytes
olanda

14-05-2014 09:26

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2014.05.13.12
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17105
Yolanda :: YOBACO
13-5-2014 20:45:35
mbam-log-2014-05-13 (20-45-35).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 288617
Verstreken tijd: 5 minuut/minuten, 19 seconde(n)
Geheugenprocessen gedetecteerd: 1
C:\ProgramData\IePluginService\PluginService.exe (PUP.Optional.IePluginService.A) -> 1660 -> Zal worden verwijderd tijdens het herstarten.
Geheugenmodulen gedetecteerd: 1
C:\Program Files (x86)\SupTab\DpInterface32.dll (PUP.Optional.SupTab.A) -> Zal worden verwijderd tijdens het herstarten.
Registersleutels gedetecteerd: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Succesvol in quarantaine geplaatst en verwijderd.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\qone8Software (PUP.Optional.Qone8.A) -> Succesvol in quarantaine geplaatst en verwijderd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 2
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.Qone8) -> Slecht: (C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114) Goed: (iexplore.exe) -> Succesvol in quarantaine geplaatst en gerepareerd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Slecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Goed: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Succesvol in quarantaine geplaatst en gerepareerd.
Mappen gedetecteerd: 51
C:\Program Files (x86)\SupTab (PUP.Optional.SupTab.A) -> Zal worden verwijderd tijdens het herstarten.
C:\Program Files (x86)\SupTab\web (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\weather (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\js (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\en-US (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\es-419 (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\es-ES (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\it-CH (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\it-IT (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\pl (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\pt (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\ru (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\ProgramData\IePluginService (PUP.Optional.IePluginService.A) -> Zal worden verwijderd tijdens het herstarten.
C:\ProgramData\IePluginService\update (PUP.Optional.IePluginService.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0 (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\en (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es_419 (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-BE (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CA (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CH (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-LU (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it-CH (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pl (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt_BR (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru-MO (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\tr (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\vi (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_CN (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_TW (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
Bestanden gedetecteerd: 110
C:\ProgramData\IePluginService\PluginService.exe (PUP.Optional.IePluginService.A) -> Zal worden verwijderd tijdens het herstarten.
C:\Users\Yolanda\AppData\Roaming\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Temp\The Blacklist Seizoen1 Afl 10 HDTV XviD NL Subs DMT__6578_il3708176.exe (PUP.Optional.Amonetize) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Temp\fullpackage_temp1400005699\alilog.dll (PUP.Optional.SkyTech.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Temp\fullpackage_temp1400005699\tmp\SupTab.exe (PUP.Optional.IePluginService.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Temp\fullpackage_temp1400005699\tmp\wpm_v18.8.0.304.exe (PUP.Optional.WpManager) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\Downloads\ALAIN_MORISOD_mourir_Full (1).exe (PUP.Optional.OneClickDownloader.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\Downloads\ALAIN_MORISOD_mourir_Full.exe (PUP.Optional.OneClickDownloader.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\Downloads\The Blacklist Seizoen1 Afl 10 HDTV XviD NL Subs DMT__6578_il3708176 (1).exe (PUP.Optional.Amonetize) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\Downloads\The Blacklist Seizoen1 Afl 10 HDTV XviD NL Subs DMT__6578_il3708176 (2).exe (PUP.Optional.Amonetize) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\Downloads\The Blacklist Seizoen1 Afl 10 HDTV XviD NL Subs DMT__6578_il3708176.exe (PUP.Optional.Amonetize) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\Downloads\_Mourir_Aupres_De_Mon_Amour_Alain_Morisod_Sweet_People_mp3_Full (1).exe (PUP.Optional.OneClickDownloader.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\Downloads\_Mourir_Aupres_De_Mon_Amour_Alain_Morisod_Sweet_People_mp3_Full.exe (PUP.Optional.OneClickDownloader.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\install.data (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\DpInterface32.dll (PUP.Optional.SupTab.A) -> Zal worden verwijderd tijdens het herstarten.
C:\Program Files (x86)\SupTab\DpInterface64.dll (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\DpInterfacef32.dll (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\ient.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\RSHP.exe (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\SearchProtect32.dll (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\SearchProtect64.dll (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\SpAPPSv32.dll (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\SpAPPSv64.dll (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\uninstall.exe (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\WebDataJs (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\data.html (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\indexIE.html (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\indexIE8.html (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\main.css (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\ver.txt (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\arrow.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\default_add_logo.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\default_logo.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\googlelogo.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\googlelogo2.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\google_trends.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\icon128.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\icon16.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\icon48.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\loading.gif (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\logo32.ico (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\img\weather\0.png (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\js\common.js (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\js\ga.js (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\js\ie8.js (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\js\js.js (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\js\library.js (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\js\xagainit.js (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json (PUP.Optional.SupTab.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\background.html (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\index.html (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\manifest.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\style.css (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\default_logo.png (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\icon128.png (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\icon16.png (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\icon48.png (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\loading.gif (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\search.png (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.eot (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.svg (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.ttf (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.woff (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\background.js (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\ga.js (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\inject.js (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\jquery-base.js (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\jquery.autocomplete.js (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\js.js (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\xagainit.js (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\en\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es_419\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-BE\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CA\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CH\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-LU\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it-CH\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pl\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt_BR\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru-MO\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\tr\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\vi\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_CN\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_TW\messages.json (PUP.Optional.QuickStart.A) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
fazantje

14-05-2014 10:04

Hoi Yolanda,
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Download Zoek.exenaar het bureaublad.
Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren:
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
torpigcheck;
autoclean;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
startupall;
Klik nu op de knop “Run script”.
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht.
Succes,
Huib;)
Yolanda

14-05-2014 19:42

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Yolanda on wo 14-05-2014 at 19:20:52,47.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Yolanda\Downloads\zoek.exe
==== System Restore Info ======================
14-5-2014 19:22:41 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Pinnacle Studio Plus deleted successfully
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully
C:\PROGRA~3\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} deleted successfully
C:\PROGRA~3\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted successfully
C:\PROGRA~3\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} deleted successfully
C:\Users\Yolanda\AppData\Roaming\HpUpdate deleted successfully
C:\Users\Yolanda\AppData\Roaming\SupTab deleted successfully
C:\Users\Yolanda\AppData\Local\Downloaded Installations deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
C:\Program Files (x86)\Launch Manager\OSD.exe
C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
C:\Program Files (x86)\Launch Manager\WButton.exe
C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\uTorrent\utorrent.exe
C:\Users\Yolanda\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found
C:\PROGRA~3\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} not found
C:\PROGRA~3\{32364CEA-7855-4A3C-B674-53D8E9B97936} not found
C:\PROGRA~3\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} not found
C:\PROGRA~2\FoxTabFLVPlayer deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~3\WPM deleted
“C:\Users\Yolanda\AppData\Roaming\Temp” deleted
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 3894 MB
CPU Info: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
CPU Speed: 2416,9 MHz
Sound Card: Luidsprekers (Realtek High Defi |
Realtek Digital Output (Realtek |
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | NVIDIA GeForce GT 425M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC | Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-S083C
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 565,1GB | D: 30,0GB
Hard Disks - Free: C: 256,9GB | D: 9,6GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 02/01/10 | MEDION - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: MEDION P6624
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: ESET NOD32 Antivirus 7.0 disabled (Outdated)
Default Browser: Google Chrome 34.0.1847.131
Internet Explorer Version: 11.0.9600.17105
Google Chrome version: 34.0.1847.131
Adobe Reader version: 10.1.8.24
Sun Java version: 1.7.0_51 (32-bit)
Flash Player version: 13.0.0.214
Shockwave Player version: 11.6.8r638
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Yolanda\AppData\Local\Temp ====
2014-05-14 08:51:12 62AEB8305A12986E4901CC4860ED0382 41984 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3mhrrx.dll
2014-05-13 18:32:22 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\psmachine.dll
2014-05-13 18:32:22 8D90BB3A36521B50D0E512A781E36871 155648 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\psuser.dll
2014-05-13 18:32:22 109EEC9108ABAA66C1A67F68B6116379 220672 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\npGoogleUpdate4.dll
2014-05-13 18:32:21 E451D460727B0C455AED29A2E29E6BDF 761856 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\goopdate.dll
2014-05-13 18:32:21 7E767B342E55EB1DFD74A65D24EA4B70 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\GoogleUpdateOnDemand.exe
2014-05-13 18:32:20 F98DE4108614E4BB81E95E58E36C7000 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\GoogleUpdateBroker.exe
2014-05-13 18:32:20 D858BA2EE718B1DB1CED20646E641D08 68608 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\GoogleUpdate.exe
2014-05-13 18:32:20 4454919668558607F360B061495E1197 32768 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\GoogleUpdateHelper.msi
2014-05-13 18:32:20 03114DADBD9977FC823F95B21FB987E7 72872 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\GoogleCrashHandler.exe
2014-05-13 18:31:29 45922155C9628E11441AA869C6287BB7 10372136 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\BackupSetup.exe
2014-05-13 18:28:48 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\psmachine.dll
2014-05-13 18:28:48 F98DE4108614E4BB81E95E58E36C7000 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\GoogleUpdateBroker.exe
2014-05-13 18:28:48 E451D460727B0C455AED29A2E29E6BDF 761856 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\goopdate.dll
2014-05-13 18:28:48 D858BA2EE718B1DB1CED20646E641D08 68608 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\GoogleUpdate.exe
2014-05-13 18:28:48 8D90BB3A36521B50D0E512A781E36871 155648 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\psuser.dll
2014-05-13 18:28:48 7E767B342E55EB1DFD74A65D24EA4B70 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\GoogleUpdateOnDemand.exe
2014-05-13 18:28:48 4454919668558607F360B061495E1197 32768 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\GoogleUpdateHelper.msi
2014-05-13 18:28:48 109EEC9108ABAA66C1A67F68B6116379 220672 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\npGoogleUpdate4.dll
2014-05-13 18:28:48 03114DADBD9977FC823F95B21FB987E7 72872 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\GoogleCrashHandler.exe
2014-05-13 18:27:37 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\psmachine.dll
2014-05-13 18:27:37 F98DE4108614E4BB81E95E58E36C7000 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\GoogleUpdateBroker.exe
2014-05-13 18:27:37 E451D460727B0C455AED29A2E29E6BDF 761856 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\goopdate.dll
2014-05-13 18:27:37 D858BA2EE718B1DB1CED20646E641D08 68608 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\GoogleUpdate.exe
2014-05-13 18:27:37 8D90BB3A36521B50D0E512A781E36871 155648 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\psuser.dll
2014-05-13 18:27:37 7E767B342E55EB1DFD74A65D24EA4B70 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\GoogleUpdateOnDemand.exe
2014-05-13 18:27:37 4454919668558607F360B061495E1197 32768 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\GoogleUpdateHelper.msi
2014-05-13 18:27:37 109EEC9108ABAA66C1A67F68B6116379 220672 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\npGoogleUpdate4.dll
2014-05-13 18:27:37 03114DADBD9977FC823F95B21FB987E7 72872 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\GoogleCrashHandler.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-05-03 16:07:53 5869FBC754578A59C8C8635B99DB79DE 17384448 —-a-w- C:\Windows\SysWOW64\mshtml.dll
2014-05-03 16:07:52 2518D1922371892ADEF1F07147DBD72A 2724864 —-a-w- C:\Windows\SysWOW64\mshtml.tlb
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-05-06 18:46:23 84ED099009EF0DF82A37D4FEAE012655 465408 —-a-w- C:\Windows\Sysnative\aepdu.dll
2014-05-06 18:46:23 5513F4766C9987D6B0D49D51BB2E5EE4 424448 —-a-w- C:\Windows\Sysnative\aeinv.dll
2014-05-03 16:07:54 A98DA2EC1E56CF52C682D072F77D9874 23547904 —-a-w- C:\Windows\Sysnative\mshtml.dll
2014-05-03 16:07:53 DE5DE05946D6FC2DC494C55BC7BC4C6E 2724864 —-a-w- C:\Windows\Sysnative\mshtml.tlb
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2014-05-13 18:35:10 1A41E5EF923FC67F5E41088E3209CAA3 3314 —-a-w- C:\Windows\Sysnative\Tasks\temp_afb2bac9-2de0-4e26-8bd9-4787184f1531-2
2014-05-13 18:32:23 89DFD1000B97FA91C22740992BE664A8 5492 —-a-w- C:\Windows\Sysnative\Tasks\afb2bac9-2de0-4e26-8bd9-4787184f1531-3
2014-05-10 12:15:42 D4AAD12A445ABD6F0E9C647C49865AF3 4048 —-a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskUserS-1-5-21-1628058651-2271099288-1710920277-1000UA1cf6c498ff916f5
2014-05-10 12:15:42 3517AE19FDD69DC18E2FD01516EA362F 1074 —-a-w- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1628058651-2271099288-1710920277-1000UA1cf6c498ff916f5.job
2014-05-10 12:15:39 C7D41328AF00C7DFC4366365F19AAF22 1022 —-a-w- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1628058651-2271099288-1710920277-1000Core1cf6c498e28eaa0.job
2014-05-10 12:15:39 C49946B1CEC9EE12EE456BDBD234F706 3652 —-a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskUserS-1-5-21-1628058651-2271099288-1710920277-1000Core1cf6c498e28eaa0
2014-05-10 06:59:12 F76073D153DAB348F54B6D20A1C0B4CD 4052 —-a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA1cf6c1d58f459a1
2014-05-10 06:59:12 1926B02B0E77DB8458332F177BAAA9E6 1056 —-a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6c1d58f459a1.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-05-13 18:27:38 ——– d—–w- C:\PROGRA~2\globalUpdate
======= C: =====
====== C:\Users\Yolanda\AppData\Roaming ======
2014-05-14 08:51:12 ——– d—–w- C:\Users\Yolanda\AppData\Roaming\DropboxMaster
2014-05-13 18:27:38 ——– d—–w- C:\Users\Yolanda\AppData\Local\globalUpdate
====== C:\Users\Yolanda ======
2014-05-14 07:24:43 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Yolanda\Downloads\RSITx64 (1).exe
====== C: exe-files ==
2014-05-14 07:24:43 662C39FC1E27131551D557862CEC47F0 935175 —-a-w- C:\Users\Yolanda\Downloads\RSITx64 (1).exe
2014-05-13 18:32:21 7E767B342E55EB1DFD74A65D24EA4B70 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\GoogleUpdateOnDemand.exe
2014-05-13 18:32:20 F98DE4108614E4BB81E95E58E36C7000 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\GoogleUpdateBroker.exe
2014-05-13 18:32:20 D858BA2EE718B1DB1CED20646E641D08 68608 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\GoogleUpdate.exe
2014-05-13 18:32:20 03114DADBD9977FC823F95B21FB987E7 72872 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.255542\GoogleCrashHandler.exe
2014-05-13 18:31:29 45922155C9628E11441AA869C6287BB7 10372136 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\BackupSetup.exe
2014-05-13 18:28:48 F98DE4108614E4BB81E95E58E36C7000 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\GoogleUpdateBroker.exe
2014-05-13 18:28:48 D858BA2EE718B1DB1CED20646E641D08 68608 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\GoogleUpdate.exe
2014-05-13 18:28:48 7E767B342E55EB1DFD74A65D24EA4B70 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\GoogleUpdateOnDemand.exe
2014-05-13 18:28:48 03114DADBD9977FC823F95B21FB987E7 72872 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.43695\GoogleCrashHandler.exe
2014-05-13 18:28:30 8F28BB59B59B75BA5B8EE16FB7C84FC2 284184 —-a-w- C:\Users\Yolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YIPYICSH\torntvdownloader4.exe
2014-05-13 18:27:37 F98DE4108614E4BB81E95E58E36C7000 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\GoogleUpdateBroker.exe
2014-05-13 18:27:37 D858BA2EE718B1DB1CED20646E641D08 68608 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\GoogleUpdate.exe
2014-05-13 18:27:37 7E767B342E55EB1DFD74A65D24EA4B70 46080 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\GoogleUpdateOnDemand.exe
2014-05-13 18:27:37 03114DADBD9977FC823F95B21FB987E7 72872 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\comh.402899\GoogleCrashHandler.exe
2014-05-10 12:15:38 BE472797288F53AA9F56974B1A1FC18F 918672 —-a-w- C:\Users\Yolanda\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateSetup.exe
2014-05-10 12:15:38 6FC454773ABF8DE9A33B35E03525140D 51080 —-atw- C:\Users\Yolanda\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe
2014-05-10 12:15:38 49B70FBEEC01A69CA9AC115C109E9CDD 51080 —-atw- C:\Users\Yolanda\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateBroker.exe
2014-05-10 12:15:33 D893431503D5112DC3B799DF963D2AC8 114568 —-atw- C:\Users\Yolanda\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe
2014-05-10 12:15:33 D5A444B63637EC0932172C6719A10252 263048 —-atw- C:\Users\Yolanda\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler.exe
2014-05-10 12:15:33 720546B84ED5229E1584C8F3533A2F12 328072 —-atw- C:\Users\Yolanda\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
2014-05-10 12:15:33 506708142BC63DABA64F2D3AD1DCD5BF 116648 —-atw- C:\Users\Yolanda\AppData\Local\Google\Update\1.3.24.7\GoogleUpdate.exe
2014-05-10 12:15:26 BE472797288F53AA9F56974B1A1FC18F 918672 —-a-w- C:\Users\Yolanda\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.7\GoogleUpdateSetup.exe
2014-05-10 06:59:01 6FC454773ABF8DE9A33B35E03525140D 51080 —-atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe
2014-05-10 06:59:01 49B70FBEEC01A69CA9AC115C109E9CDD 51080 —-atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateBroker.exe
2014-05-10 06:59:00 BE472797288F53AA9F56974B1A1FC18F 918672 —-a-w- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateSetup.exe
2014-05-10 06:58:47 D893431503D5112DC3B799DF963D2AC8 114568 —-atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe
2014-05-10 06:58:47 D5A444B63637EC0932172C6719A10252 263048 —-atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
2014-05-10 06:58:47 720546B84ED5229E1584C8F3533A2F12 328072 —-atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
2014-05-10 06:58:42 506708142BC63DABA64F2D3AD1DCD5BF 116648 —-atw- C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleUpdate.exe
2014-05-10 06:58:35 BE472797288F53AA9F56974B1A1FC18F 918672 —-a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.7\GoogleUpdateSetup.exe
2014-05-08 01:54:32 FA651931AE3C5C89B5C5A0D04B642A3B 243632 —-a-w- C:\Users\Yolanda\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
2014-05-08 01:52:36 A272EEAD00A3B482BDF79400C17E402A 143656 —-a-w- C:\Users\Yolanda\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
2014-05-08 01:52:34 BF456A0CAFB2876583982E74F450D647 32668056 —-a-w- C:\Users\Yolanda\AppData\Roaming\Dropbox\bin\Dropbox.exe
=== C: other files ==
2014-05-14 07:32:37 C1232F6D8EA536FE19CA16A96E1505AF 269485035 —-a-w- C:\Users\Yolanda\Downloads\wetransfer-0bdef9.zip
2014-05-13 19:32:43 0F0AA944E975E460C88DAD47DEF26191 267906885 —-a-w- C:\Users\Yolanda\Downloads\wetransfer-13a45f.zip
2014-05-11 20:05:34 D1BEB5FB4730D618DACFD5EC96D60778 379642 —-a-w- C:\Users\Yolanda\AppData\Local\Temp\fullpackage_temp1400005699\lpd#3.2.4.xpi
==== Startup Registry Enabled ======================
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“swg”=“C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
@=“C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ”
“msnmsgr”=“C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“HotkeyApp”=“C:\Program Files (x86)\Launch Manager\HotkeyApp.exe”
“LMgrVolOSD”=“C:\Program Files (x86)\Launch Manager\OSD.exe”
“Wbutton”=“C:\Program Files (x86)\Launch Manager\Wbutton.exe”
“Google Desktop Search”=“C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe /startup”
“APSDaemon”=“C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe ”
“swg”=“C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
@=“C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ”
“AppInit_DLLs”=“C:\\Windows\\SysWOW64\\nvinit.dll C:\\PROGRA~2\\Google\\GOOGLE~3\\GO36F4~1.DLL”
==== Startup Registry Enabled x64 ======================
“IgfxTray”=“C:\Windows\system32\igfxtray.exe”
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe”
“Persistence”=“C:\Windows\system32\igfxpers.exe”
“RtHDVCpl”=“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s”
“RtHDVBg”=“C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 ”
“BCSSync”=“C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices”
“egui”=“C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice”
“AppInit_DLLs”=“C:\\Windows\\system32\\nvinitx.dll”
==== Startup Registry Disabled ======================
“Google Update”=“\”C:\\Users\\Yolanda\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\“ /c”
“Adobe Reader Speed Launcher”=“\”C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\“”
“Adobe ARM”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“SunJavaUpdateSched”=“\”C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\“”
“iTunesHelper”=“\”C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\“”
“HP Software Update”=“C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe”
==== Startup Registry Disabled x64 ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“”
“hkey”=“HKCU”
“command”=“C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“APSDaemon”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“cdloader”
“hkey”=“HKCU”
“command”=“\”C:\\Users\\Yolanda\\AppData\\Roaming\\mjusbsp\\cdloader2.exe\“ MAGICJACK”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“iTunesHelper”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“KiesAirMessage”
“hkey”=“HKCU”
“command”=“C:\\Program Files (x86)\\Samsung\\Kies\\KiesAirMessage.exe -startup”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“KiesPDLR”
“hkey”=“HKCU”
“command”=“C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“KiesPreload”
“hkey”=“HKCU”
“command”=“C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“KiesTrayAgent”
“hkey”=“HKLM”
“command”=“C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Skype”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\“ /minimized /regrun”
==== Startup Folders ======================
2013-06-05 11:19:06 1053 —-a-w- C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf2a5cd0a78971.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6c1d58f459a1.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1628058651-2271099288-1710920277-1000Core1cf6c498e28eaa0.job –a—— C:\Users\Yolanda\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1628058651-2271099288-1710920277-1000UA1cf6c498ff916f5.job –a—— C:\Users\Yolanda\AppData\Local\Google\Update\GoogleUpdate.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma”
“C:\Windows\SysNative\tasks\afb2bac9-2de0-4e26-8bd9-4787184f1531-3”
“C:\Windows\SysNative\tasks\CreateChoiceProcessTask”
“C:\Windows\SysNative\tasks\Google Updater and Installer”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1cf2a5cd0a78971”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cf6c1d58f459a1”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1628058651-2271099288-1710920277-1000Core1cf6c498e28eaa0”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1628058651-2271099288-1710920277-1000UA1cf6c498ff916f5”
“C:\Windows\SysNative\tasks\HP-Online updateprogramma”
“C:\Windows\SysNative\tasks\Java Update Scheduler”
“C:\Windows\SysNative\tasks\temp_afb2bac9-2de0-4e26-8bd9-4787184f1531-2”
“C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013”
“C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate”
“C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask”
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2013-12-26 20:02:34 ——– d—–w- C:\PROGRA~3\ESET
2014-01-18 09:09:03 ——– d—–w- C:\PROGRA~3\AVG
2014-02-07 08:01:17 ——– d—–w- C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-15 17:27:51 ——– d—–w- C:\PROGRA~3\HP
2014-02-15 17:28:35 ——– d—–w- C:\PROGRA~3\HP Photo Creations
2014-02-15 17:28:35 ——– d—–w- C:\PROGRA~3\Visan
==== Chrome Look ======================
YouTube - Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Cast - Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd
Google Search - Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Yolanda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.startpagina.nl/”
“Default_Page_URL”=“http://www.google.com”
“Default_Search_URL”=“http://www.qone8.com/web/?type=ds&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114&q={searchTerms}”
“Default_Page_URL”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Search Page”=“http://www.qone8.com/web/?type=ds&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114&q={searchTerms}”
“Default_Search_URL”=“http://www.qone8.com/web/?type=ds&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114&q={searchTerms}”
“Default_Page_URL”=“http://www.google.com”
“Start Page”=“http://www.google.com”
“Search Page”=“http://www.qone8.com/web/?type=ds&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114&q={searchTerms}”
New Values:
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page”=“http://www.startpagina.nl/”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{941C0C03-E6FB-468F-9AB5-A4E86EE77624}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url=“Not_Found”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{941C0C03-E6FB-468F-9AB5-A4E86EE77624} Google Url=“http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=&rlz=1I7ADRA_nl”
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1628058651-2271099288-1710920277-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-1628058651-2271099288-1710920277-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\UpdatusUser\Desktop\Bit Che.lnk - C:\Program Files (x86)\Bit Che\Bit_Che.exe
C:\Users\UpdatusUser\Desktop\MagicISO.lnk - C:\Program Files (x86)\MagicISO\MagicISO.exe
C:\Users\UpdatusUser\Desktop\SopCast.lnk - C:\Program Files (x86)\SopCast\SopCast.exe
C:\Users\Yolanda\Desktop\Chromecast.lnk - C:\Users\Yolanda\AppData\Local\Google\Chromecast\ChromecastApp.exe
C:\Users\Yolanda\Desktop\Digital TV on PC PRO 2013 v13.05.3 Ultimate Full.lnk - C:\Program Files (x86)\Digital TV on PC PRO 2013 v13.05.3 Ultimate Full\Digital TV on PC PRO 2013 v13.05.3 Ultimate Full.exe
C:\Users\Yolanda\Desktop\Pluspunt.lnk - C:\Users\Yolanda\Documents\Downloads\Ambrasoft Familie Pakket 1213\Pluspunt\Pluspunt Rekenspel Groep 4 (1e helft)\Pluspunt Groep 4B\start.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\AVG 1-klik Onderhoud.lnk - C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
C:\Users\Public\Desktop\Benodigdheden kopen - HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\hpqDTSS.exe
C:\Users\Public\Desktop\Familiepakket 1213.lnk - C:\Program Files (x86)\AmbraSoft\FP1213\bin\HoofdMenu.exe
C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe -Start UDCDevicePage
C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Minecraft.lnk - C:\Users\Yolanda\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe
C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite
C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Users\Public\Desktop\Smart Converter Pro.lnk - C:\Windows\Installer\{073C6D04-4F52-472B-B4ED-7A7E84D4405D}\SmartConverterPro._7EDBA3E26C4D4D42B3CAA4F187180E1F.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast\Chromecast.lnk - C:\Users\Yolanda\AppData\Local\Google\Chromecast\ChromecastApp.exe
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast\Verwijder Chromecast.lnk - C:\Users\Yolanda\AppData\Local\Google\Chromecast\unins000.exe
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Yolanda\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Yolanda\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe http://start.qone8.com/?type=sc&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Yolanda\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Taal actief spelling 3\Groep 5\Registreren Taal actief spelling 3 - Groep 5.lnk - C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe http://start.qone8.com/?type=sc&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Story Album Viewer.lnk - C:\Program Files (x86)\Samsung\Story Album Viewer\HTML5Viewer.exe
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Familiepakket 1213.lnk - C:\Program Files (x86)\AmbraSoft\FP1213\bin\HoofdMenu.exe
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe http://start.qone8.com/?type=sc&ts=1400005729&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
==== shortcuts After Repair ======================
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\Users\Yolanda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Taal actief spelling 3\Groep 5\Registreren Taal actief spelling 3 - Groep 5.lnk - C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Yolanda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Yolanda\AppData\Local\Google\Chrome\Application\chrome.exe
==== HijackThis Entries ======================
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\Launch Manager\HotkeyApp.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Launch Manager\OSD.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Launch Manager\Wbutton.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe” /startup
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKCU\..\Run: “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-1628058651-2271099288-1710920277-1001\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUS\S-1-5-21-1628058651-2271099288-1710920277-1001\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’)
O4 - Startup: Dropbox.lnk = Yolanda\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra ‘Tools’ menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: CDMA Device Service - Unknown owner - C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Yolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Yolanda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Yolanda\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Yolanda\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=18 folders=18 2683602 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\Yolanda\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Yolanda\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on wo 14-05-2014 at 19:42:48,48 ======================
fazantje

14-05-2014 20:42

Hoi Yolanda,
Voer zoek.exe nogmaals uit en vertel of dit heeft geholpen;
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
C:\Windows\SysNative\tasks\afb2bac9-2de0-4e26-8bd9-4787184f1531-3;f
C:\Windows\SysNative\tasks\temp_afb2bac9-2de0-4e26-8bd9-4787184f1531-2;f
C:\Program Files (x86)\HDS-Total-1.8;fs
Klik nu op de knop “Run script”.
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Download AdwCleaner by Xplode naar het bureaublad.
Sluit alle openstaande vensters.
Klik met de rechtermuisknop op het icoontje (snelkoppeling) en kies voor Als Administrator uitvoeren.
Klik vervolgens op Scan.
Klik vervolgens op Clean als er items zijn gevonden.
Klik bij Herstarten Noodzakelijk op OK.
Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner.txt
Post de inhoud van dit logje in je volgende bericht.
Vertel gelijk hoe het nu gaat met jou computer.
Succes,
Huib;)
Yolanda

14-05-2014 22:00

# AdwCleaner v3.208 - Rapport aangemaakt 14/05/2014 op 21:58:12
# Laatste Update 11/05/2014 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruikersnaam : Yolanda -
# Gestart vanuit : C:\Users\Yolanda\Desktop\adwcleaner_3.208.exe
# Optie : Verwijderen
***** *****
***** *****
Map Verwijderd : C:\Program Files (x86)\globalUpdate
Map Verwijderd : C:\Users\Yolanda\AppData\Local\globalUpdate
***** *****
***** *****
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Sleutel Verwijderd : HKLM\Software\SupTab
Sleutel Verwijderd : HKLM\Software\supWPM
Sleutel Verwijderd : HKLM\Software\Wpm
***** *****
-\\ Internet Explorer v11.0.9600.17041
Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
Instelling Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main
-\\ Google Chrome v
Verwijderd : hxxp://nl.softonic.com/s/{searchTerms}
Verwijderd : hxxp://www.qone8.com/web/?type=dspp&ts=1400006109&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114&q={searchTerms}
Verwijderd : hxxp://start.qone8.com/?type=hppp&ts=1400005957&from=ild&uid=SAMSUNGXHM641JI_S2BEJDQZ802114
Verwijderd : pelmeidfhdlhlbjimpabfcbnnojbboma
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
qone8 is verdwenen en opstartpagina is nu google.
Ik denk dus goed. Hartstikke bedankt voor je hulp.
Groetjes Yolanda
Ben

14-05-2014 22:04

Hallo,
Je heb zoek ook nog uitgevoerd, zo ja doe het volgende;
Malwarebytes kan je laten staan en één maal in de week (na te hebben geupdate) je pc mee scannen.
Met het onderstaande tooltje ruim je o.a. alle gebruikte tools op:
Download Delfix by Xplode naar het bureaublad.
Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:
Remove disinfection tools
Purge System Restore
Reset system settings
Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.
Mochten er nog tools of mappen overgebleven zijn dan kan je die zelf verwijderen.
Yolanda

15-05-2014 14:45

Gedaan en hij heeft wat dingetjes gedelete.
Bedankt voor de service
Gr Yolanda
Ben

15-05-2014 14:56

Hallo,
Dat is mooi, als er verder geen problemen zijn houden we het hierbij (tu)
Bedankt en graag gedaan (ook namens Huib)
fazantje

22-05-2014 11:52

Omdat dit topic is opgelost word het gesloten.
Wilt U Uw topic als nog weer openen, stuur dan een privé bericht naar Ben of Huib (fazantje).
Zij zullen dan het “slotje” er van af halen en het topic is weer geopend
Het AV team.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Logje

Yolanda

olanda

fazantje

Yolanda

fazantje

Yolanda

Ben

Yolanda

Ben

fazantje