• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

Wat is Dit?? Virus of malware??

Status
Niet open voor verdere reacties.
F

fotogerard

Junior lid
Lid geworden
2 nov 2010
Berichten
86
Waarderingsscore
1
Ik ben onvoorzichtig geweest en waarschijnlijk een keer iets fouts geaccepteerd.
Bij het openen van mijn internet gaat de browser steeds naar: http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
Een andere site als standaard internet optie inschakelen werkt niet.
Wat is dit en hoe krijg ik dit verwijderd?
Via het configuratiescherm onder programma's verwijderen is het onzichtbaar.
Wie weet raad? Bij voorbaat dank voor de hulp.
Met vriendelijke groeten,
Gerard
 
Hallo,

Dit noemen ze een brouwser hacking.



Download
51a5f5d096dae-icon_RSIT.png
RSIT van de onderstaande locaties en sla deze op het bureablad op.
Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

RSIT Uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
  • Dubbelklik op RSIT.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Als u RSIT de eerste keer uitvoert zal HijackThis gedownload worden als deze niet aanwezig is, sta dit vervolgens toe door op "I accept" te klikken.
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" geopend.
  • Voeg Log.txt logbestanden toe aan uw volgende bericht.
 
Hallo,

"Voeg Log.txt logbestanden toe aan uw volgende bericht."
Welk bericht wordt hier bedoeld?? Er zijn inderdaad een aantal kladblok pagina's aangemaakt.
Reeds bedankt voor de info.

M.vr.gr. Gerard
 
Hallo,

Onder de kladblok bestanden staat een naam, de genen met "Log.txt" mag je plaatsen.
 
Hallo Abbs "info txt"zie ik maar "log txt" niet. Er zijn wel gegevens over "system event"en "security event".
Maar zijn die niet priv??
M.vr.gr.
Gerard
 
Hallo,

Het enigste wat iemand kan zien is je gebruikers naam verder geen priv gegevens waar iemand wat aan heeft.
Maar doe het volgende;


Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

Download
51a612a8b27e2-Zoek.png
Zoek.exe naar het bureaublad.
  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.


Zoek.exe uitvoeren (voor meer informatie kunt u deze handleiding raadplegen)
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
    Code: 
    firefoxlook;
torpigcheck;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Zoek.exe logbestand plaatsen
  • Voeg het logbestand met de naam "Zoek-results.log" toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
 
Bedankt Abbs,
Ga dit morgen even rustig opnieuw proberen en kom er op terug.








Bedankt Abbs,
Ga dit morgen even rustig opnieuw proberen en kom er dan op terug.
M.vr.gr.
Gerard
 
Hallo,

Dat is goed hoor neem eerst de handleiding goede door en neem er de tijd voor.
 
Hallo Abbs,

Na een drukke dag ben ik nu maar eens aan het puzzelen gegaan

Is dit het benodigde logje dat je vraagt??

Zoek.exe v5.0.0.0 Updated 27-09-2014
Tool run by cornelus079 on ma 29-09-2014 at 19:24:13,79.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\IE\X6BJENLU\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 19:27:24,27 =====

--- Create Environment Variables 19:27:25,31
--- Create System Restore Point 19:27:32,86
--- Checking Input 19:27:51,01
--- Torpig Check 19:27:53,89
--- AU AppData Check 19:27:56,34
--- Remove From Windows Installer 19:28:01,18
--- Empty Folders Check 19:29:16,22
--- StartMenuInternet Check 19:29:16,59
--- IE Startpage Check 19:29:23,46

Ik lees je reactie wel.
M.vr.gr.
Gerard

---------- Bericht toegevoegd op 19:35 ---------- Vorige bericht was op 19:32 ----------

Of is het deze. die zag ik nu ineens staan;


Zoek.exe v5.0.0.0 Updated 27-09-2014
Tool run by cornelus079 on ma 29-09-2014 at 19:24:13,79.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\IE\X6BJENLU\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 19:27:24,27 =====

--- Create Environment Variables 19:27:25,31
--- Create System Restore Point 19:27:32,86
--- Checking Input 19:27:51,01
--- Torpig Check 19:27:53,89
--- AU AppData Check 19:27:56,34
--- Remove From Windows Installer 19:28:01,18
--- Empty Folders Check 19:29:16,22
--- StartMenuInternet Check 19:29:16,59
--- IE Startpage Check 19:29:23,46
--- Program Files DB Check 19:29:56,25
--- C:\Users\cornelus079\AppData\Roaming DB Check 19:30:31,87
--- C:\Users\Default\AppData\Roaming DB Check 19:30:31,87
--- C:\Users\Default User\AppData\Roaming DB Check 19:30:31,87
--- C:\Users\Default.migrated\AppData\Roaming DB Check 19:30:31,87
--- C:\Users\GerardWJ\AppData\Roaming DB Check 19:30:31,87
--- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming DB Check 19:30:31,87
--- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming DB Check 19:30:31,87
--- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming DB Check 19:30:31,87
--- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming DB Check 19:30:31,87
--- C:\Users\cornelus079 DB Check 19:32:47,45
--- C:\PROGRA~3 DB Check 19:33:34,70
--- C:\Users\cornelus079\AppData\Local DB Check 19:33:36,22
 
Hallo,

Je begint goed maar dit is de voortgang van de scan, lees aub de handleiding (voor meer informatie kunt u deze handleiding raadplegen)
De scan is klaar als hij vraagt vof je de pc wil herstarten.
 
Hallo Abbs,

Inderdaad, na een lange tijd wachten en een nog langere spannende tijd voor de reboot ( meer dan 1/2 uur) draait de pc weer en heb tevens het vermoeden dat het probleem weg is. ( nog goed checken) Ik plaats hier het gevraagde log bestand "zoek-results.log dat ik van de c schijf heb gekopieerd.
Hartelijk dank voor de geboden hulp.

oek.exe v5.0.0.0 Updated 27-09-2014
Tool run by cornelus079 on ma 29-09-2014 at 19:24:13,79.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\IE\X6BJENLU\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

29-9-2014 19:27:50 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


==== Empty Folders Check ======================

C:\PROGRA~2\Wondershare deleted successfully
C:\Program Files\stinger deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\ZoomBrowser deleted successfully
C:\Users\cornelus079\AppData\Roaming\folder deleted successfully
C:\Users\cornelus079\AppData\Roaming\ZoomBrowser EX deleted successfully
C:\Users\cornelus079\AppData\Local\softthinks deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Internet Explorer\SearchScopes\{75A3C74E-E0B7-4389-A02B-79EE2B37A088} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\Program Files\Conexant\SA3\CxUtilSvc.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\SysWOW64\Tablet.exe
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe
C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
C:\Program Files (x86)\Pantone\huey\hueyTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\IE\X6BJENLU\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wajam Internet Enhancer Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\videodownloadconverter_4zservice deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\CORNEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\nnlq6flk.default

user.js not found
---- Lines webssearch removed from prefs.js ----
user_pref("browser.newtab.url", "http://istart.webssearches.com/newtab/?type=nt&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N649
user_pref("browser.search.defaultenginename", "webssearches");
user_pref("browser.search.selectedEngine", "webssearches");
user_pref("browser.startup.homepage", "http://istart.webssearches.com/?type=hp&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
---- Lines ask.com removed from prefs.js ----
user_pref("browser.search.order.1", "Ask.com");
---- Lines ffxtbr modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"4zffxtbr@VideoDownloadConverter_4z.com\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_29-09-2014_1939_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\webssearches.xml deleted
C:\PROGRA~2\PC Speed Up deleted
C:\PROGRA~2\Video Download Converter deleted
C:\PROGRA~2\Wajam deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\install.exe deleted
C:\Users\cornelus079\AppData\Roaming\VOPackage deleted
C:\Users\cornelus079\AppData\Roaming\Babylon deleted
C:\Users\cornelus079\AppData\Roaming\DSite deleted
C:\Users\cornelus079\0145.tmp deleted
C:\Users\cornelus079\1596.tmp deleted
C:\Users\cornelus079\Music\Qtrax Media Library deleted
C:\PROGRA~3\Ask deleted
C:\PROGRA~3\AskPartnerNetwork deleted
C:\PROGRA~3\APN deleted
C:\PROGRA~3\Tarma Installer deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\cornelus079\AppData\Local\VideoDownloadConverter_4z deleted
C:\Users\cornelus079\AppData\Local\Wondershare deleted
C:\Users\cornelus079\AppData\Local\AskPartnerNetwork deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\cornelus079\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage deleted
C:\Users\cornelus079\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk deleted
C:\windows\SysNative\Tasks\DSite deleted
C:\Users\cornelus079\AppData\LocalLow\VideoDownloadConverter_4z deleted
C:\Users\cornelus079\AppData\LocalLow\BabylonToolbar deleted
C:\Users\cornelus079\AppData\LocalLow\IAC deleted
C:\Users\cornelus079\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\WINDOWS\SysWow64\searchplugins deleted
C:\WINDOWS\SysWow64\Extensions deleted
C:\Users\cornelus079\Desktop\Qtrax Player.lnk deleted
C:\Users\CORNEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\nnlq6flk.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com deleted
"C:\PROGRA~2\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe" deleted
"C:\PROGRA~2\VideoDownloadConverter_4z\bar\1.bin\4zbrstub.dll" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted
"C:\PROGRA~2\VideoDownloadConverter_4z" not deleted
"C:\PROGRA~2\AskPartnerNetwork" deleted
"C:\PROGRA~2\VideoDownloadConverter_4z\bar" not deleted
"C:\PROGRA~2\VideoDownloadConverter_4z\bar\1.bin" not deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8062 MB
CPU Info: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
CPU Speed: 2196,5 MHz
Sound Card: Luidsprekers (Conexant SmartAud |
Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000
Monitors: 1x; Generic PnP Monitor | Generic PnP Monitor | Generic PnP Monitor |
Screen Resolution: 1280 X 1024 - 32 bit
Network: Network Present
Network Adapters: Bluetooth-apparaat (Personal Area Network) #2 | Microsoft Wi-Fi Direct Virtual Adapter | Intel(R) Centrino(R) Wireless-N 2230 | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVD+-RW GT80N
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 918,1GB
Hard Disks - Free: C: 784,7GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE | | DELL - 1
Time Zone: West-Europa (standaardtijd)
Motherboard *: Dell Inc. 0PXH02
Country: Nederland
Language: NLD

==== System Specs (Software) ======================

Anti-Virus: McAfee Antivirus en antispyware On-access scanning disabled (Outdated)
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: McAfee Antivirus en antispyware disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: McAfee Firewall disabled
Default Browser: Google Chrome 37.0.2062.124
Internet Explorer Version: 11.0.9600.17278
Mozilla Firefox version: 31.0 (x86 nl)
Google Chrome version: 37.0.2062.124
Adobe Reader version: 11.0.9.29
Sun Java version: 1.7.0_67 (32-bit)

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2014-09-14 18:42:28 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\WINDOWS\explorer.exe
====== C:\Users\CORNEL~1\AppData\Local\Temp ====
2014-09-24 11:43:28 E02F396387F8AA59FA7CC942638D67EE 69056 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\7E82590C-48C6-48BD-9DBB-BDCC68C3CBB8\BaofengUpdate.exe
2014-09-24 11:43:28 3A30D6A48390FA807156AA161F6A8189 108032 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\7E82590C-48C6-48BD-9DBB-BDCC68C3CBB8\BFVUpdateM.dll
2014-09-24 11:43:28 1608D54DC69EA7E763CDAB78F71CAFD6 1856512 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\7E82590C-48C6-48BD-9DBB-BDCC68C3CBB8\UninstallManager.exe
2014-09-24 11:43:26 0072CC9A1C54797FFF331CCE5D9B542C 285271 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\n7617\VOPackage.exe
2014-09-24 11:43:19 B0DAAC9195ED549B89BFEA99CEB1A39B 195072 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\7E82590C-48C6-48BD-9DBB-BDCC68C3CBB8\DTool.dll
2014-09-24 11:43:19 46715B6176CB0DE8300EDB7AC62E12E4 723832 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\n7617\webssearches_1209-c61a659a.exe
2014-09-24 11:43:19 04D02D6F85C6025B55F570746884922B 225280 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\7E82590C-48C6-48BD-9DBB-BDCC68C3CBB8\DToolZip.exe
2014-09-24 11:42:59 44266BC75FD10E8349724EB6047E91DA 345600 ----atw- C:\Users\cornelus079\AppData\Local\Temp\n7617\s7617.exe
2014-09-24 11:39:41 24C9B99D084E8D47662B514018BCB2F7 5671272 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\n6817\pcspeedup.exe
2014-09-24 11:39:19 57FD4A179DDB021369DE5A9DD7BBD27C 2267040 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\n6817\WIE_2.15.2.4.exe
2014-09-24 11:38:54 DE5C4ED5BA45ABADBCC0861912FE89A1 351280 ----atw- C:\Users\cornelus079\AppData\Local\Temp\n6817\s6817.exe
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2014-09-24 12:09:48 F51B727AFF404ED8D730DFA069D88D7B 18722600 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll
2014-09-24 12:09:46 7BEE9E040222E7033A820780E1A61204 5777408 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-24 12:09:45 074BF061D97E49AAF04F2FAF46409A14 5902848 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-24 12:09:43 E86549FED3008360730A6B722079D537 756224 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-24 12:09:43 DBA00F3FC75495058A25B24906C24599 1205976 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll
2014-09-24 12:09:43 BFC6F7889A9CFF451A418862444B9F63 321024 ----a-w- C:\WINDOWS\SysWOW64\Wldap32.dll
2014-09-24 12:09:43 A4E624F7658D08C1717542FA10E0A973 1467384 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll
2014-09-24 12:09:43 76831C139BD9E227712B283A6A5ABBA8 840192 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-09-24 12:09:43 24B30DB8D1F8CF0F8C1AAAE319BC508E 838144 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll
2014-09-24 12:09:43 021825EF003AA09835ECCA2CCF973BB8 626688 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-09-24 12:09:42 DA65F1320538BC417B8FAE0BCAC330A0 265216 ----a-w- C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-09-24 12:09:33 CB90D56DB19B8213CF5F7CB789C1C778 3117568 ----a-w- C:\WINDOWS\SysWOW64\msi.dll
2014-09-24 12:09:33 C49344C2F399A22704C682C5E18B8DF2 2321920 ----a-w- C:\WINDOWS\SysWOW64\authui.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-09-25 11:30:54 CB136B267569A62EF63D798BC90ABD5A 144 ----a-w- C:\WINDOWS\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-09-24 12:20:17 3BC10FA856911EAE5FE7CD700FE137B5 451 ----a-w- C:\WINDOWS\Sysnative\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-09-24 12:09:51 34A16F6F9546595952C65003D9A4B474 21195616 ----a-w- C:\WINDOWS\Sysnative\shell32.dll
2014-09-24 12:09:50 1676B06421492B439A9E60C55692A921 8757760 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll
2014-09-24 12:09:47 8A522BBE4E06586C57E5D9DC50FB88B0 6649344 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll
2014-09-24 12:09:46 57CA779C19C2F224BE0C5EFC40F54B60 4758528 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll
2014-09-24 12:09:44 5053FE9043FB84D71B04EFC7D5DA13CF 1710184 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll
2014-09-24 12:09:44 3B048C495ED3ADB6D8CA00769EC542B3 921600 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll
2014-09-24 12:09:44 37C1CBCB3F420C754E86E3EC313D436D 1112512 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll
2014-09-24 12:09:44 30293301B14D0D11D086B09831F5FE0D 920064 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll
2014-09-24 12:09:44 2ECA23663D13100032E09062C743C70D 1507648 ----a-w- C:\WINDOWS\Sysnative\propsys.dll
2014-09-24 12:09:44 10CE7F7704E293F6CC6E0AF51DBFD95A 1106432 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll
2014-09-24 12:09:43 FD4EA8E9232ADD51DC31C295DDEF2768 287744 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll
2014-09-24 12:09:43 F58FBEA392B663B936E62939A877CA80 1120768 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe
2014-09-24 12:09:43 E325BCD68EC0CF2E2EDD0AB7CC17C698 267776 ----a-w- C:\WINDOWS\Sysnative\bisrv.dll
2014-09-24 12:09:43 ACFEE9487693C2BD573DFCA71D98E17C 914432 ----a-w- C:\WINDOWS\Sysnative\iphlpsvc.dll
2014-09-24 12:09:43 ABB028BAB78E7B4AFE374F8246F6CCB6 359424 ----a-w- C:\WINDOWS\Sysnative\Wldap32.dll
2014-09-24 12:09:43 66CBCDDEF429E5BA83C3288EEB0771A6 717824 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll
2014-09-24 12:09:43 0DD29E5328436D51517316CD6D3BACCA 286208 ----a-w- C:\WINDOWS\Sysnative\pcsvDevice.dll
2014-09-24 12:09:42 B6F423906D3E10BE38C16726C0905033 388729 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml
2014-09-24 12:09:42 73F269436228D5625E83A1EAF3549F58 118272 ----a-w- C:\WINDOWS\Sysnative\httpprxm.dll
2014-09-24 12:09:42 5D4A403DAE434FBA11779496EAFBDDE8 75776 ----a-w- C:\WINDOWS\Sysnative\adhsvc.dll
2014-09-24 12:09:42 36F977EDAE6CEE96CE6409B2B16765B4 290816 ----a-w- C:\WINDOWS\Sysnative\ProximityService.dll
2014-09-24 12:09:42 3014CE5846A486C624E3E2CEB8C3290C 286208 ----a-w- C:\WINDOWS\Sysnative\SkyDriveShell.dll
2014-09-24 12:09:36 A1864B6F524DAFAB750C613467E43515 4148736 ----a-w- C:\WINDOWS\Sysnative\win32k.sys
2014-09-24 12:09:33 A00B916CD6A67984257DC53052350219 2646016 ----a-w- C:\WINDOWS\Sysnative\authui.dll
2014-09-24 12:09:33 7667B9D81EA8FD6540E6CF72F92161A6 109568 ----a-w- C:\WINDOWS\Sysnative\appinfo.dll
2014-09-24 12:09:33 5DAA60A74D178525DC6ACF53ABE343D6 2779136 ----a-w- C:\WINDOWS\Sysnative\msi.dll
====== C:\WINDOWS\Sysnative\drivers =====
2014-09-24 12:13:33 8A375CB3B6D1A56A2AEEE72A5F1D0926 36096 ----a-w- C:\WINDOWS\Sysnative\drivers\amdkmpfd.sys
2014-09-24 12:09:45 87F3713E620F62D243A82B3CB66CBDDE 2498880 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys
2014-09-24 12:09:43 329FEB41BBE82FBBD9BD69547BA1CB82 428864 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2014-09-14 18:41:52 6416E79A58A8FCC33A447A4DDDD3BF04 412160 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys
2014-09-14 18:41:50 038C77D577900EE39410662478BB0D50 2009920 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys
2014-09-14 18:41:49 97B9076611291AE4C4C107BC915BD026 1200640 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys
2014-09-14 18:41:49 77E1D08EF3BFB923F2EDC3FC8089E08E 475968 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys
2014-09-14 18:41:49 5BED3AB69797C8786EF70AEA8C33748B 674816 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys
2014-09-14 18:41:47 FF78D053A05E5A394F4E3C1816CC65A8 143680 ----a-w- C:\WINDOWS\Sysnative\drivers\usbccgp.sys
2014-09-14 18:41:45 240C5C3793206725AA05665851E8C214 412992 ----a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys
2014-09-14 18:41:44 65392F3F3F65E4C6CC82A0F4F8A0B051 468288 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2014-09-14 18:41:42 D047CD668E6277FD80F0C613946F034C 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys
2014-09-14 18:41:42 64CA2B4A49A8EAF495E435623ECCE7DB 310080 ----a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys
2014-09-14 18:41:42 26ACA481FAFEC59FE311D719E3027BBA 446976 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys
2014-09-14 18:41:41 FEF0BC107812B36849741C3211BA6B60 419648 ----a-w- C:\WINDOWS\Sysnative\drivers\usbhub.sys
2014-09-14 18:41:38 9C096BF5E10CA8BFA56F32522A89FAF1 79872 ----a-w- C:\WINDOWS\Sysnative\drivers\IPMIDrv.sys
2014-09-14 18:41:37 E4B4BE2D7750849C07589DA0B0AABA01 1118040 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys
2014-09-14 18:41:37 C910E5D18958914A66F0E45689D0B40A 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys
2014-09-14 18:41:37 B1AA3B19A2E596A59224F893E01A5A75 126464 ----a-w- C:\WINDOWS\Sysnative\drivers\NdisImPlatform.sys
2014-09-14 18:41:36 E0927EFA25D473367C3341B9F5969779 115712 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys
2014-09-14 18:41:36 D4B7ED39C7900384D9E5C1283F1E7926 76800 ----a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys
2014-09-14 18:41:32 91ED124E261EA8FAA1C0FFDF2A71B0C4 280384 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys
2014-09-14 18:41:32 1DD05F4857C2188744B9E864658949DD 295424 ----a-w- C:\WINDOWS\Sysnative\drivers\ks.sys
2014-09-14 18:41:22 25BB93167DEF270188072603F92A1EF5 118272 ----a-w- C:\WINDOWS\Sysnative\drivers\bthpan.sys
2014-09-14 18:31:08 8DF1254093B5C354CE725EB6B9B0DE19 146752 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-09-28 19:03:03 -------- d-----w- C:\Program Files\trend micro
2014-09-17 17:35:59 -------- d-----w- C:\Program Files\CEWEFOTOBOEK
======= C:\PROGRA~2 =====
2014-09-28 19:51:53 -------- d-----w- C:\PROGRA~2\trend micro
2014-09-25 13:07:08 -------- d-----w- C:\PROGRA~2\jAlbum
======= C: =====
====== C:\Users\cornelus079\AppData\Roaming ======
2014-09-24 12:13:39 -------- d-----w- C:\Users\Default\AppData\Roaming\ATI
2014-09-24 12:13:39 -------- d-----w- C:\Users\Default\AppData\Local\ATI
2014-09-24 12:13:39 -------- d-----w- C:\Users\Default User\AppData\Roaming\ATI
2014-09-24 12:13:39 -------- d-----w- C:\Users\Default User\AppData\Local\ATI
2014-09-24 12:13:11 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\ATI
2014-09-24 12:13:11 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\ATI
2014-09-19 17:57:03 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft
====== C:\Users\cornelus079 ======
2014-09-25 13:07:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jAlbum
2014-09-25 11:31:37 -------- d-----w- C:\ProgramData\ATI
2014-09-24 12:25:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-24 12:20:27 -------- d-sh--w- C:\Users\cornelus079\IntelGraphicsProfiles
2014-09-17 17:47:00 -------- d-----w- C:\Users\cornelus079\restore
2014-09-17 17:39:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE FOTOBOEK
2014-09-13 18:06:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

====== C: exe-files ==
2014-09-29 17:18:05 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\IE\08SU7V00\RSITx64.exe
2014-09-28 19:51:54 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\cornelus079.exe
2014-09-28 19:51:39 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\IE\RWBGYPMH\RSIT.exe
2014-09-28 19:03:04 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\cornelus079.exe
2014-09-28 19:00:19 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\cornelus079\Documents\Downloads\Anti brouwser hacking RSITx64.exe
2014-09-25 12:01:38 7CA4092A339EA30DE8FF06D3FF79D6ED 749648 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.124\37.0.2062.124_37.0.2062.120_chrome_updater.exe
2014-09-24 11:43:28 E02F396387F8AA59FA7CC942638D67EE 69056 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\7E82590C-48C6-48BD-9DBB-BDCC68C3CBB8\BaofengUpdate.exe
2014-09-24 11:43:28 1608D54DC69EA7E763CDAB78F71CAFD6 1856512 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\7E82590C-48C6-48BD-9DBB-BDCC68C3CBB8\UninstallManager.exe
2014-09-24 11:43:26 0072CC9A1C54797FFF331CCE5D9B542C 285271 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\n7617\VOPackage.exe
2014-09-24 11:43:19 46715B6176CB0DE8300EDB7AC62E12E4 723832 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\n7617\webssearches_1209-c61a659a.exe
2014-09-24 11:43:19 04D02D6F85C6025B55F570746884922B 225280 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\7E82590C-48C6-48BD-9DBB-BDCC68C3CBB8\DToolZip.exe
2014-09-24 11:42:59 44266BC75FD10E8349724EB6047E91DA 345600 ----atw- C:\Users\cornelus079\AppData\Local\Temp\n7617\s7617.exe
2014-09-24 11:41:30 605C9CD0C2B8EA3B52B78C21E8DA23A4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-712390581-301366571-662445749-1002\$IPR73JC.exe
2014-09-24 11:40:09 516E7F0F5A9FFECD09573C71AD626635 25761408 ----a-w- C:\$Recycle.Bin\S-1-5-21-712390581-301366571-662445749-1002\$RPR73JC.exe
2014-09-24 11:39:41 24C9B99D084E8D47662B514018BCB2F7 5671272 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\n6817\pcspeedup.exe
2014-09-24 11:39:19 57FD4A179DDB021369DE5A9DD7BBD27C 2267040 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\n6817\WIE_2.15.2.4.exe
2014-09-24 11:38:54 DE5C4ED5BA45ABADBCC0861912FE89A1 351280 ----atw- C:\Users\cornelus079\AppData\Local\Temp\n6817\s6817.exe
=== C: other files ==
2014-09-29 17:12:11 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\cornelus079\AppData\LocalLow\Microsoft\Silverlight\OutOfBrowser\index\res2.windows.microsoft.com
2014-09-25 11:30:54 CB136B267569A62EF63D798BC90ABD5A 144 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-09-24 12:20:17 3BC10FA856911EAE5FE7CD700FE137B5 451 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-09-24 12:13:33 8A375CB3B6D1A56A2AEEE72A5F1D0926 36096 ----a-w- C:\Windows\System32\drivers\amdkmpfd.sys
2014-09-24 12:13:33 8A375CB3B6D1A56A2AEEE72A5F1D0926 36096 ----a-w- C:\Program Files\AMD\amdkmpfd\amdkmpfd.sys
2014-09-24 12:09:45 87F3713E620F62D243A82B3CB66CBDDE 2498880 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-09-24 12:09:43 329FEB41BBE82FBBD9BD69547BA1CB82 428864 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-09-24 12:09:36 A1864B6F524DAFAB750C613467E43515 4148736 ----a-w- C:\Windows\System32\win32k.sys
2014-09-24 11:43:29 549B799D28C33D58BEFFEB3FC5E8590F 169568 ----a-w- C:\Users\cornelus079\AppData\Local\Temp\7E82590C-48C6-48BD-9DBB-BDCC68C3CBB8\lpd#4.3.0.xpi
2014-09-24 11:43:24 F6E34FC21CD041A00350599928820657 1820558 ----a-w- C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\IE\X6BJENLU\1[1].zip
2014-09-24 11:39:56 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\cornelus079\AppData\LocalLow\Microsoft\Silverlight\OutOfBrowser\index\www.pcspeedup.com

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe -stealth"
"CAHeadless"="C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #0"="C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #0"="C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"Family Tree Builder Update"="C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe"
"CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"UpdatePDRShortCut"="C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\PowerDirector UpdateWithCreateOnce Software\CyberLink\PowerDirector\7.0"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS5.5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe -launchedbylogin"
"IJNetworkScanUtility"="C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"
"VideoDownloadConverter Search Scope Monitor"="C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe /m=2 /w /h"
"VideoDownloadConverter_4z Browser Plugin Loader"="C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe -stealth"
"CAHeadless"="C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe"
"SmartAudio"="C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0+ /dne /s"
"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp"
"ETDCtrl"="C:\Program Files\Elantech\ETDCtrl.exe"

==== Startup Folders ======================

2012-11-16 20:10:28 1099 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hueyTray.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27-11-2012 19:45]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27-11-2012 19:45]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\WINDOWS\SysNative\tasks\4807" [wscript.exe C:\Users\CORNEL~1\AppData\Local\Temp\launchie.vbs //B]
"C:\WINDOWS\SysNative\tasks\AdobeAAMUpdater-1.0-Gerard-Dell2-cornelus079" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\My Dell\sessionchecker.exe"]
"C:\WINDOWS\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\My Dell\uaclauncher.exe"]
"C:\WINDOWS\SysNative\tasks\PCDoctorBackgroundMonitorTask-Retry" ["C:\Program Files\My Dell\uaclauncher.exe"]
"C:\WINDOWS\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{76A2E738-A0EB-4217-BDB4-D9AFA9EF1B61}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2014-09-25 11:31:37 -------- d-----w- C:\PROGRA~3\ATI

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"faststartff@gmail.com"="C:\Users\cornelus079\AppData\Roaming\Mozilla\Firefox\Profiles\nnlq6flk.default\extensions\faststartff@gmail.com" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\CORNEL~1\AppData\Roaming\Mozilla\Firefox\Profiles\nnlq6flk.default
- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\cornelus079\AppData\Roaming\Mozilla\Firefox\Profiles\nnlq6flk.default
77B8694352764F6079A2332FAD7FD426 - C:\Users\cornelus079\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
2147C8ED020B1CE3B82BBDD3C49C8F81 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll - WacomTabletPlugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaaojmikegpiepcfdkkjaplodkpfmlo - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX\ToolbarCR.crx[]
fheoggkfdfchfphceeifdbepaooicaho - No path found[]

Ask Toolbar - cornelus079\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
YouTube - cornelus079\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - cornelus079\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - cornelus079\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - cornelus079\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\cornelus079\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://istart.webssearches.com/?type=hp&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492",
"startup_urls": [ "http://istart.webssearches.com/?type=hp&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492" ],


==== Chromium Fix ======================

C:\Users\cornelus079\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492&q={searchTerms}"
"Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492"
"Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492&q={searchTerms}"
"Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492"
"Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492&q={searchTerms}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0F1FACF4-73C0-43F8-BC7C-5B3638811256}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{0F1FACF4-73C0-43F8-BC7C-5B3638811256} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully
HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{48586425-6bb7-4f51-8dc6-38c88e3ebb58} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\faststartff@gmail.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\cornelus079\Desktop\Albelli.lnk - C:\Users\cornelus079\AppData\Local\Albelli Fotoboeken\apc.exe
C:\Users\cornelus079\Desktop\Audiograbber.lnk - C:\audiograbber\audiograbber.exe
C:\Users\cornelus079\Desktop\CyberLink PowerDirector.lnk - C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
C:\Users\cornelus079\Desktop\Desktop (2).lnk - C:\Users\cornelus079\Desktop
C:\Users\cornelus079\Desktop\Desktop.lnk - C:\Users\cornelus079\Desktop
C:\Users\cornelus079\Desktop\GenDaLim6.lnk - C:\Users\cornelus079\AppData\Roaming\Microsoft\Installer\{61D804CB-66B6-46CB-B55E-333084CCA99B}\_530c44a.exe
C:\Users\cornelus079\Desktop\GenDaLim7.lnk - C:\Users\cornelus079\AppData\Roaming\Microsoft\Installer\{56693A2D-F918-46CD-8F13-BAA4E5FA1089}\_2b47526e.exe
C:\Users\cornelus079\Desktop\Green Free Video Converter.lnk - C:\Program Files (x86)\FreeVideoConverter\GreenFreeVideoConverter.exe
C:\Users\cornelus079\Desktop\MyHeritage Family Tree Builder.lnk - C:\Program Files (x86)\MyHeritage\Bin\MyHeritage.exe
C:\Users\cornelus079\Desktop\Prisma Engels - Nederlands.lnk - C:\Program Files (x86)\Prisma\E-N\Prisma.exe
C:\Users\cornelus079\Desktop\Prisma Nederlands - Engels.lnk - C:\Program Files (x86)\Prisma\N-E\Prisma.exe
C:\Users\cornelus079\Desktop\Sonic game 1.lnk - C:\Users\cornelus079\AppData\Local\FunnyGames\sonic_game_1\sonic_game_1.exe --fromdesktop
C:\Users\cornelus079\Desktop\Synology Assistant.lnk - C:\Program Files (x86)\Synology Assistant\DSAssistant.exe
C:\Users\Default\Desktop\CyberLink PowerDirector.lnk - C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
C:\Users\Default User\Desktop\CyberLink PowerDirector.lnk - C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
C:\Users\GerardWJ\Desktop\Audiograbber.lnk - C:\audiograbber\audiograbber.exe
C:\Users\GerardWJ\Desktop\CyberLink PowerDirector.lnk - C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2012.lnk - C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012.exe
C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2013.lnk - C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013.exe
C:\Users\Public\Desktop\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --appletID=HomePanel_BL --appletVersion=1.0
C:\Users\Public\Desktop\Adobe Photoshop Elements 10.lnk - C:\Program Files (x86)\Adobe\Elements 10 Organizer\Photoshop Elements 10.0.exe
C:\Users\Public\Desktop\Adobe Premiere Elements 10.lnk - C:\Program Files (x86)\Adobe\Adobe Premiere Elements 10\Adobe Premiere Elements 10.exe
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Canon IJ Network Tool.lnk - C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE
C:\Users\Public\Desktop\Canon MG6100 series Online handleiding.lnk - C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe "C:\PROGRAM FILES (X86)\Canon\IJ Manual\CANON MG6100 SERIES\Dutch\Info.egv"
C:\Users\Public\Desktop\Canon Solution Menu EX.lnk - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Users\Public\Desktop\CEWE FOTOBOEK.lnk - C:\Program Files\CEWEFOTOBOEK\CEWE FOTOBOEK\CEWE FOTOBOEK.exe
C:\Users\Public\Desktop\Digital Photo Professional.lnk - C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe
C:\Users\Public\Desktop\EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
C:\Users\Public\Desktop\Fotoshow.lnk - C:\Program Files (x86)\Fotoservice\Kruidvat fotoservice\Fotoshow.exe
C:\Users\Public\Desktop\Garmin Express.lnk - C:\Program Files (x86)\Garmin\Express\Express.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
C:\Users\Public\Desktop\huey Quick Start Guide.lnk - C:\Program Files (x86)\Pantone\huey\hueyQSG.pdf
C:\Users\Public\Desktop\huey.lnk - C:\Program Files (x86)\Pantone\huey\huey.exe
C:\Users\Public\Desktop\Image Rescue 5.lnk - C:\Program Files (x86)\Image Rescue 5\Image Rescue 5.exe
C:\Users\Public\Desktop\Intel Turbo Boost Technologie monitor 2.0.lnk -
C:\Users\Public\Desktop\jAlbum.lnk - C:\Program Files (x86)\jAlbum\jAlbum.exe
C:\Users\Public\Desktop\Kruidvat fotoservice.lnk - C:\Program Files (x86)\Fotoservice\Kruidvat fotoservice\Kruidvat fotoservice.exe
C:\Users\Public\Desktop\Lightroom 5.6 64-bit.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
C:\Users\Public\Desktop\McAfee Security Center.lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon /platui
C:\Users\Public\Desktop\MediaMonkey.lnk - C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
C:\Users\Public\Desktop\Pavtube FLV-F4V Converter.lnk - C:\Program Files (x86)\Pavtube\Pavtube FLV-F4V Converter\avconverter.exe
C:\Users\Public\Desktop\Picture Style Editor.lnk - C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
C:\Users\Public\Desktop\Synology Data Replicator 3.lnk - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe
C:\Users\Public\Desktop\ZoomBrowser EX.lnk - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe

==== shortcuts in Users Start Menu ======================

C:\Users\cornelus079\AppData\Roaming\Microsoft\Windows\Start Menu\GenDaWin\GenDaLim7.lnk - C:\Users\cornelus079\AppData\Roaming\Microsoft\Installer\{56693A2D-F918-46CD-8F13-BAA4E5FA1089}\_66e64629.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
C:\Users\cornelus079\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli Fotoboeken\Albelli Fotoboeken.lnk - C:\Users\cornelus079\AppData\Local\Albelli Fotoboeken\apc.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerXpress.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Dashboard SingleAspectPage LeafName=Leaf_PowerXpress
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Help.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Help -help
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE FOTOBOEK\CEWE FOTOBOEK Uninstall.lnk - C:\Program Files (x86)\CEWEFOTOBOEK\CEWE FOTOBOEK\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE FOTOBOEK\CEWE FOTOBOEK.lnk - C:\Program Files\CEWEFOTOBOEK\CEWE FOTOBOEK\CEWE FOTOBOEK.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEWE FOTOBOEK\CEWE FOTOSHOW.lnk - C:\Program Files\CEWEFOTOBOEK\CEWE FOTOBOEK\CEWE FOTOSHOW.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk - C:\Program Files (x86)\Garmin\Express\Express.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee SecurityCenter.lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon /platui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey Lees-mij.lnk - C:\Program Files (x86)\MediaMonkey\readme.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey op het Web.lnk - C:\Program Files (x86)\MediaMonkey\MediaMonkey.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\MediaMonkey.lnk - C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey\Verwijder MediaMonkey.lnk - C:\Program Files (x86)\MediaMonkey\unins000.exe

==== shortcuts in Quick Launch ======================

C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE /recycle
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Bridge CC (64bit).lnk - C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CC 2014.lnk - C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Lightroom 5.6 64-bit.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\cornelus079\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:56708;https=127.0.0.1:56708"
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam deleted successfully

==== HijackThis Entries ======================

R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [AdobeBridge] "C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe" -stealth
O4 - HKCU\..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\cornelus079\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #0] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed (User 'Default user')
O4 - Global Startup: hueyTray.lnk = C:\Program Files (x86)\Pantone\huey\hueyTray.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: View EXIF - C:\ViewEXIF\EXIF.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - https://support.dell.com/systemprofiler/SysProExe.CAB
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Intel Centrino Wireless Bluetooth + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Rapid Storage Technologie (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\WINDOWS\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\Windows\SysWOW64\Tablet.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\cornelus079\AppData\Local\Mozilla\Firefox\Profiles\nnlq6flk.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\cornelus079\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=519 folders=216 151583052 bytes)

==== Empty Temp Folders ======================

C:\Users\cornelus079\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\CORNEL~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\VideoDownloadConverter_4z" not found

==== EOF on ma 29-09-2014 at 20:02:41,55 ======================


M.vr.gr.

Gerard
 
Hallo,

Zoek.exe heeft al een hoop malware/adware verwijderd daarom duurden het zolang.

Schakel uw antivirussoftware tijdelijk uit en start Zoek.exe
51a612a8b27e2-Zoek.png
nogmaals. (voor meer informatie kunt u deze handleiding raadplegen)

  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
    Code: 
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run];r
"VideoDownloadConverter Search Scope Monitor"=-;r
"VideoDownloadConverter_4z Browser Plugin Loader"=-;r
"ApnTBMon"=-;r
CHRdefaults;
{93a3111f-4f74-4ed8-895e-d9708497629e};c
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Voeg nu het geopende logbestand in het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)



Download
51a46ae42d560-malwarebytes_anti_malware.png
MalwareBytes Anti-Malware bij voorkeur naar het bureaublad.

  • Dubbelklik op mbam-setup-2.0.exe om de installatie van Malwarebytes Anti-Malware te starten.
  • Volg de verdere aanwijzingen, de volledige installatieprocedure kunt u nalezen op de volgende link - Malwarebytes Anti-Malware installeren.
  • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
  • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
  • De scan wordt nu automatisch gestart, gebruik de computer bij voorkeur niet tijdens de scan.
  • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
    • Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
    • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
    • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
  • Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
    • Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
    • Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
    • Selecteer het laatste Scanlogboek en klik op de knop Bekijk.
    • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
    • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
    • Voeg het logbestand wat u zojuist heeft opgeslagen toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in Malwarebytes Anti-Malware bij Historie > Programmalogboeken)

532aab157609a-MBAM-Scan.png
 
Hallo Abb's
Hier is Het log bestand.
Ik vind het resultaat tot nu toe geweldig. Niet alleen het genoemde probleem is weg maar ook mijn probleem met "catalyst control center" dat niet meer goed werkte en waarvoor ik een oplossing zocht. Ik ga Malware bytes nu downloaden maar eert hier het log bestand:

Running in: Normal Mode Internet Access Detected
Launched: C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\IE\RWBGYPMH\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-09-29-180241.log 75336 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-712390581-301366571-662445749-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"VideoDownloadConverter Search Scope Monitor"=-
"VideoDownloadConverter_4z Browser Plugin Loader"=-
"ApnTBMon"=-

==== Reset Google Chrome ======================

C:\Users\cornelus079\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\cornelus079\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=519 folders=216 151583052 bytes)

==== EOF on di 30-09-2014 at 16:49:47,52 ======================


M.vr.gr.

Gerard

---------- Bericht toegevoegd op 17:31 ---------- Vorige bericht was op 16:56 ----------

Hallo Abb's
Hier is het MBAM Scanlog:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30-9-2014
Scan Time: 17:01:06
Logfile: MBAM Scanlog 30-9.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.30.05
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: cornelus079

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 384262
Time Elapsed: 17 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 27
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [6568d51ed7a4da5c6abdece02dd59868],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, Quarantined, [6568d51ed7a4da5c6abdece02dd59868],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{33119133-0854-469d-807A-171568457991}, Quarantined, [b51835be9ae11e18792cc10b8b7760a0],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{03119103-0854-469d-807A-171568457991}, Quarantined, [b51835be9ae11e18792cc10b8b7760a0],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{23119123-0854-469D-807A-171568457991}, Quarantined, [b51835be9ae11e18792cc10b8b7760a0],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{23119123-0854-469D-807A-171568457991}, Quarantined, [b51835be9ae11e18792cc10b8b7760a0],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{03119103-0854-469d-807A-171568457991}, Quarantined, [b51835be9ae11e18792cc10b8b7760a0],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.SkinLauncherSettings.1, Quarantined, [b51835be9ae11e18792cc10b8b7760a0],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\VideoDownloadConverter_4z.SkinLauncherSettings, Quarantined, [b51835be9ae11e18792cc10b8b7760a0],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.SkinLauncherSettings, Quarantined, [b51835be9ae11e18792cc10b8b7760a0],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\VideoDownloadConverter_4z.SkinLauncherSettings.1, Quarantined, [b51835be9ae11e18792cc10b8b7760a0],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd, Quarantined, [d8f5d2218cefb77f7d400dc1b34f35cb],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd.1, Quarantined, [49845e9529520b2bb706d3fb15edef11],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd, Quarantined, [49845e9529520b2bb706d3fb15edef11],
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd.1, Quarantined, [49845e9529520b2bb706d3fb15edef11],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Quarantined, [fad3a54eb7c4f442168c9492a162c13f],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\VideoDownloadConverter_4z, Quarantined, [bf0e51a23942aa8cc4db4e2617ed3bc5],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\Wajam, Quarantined, [11bca251a5d669cd1b08ea8a6f95d42c],
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, Quarantined, [c00dcb280972c274886a072f06fdd828],
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE, Quarantined, [fbd203f097e453e3c18b41da12f1ac54],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@VideoDownloadConverter_4z.com/Plugin, Quarantined, [e4e96a89d4a7cc6adc0e909df40ff40c],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-712390581-301366571-662445749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, Quarantined, [b7168e65c3b887af49441742ff0542be],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-712390581-301366571-662445749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Quarantined, [7e4f9d56621902342a62b6a38381659b],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-712390581-301366571-662445749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, Quarantined, [636acd263c3f71c5da966abe93705da3],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-712390581-301366571-662445749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [c00d06ed94e7d165456ba0b9df2556aa],
PUP.Optional.BProtector.A, HKU\S-1-5-21-712390581-301366571-662445749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Quarantined, [bf0eb142017a5cda9245adaf3dc7f010],
PUP.Optional.Wajam.A, HKU\S-1-5-21-712390581-301366571-662445749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM, Quarantined, [a62751a2a6d5e94def0efd5f44c0d22e],

Registry Values: 6
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|VideoDownloadConverter Search Scope Monitor, "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h, Quarantined, [c20b559ee794c373cd01c4b62bd9748c]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|VideoDownloadConverter_4z Browser Plugin Loader, C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe, Quarantined, [309d787bf18a5fd77f4e6b0f47bd649c]
PUP.Optional.VOPackage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGE|UninstallString, "C:\Users\cornelus079\AppData\Roaming\VOPackage\uninstall.exe", Quarantined, [fbd203f097e453e3c18b41da12f1ac54]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|4zffxtbr@VideoDownloadConverter_4z.com, C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin, Quarantined, [2f9e985b85f602349112201551b2d22e]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-712390581-301366571-662445749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0L1N1H2O1S, Quarantined, [c00d06ed94e7d165456ba0b9df2556aa]
PUP.Optional.Wajam.A, HKU\S-1-5-21-712390581-301366571-662445749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id, 1401, Quarantined, [a62751a2a6d5e94def0efd5f44c0d22e]

Registry Data: 5
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://istart.webssearches.com/web/?type=ds&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492&q={searchTerms}, Good: (www.google.com), Bad: (http://istart.webssearches.com/web/?type=ds&ts=1411559011&from=slbnew&uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492&q={searchTerms}),Replaced,[b716559ec0bbd85eef8fb751a75ef50b]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492, Good: (www.google.com), Bad: (http://istart.webssearches.com/?typ...10JPVT-75A1YT0_WX81A82N6492A82N6492),Replaced,[953842b16e0dc274a1db76927d880af6]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[ffce985b3645f24403a640d2db2ade22]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[00cd8271b4c7ff378623cd45887dbf41]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-712390581-301366571-662445749-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://istart.webssearches.com/?typ...uid=WDCXWD10JPVT-75A1YT0_WX81A82N6492A82N6492, Good: (www.google.com), Bad: (http://istart.webssearches.com/?typ...10JPVT-75A1YT0_WX81A82N6492A82N6492),Replaced,[fcd1f00342391f17710c9d6bf60f857b]

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Bedankt voor de hulp.
Was dit Malwarebytes een trial versie? In hoeverre is het nuttig om dit permanent te installeren??
Nogmaals bedankt.
M.vr.gr. Gerard
 
Was dit Malwarebytes een trial versie? In hoeverre is het nuttig om dit permanent te installeren??
Klik om te vergroten...
Hier geeft ik je straks een antwoord op.

Download
536cf876403ee-AdwCleaner_Icon.png
AdwCleaner - Alternatieve downloadlink by Xplode naar het bureaublad.

AdwCleaner uitvoeren
  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op de knop Scannen.
  • Wanneer de scan gereed is Klikt u vervolgens op de knop Verwijderen.
  • Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  • Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  • Plaats dit logbestand in het volgende bericht.

Vertel er ook bij of hierna al je problemen over zijn.
 
Hallo Abb's,

Hier het gevraagde log bestand:

# AdwCleaner v3.310 - Rapport aangemaakt 30/09/2014 op 20:02:14
# Laatste Update 12/09/2014 door Xplode
# Besturingssysteem : Windows 8.1 (64 bits)
# Gebruikersnaam : cornelus079 - GERARD-DELL2
# Gestart vanuit : C:\Users\cornelus079\AppData\Local\Microsoft\Windows\INetCache\IE\08SU7V00\adwcleaner_3.310.exe
# Optie : Verwijderen

***** [ Services ] *****


***** [ Bestanden / Mappen ] *****


***** [ Taken ] *****

Taak Verwijderd : DSite

***** [ Snelkoppelingen ] *****


***** [ Register ] *****

Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Sleutel Verwijderd : HKCU\Software\f53dbd9e03cb844
Sleutel Verwijderd : HKLM\SOFTWARE\f53dbd9e03cb844
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FF48DBA6-5DD8-4D10-9EB0-0FA968502E66}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Sleutel Verwijderd : HKCU\Software\AskPartnerNetwork
Sleutel Verwijderd : HKCU\Software\dsiteproducts
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijderd : HKLM\SOFTWARE\AskPartnerNetwork
Sleutel Verwijderd : HKLM\SOFTWARE\Babylon
Sleutel Verwijderd : HKLM\SOFTWARE\Conduit
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17278

Instelling Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v31.0 (x86 nl)

[ Bestand : C:\Users\cornelus079\AppData\Roaming\Mozilla\Firefox\Profiles\nnlq6flk.default\prefs.js ]


-\\ Google Chrome v37.0.2062.124

*************************

AdwCleaner[R0].txt - [12830 octets] - [30/09/2014 19:59:52]
AdwCleaner[S0].txt - [12701 octets] - [30/09/2014 20:02:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12762 octets] ##########

M.vr.gr.
Gerard
 
Hallo,

Dat is een mooie opruiming, hoe staat het hierna met je probleem?
 
Hallo Abb's,

Sorry vergeten te vermelden. Ik merk niks meer.
Weet niet wat er allemaal gebeurd is. Heb wel gezien dat er in de registers is gesleuteld, maar wat is mij een groot raadsel.
Bedankt, bedankt, bedankt.
m.vr.gr.
Gerard
 
Hallo,

We hebben je malware/adware verwijder, zowel zichtbaar als uit je register (zoals je al zag)

Malwarebytes kan je laten staan en n maal in de week (na te hebben geupdate) je pc mee scannen.
Je mag de gratis versie behouden.

Met het onderstaande tooltje ruim je o.a. alle gebruikte tools op:

Download
51a5ce45263de-delfix.png
Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:
  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings
Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.
Mochten er nog tools of mappen overgebleven zijn dan kan je die zelf verwijderen.
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan