Mededeling

Collapse
No announcement yet.

zidanaho

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • zidanaho

    Hallo,

    Laptop van een collega, 95 infecties verwijderd.
    zouden jullie willen kijken of er nog rotzooi inzit.

    Alvast bedankt.
    Bijgevoegde Bestanden

  • #2
    Al herstart Puppie?

    Download Zoek.zip naar het bureaublad.
    1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
    2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

    • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
      Code:
      [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers];e
      torpigcheck;
      emptyclsid;
      emptyfolderscheck;delete
      firefoxlook; 
      Chromelook; 
      CHRdefaults;
      autoclean; 
      iedefaults; 
      filesrcm;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      ja laptop was al opnieuw opgestart.
      deze zoek heb ik drie keer moeten uitvoeren voordat ik een log kreeg.
      bij deze:

      Zoek.exe Version 4.0.0.5 Updated 26-October-2013
      Tool run by Compaq on di 29-10-2013 at 21:40:33,45.
      Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
      Running in: Normal Mode Internet Access Detected
      Launched: C:\Users\Compaq\Desktop\zoek\zoek.exe [Script inserted]

      ==== Older Logs ======================

      C:\zoek-results2013-10-29-195927.log 25197 bytes
      C:\zoek-results2013-10-29-203332.log 18892 bytes

      ==== Torpig Check ======================

      HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
      HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


      ==== Deleting CLSID Registry Keys ======================


      ==== Deleting CLSID Registry Values ======================


      ==== Deleting Services ======================


      ==== Registry Exports ======================

      [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers]

      [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem]
      @="{217FC9C0-3AEA-1069-A2DB-08002B30309D}"

      [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing]
      @="{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"


      ==== Registry Exports x64 ======================

      [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers]

      [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem]
      @="{217FC9C0-3AEA-1069-A2DB-08002B30309D}"

      [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing]
      @="{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"


      ==== Files Recently Created / Modified ======================

      ====== C:\Windows ====
      ====== C:\Users\Compaq\AppData\Local\Temp ====
      ====== Java Cache =====
      ====== C:\Windows\SysWOW64 =====
      2013-10-28 18:50:16 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe
      2013-10-28 18:50:01 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe
      2013-10-28 18:50:01 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
      2013-10-28 18:50:01 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe
      2013-10-22 14:15:28 5E775F0C365F01A8A7382BBEFC4A53A5 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll
      2013-10-22 14:15:28 351B1A5B8A02A59DD29D122B0D231FA6 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
      2013-10-22 14:15:27 BE8F3297A0BC3D3E3B66D9A45F64F0B9 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll
      2013-10-22 14:15:26 6E9013E3D112E26A42EC057CAE990649 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
      2013-10-22 14:15:26 58A43D9DFFF91C1457EC47BDCF969B59 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
      2013-10-22 14:15:26 556F70EDECE99CCD64C7D8897F3264F4 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll
      2013-10-22 14:15:26 122B216B091D06F672CC8D331128FB06 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll
      2013-10-22 14:15:24 E02C01EB0ED522327AFF3BE5CBCF6017 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll
      2013-10-22 14:15:24 883C0D3A22CE87A3203CD5518EBB5758 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
      2013-10-22 14:15:22 61DC3F2BE3093FE22CD717260946D7AD 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll
      2013-10-22 14:15:22 5A847E98EAF032928E67EE52DE08952D 2876928 ----a-w- C:\Windows\SysWOW64\jscript9.dll
      2013-10-22 14:15:20 DC7DB5BC0E2D135103730E08FE1C540D 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
      2013-10-22 14:15:19 E4FEB264B47360B7296AEA4E052F88D8 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll
      2013-10-22 14:15:17 8F5EAAF76A6811332A8C67DB0D4C395F 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll
      2013-10-22 14:15:11 A7221924181C8EB92B64C5A2D888BEA5 14335488 ----a-w- C:\Windows\SysWOW64\mshtml.dll
      ====== C:\Windows\SysWOW64\drivers =====
      ====== C:\Windows\Sysnative =====
      2013-10-22 14:15:28 991A9D6B797B4D7E9EB29BE1FB4B1D28 526336 ----a-w- C:\Windows\Sysnative\ieui.dll
      2013-10-22 14:15:28 990235D752A40F5F8243ED537FAB2035 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb
      2013-10-22 14:15:26 C4DDAC3F3062739C4C2BB759B36E005D 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
      2013-10-22 14:15:26 A80B91A93EDFFDE3DD2646D6E4CDDC44 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll
      2013-10-22 14:15:26 742B2C69643527763E162C0BA923D086 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll
      2013-10-22 14:15:26 4163195B6D07D3434BDEA78C293B7E0E 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
      2013-10-22 14:15:26 38CFAC1BAFEBC8B0AF8A22093803D38E 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
      2013-10-22 14:15:25 199BD40B1890E1EEFF7438B59787534F 2647552 ----a-w- C:\Windows\Sysnative\iertutil.dll
      2013-10-22 14:15:24 7B4E06047031B2AAA4AE10F00C59BFC7 855552 ----a-w- C:\Windows\Sysnative\jscript.dll
      2013-10-22 14:15:24 214E39F0A8E382F1889B26B46DE0AF81 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
      2013-10-22 14:15:23 D383602755758FA81166B0FD8AFE6D40 3959296 ----a-w- C:\Windows\Sysnative\jscript9.dll
      2013-10-22 14:15:21 882AC0DD997CFC90FBB468D698BD55C6 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll
      2013-10-22 14:15:20 16A3E229F60FA4B05573A0937AB3C3CB 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll
      2013-10-22 14:15:18 D28B35DE88D27EFB27DF4B1E8319E3C0 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll
      2013-10-22 14:15:16 CCDB8FDC289AA9AFA5F8827A2ADB21AD 15404544 ----a-w- C:\Windows\Sysnative\ieframe.dll
      2013-10-22 14:15:14 F026C6F104758D0EB215B017016FAE27 19252224 ----a-w- C:\Windows\Sysnative\mshtml.dll
      ====== C:\Windows\Sysnative\drivers =====
      2013-10-28 18:25:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
      2013-10-15 17:01:23 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
      2013-10-15 17:01:20 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys
      2013-10-15 17:01:20 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys
      2013-10-15 17:01:18 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys
      2013-10-15 17:01:18 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys
      2013-10-15 17:01:16 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
      2013-10-15 17:01:14 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
      2013-10-15 17:01:14 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
      2013-10-15 17:00:55 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
      ====== C:\Windows\Tasks ======
      2013-10-29 18:36:53 -------- d-----w- C:\Windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform
      ====== C:\Windows\Temp ======
      ======= C:\Program Files =====
      2013-10-29 18:35:05 -------- d-----w- C:\Program Files\Microsoft Office
      ======= C:\PROGRA~2 =====
      2013-10-29 18:38:50 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER
      2013-10-29 18:34:54 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services
      2013-10-28 18:53:33 -------- d-----w- C:\PROGRA~2\ESET
      2013-10-28 18:50:25 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
      2013-10-28 18:49:53 -------- d-----w- C:\PROGRA~2\Java
      ======= C: =====
      ====== C:\Users\Compaq\AppData\Roaming ======
      2013-10-29 20:33:32 -------- d-----w- C:\Users\Compaq\AppData\Local\Temp
      2013-10-29 20:05:15 1CF71AE137372A20E11832E6E763900A 240520 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
      2013-10-29 18:34:16 -------- d-----w- C:\Users\Compaq\AppData\Local\Microsoft Help
      2013-10-28 20:48:15 -------- d-----w- C:\Users\Thomas\AppData\Roaming\AVG2014
      2013-10-28 20:48:05 -------- d-----w- C:\Users\Thomas\AppData\Local\Avg2014
      2013-10-28 18:49:19 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Sun
      2013-10-28 18:41:34 34B1712E63990C1C49E74C8A3E076A55 83864 ----a-w- C:\Windows\SysNative\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
      2013-10-28 18:25:08 -------- d-----w- C:\Users\Compaq\AppData\Local\Programs
      2013-10-28 17:46:11 -------- d-----w- C:\Users\Compaq\AppData\Roaming\AVG2014
      2013-10-28 17:44:18 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014
      2013-10-28 17:42:32 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014
      2013-10-28 17:28:44 -------- d-----w- C:\Users\Compaq\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
      2013-10-15 16:44:52 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014
      2013-10-15 16:42:24 -------- d-----w- C:\Users\Compaq\AppData\Local\Avg2014
      ====== C:\Users\Compaq ======
      2013-10-29 18:40:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
      2013-10-29 18:17:44 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Compaq\Desktop\so6clmmb.exe
      2013-10-29 18:16:04 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Compaq\Desktop\dds.com
      2013-10-28 18:50:25 -------- d-----w- C:\ProgramData\Sun
      2013-10-28 18:50:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
      2013-10-28 18:50:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
      2013-10-28 18:24:03 B3791119229024BEC5BCC6DEF5486732 27837368 ----a-w- C:\Users\Compaq\Downloads\SUPERAntiSpyware.exe
      2013-10-28 18:23:27 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Compaq\Downloads\mbam-setup-1.75.0.1300.exe
      2013-10-28 17:38:37 -------- d-----w- C:\ProgramData\AVG2014
      2013-10-27 16:10:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

      ====== C: exe-files ==
      2013-10-29 18:17:44 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Compaq\Desktop\so6clmmb.exe
      2013-10-28 18:53:33 CE0D0B11986FD2C0247AE88A59B36A6E 579904 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
      2013-10-28 18:53:33 BDB7D97012F9B3102DB72AA76A24942A 546944 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
      2013-10-28 18:53:33 7C9EEC809FB9CDA26EFC245C001EA980 2347384 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
      2013-10-28 18:53:33 7ABF8849E76732C357F419B1AF5668F2 546944 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
      2013-10-28 18:53:33 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
      2013-10-28 18:49:56 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe
      2013-10-28 18:49:56 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
      2013-10-28 18:49:56 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
      2013-10-28 18:49:56 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe
      2013-10-28 18:49:56 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
      2013-10-28 18:49:56 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
      2013-10-28 18:49:56 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe
      2013-10-28 18:49:56 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe
      2013-10-28 18:49:56 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe
      2013-10-28 18:49:55 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
      2013-10-28 18:49:55 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe
      2013-10-28 18:49:55 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe
      2013-10-28 18:49:55 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
      2013-10-28 18:49:55 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe
      2013-10-28 18:49:55 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
      2013-10-28 18:49:55 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe
      2013-10-28 18:49:55 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
      2013-10-28 18:49:55 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe
      2013-10-28 18:49:55 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe
      2013-10-28 18:49:55 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe
      2013-10-28 18:49:55 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
      2013-10-28 18:24:03 B3791119229024BEC5BCC6DEF5486732 27837368 ----a-w- C:\Users\Compaq\Downloads\SUPERAntiSpyware.exe
      2013-10-28 18:23:27 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Compaq\Downloads\mbam-setup-1.75.0.1300.exe
      === C: other files ==
      2013-10-29 18:16:04 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Compaq\Desktop\dds.com
      2013-10-28 18:49:56 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip
      2013-10-28 18:25:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

      ==== Folders in C:\ProgramData 0-6 Months Old ======================

      2013-06-23 14:08:43 -------- d-----w- C:\ProgramData\InstallShield
      2013-10-28 17:38:37 -------- d-----w- C:\ProgramData\AVG2014
      2013-10-28 18:25:26 -------- d-----w- C:\ProgramData\Malwarebytes
      2013-10-28 18:50:25 -------- d-----w- C:\ProgramData\Sun

      ==== Firefox Extensions Registry ======================

      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
      "{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [14-04-2010 15:50]

      ==== Chrome Look ======================

      Google Drive - Christina - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
      YouTube - Christina - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      Google Search - Christina - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      Gmail - Christina - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
      Google Docs - Compaq - Default\Extensions\aohghmighlieiainnegkcijnfilokake
      Google Drive - Compaq - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
      YouTube - Compaq - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      Google Search - Compaq - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      Chrome In-App Payments service - Compaq - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
      Gmail - Compaq - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
      Google Drive - Thomas - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
      YouTube - Thomas - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      Google Search - Thomas - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      Chrome In-App Payments service - Thomas - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
      Gmail - Thomas - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ==== Set IE to Default ======================

      Old Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://nl.msn.com/?pc=UP22&ocid=UP22DHP&dt=012713"

      New Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://nl.msn.com/?pc=UP22&ocid=UP22DHP&dt=012713"

      ==== All HKCU SearchScopes ======================

      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
      "DefaultScope"="{28F3E7C2-BD23-4637-BB47-26FBC717C46E}"
      {28F3E7C2-BD23-4637-BB47-26FBC717C46E} Bing Url="http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox"
      {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"

      ==== Reset Google Chrome ======================

      C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
      C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

      ==== Empty IE Cache ======================

      C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Christina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Christina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
      C:\Users\Christina\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Christina\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
      C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
      C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
      C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0GO4P9TL will be deleted at reboot

      ==== Empty FireFox Cache ======================

      No FireFox Profiles found

      ==== Empty Chrome Cache ======================

      C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
      C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
      C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

      ==== Empty All Flash Cache ======================

      Flash Cache Emptied Successfully

      ==== Empty All Java Cache ======================

      Java Cache cleared successfully

      ==== After Reboot ======================

      ==== Empty Temp Folders ======================

      C:\Windows\Temp successfully emptied
      C:\Users\Compaq\AppData\Local\Temp successfully emptied

      ==== Empty Recycle Bin ======================

      C:\$RECYCLE.BIN successfully emptied

      ==== Deleting Files / Folders ======================

      "C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4LP4JSZR" not found
      "C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8EYZ4LPK" not found
      "C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0GO4P9TL" not found

      ==== EOF on di 29-10-2013 at 22:04:28,26 ======================

      Comment


      • #4
        Kan je eens kijken of je die twee andere uitslagen nog kan vinden ?
        C:\zoek-results2013-10-29-195927.log 25197 bytes
        C:\zoek-results2013-10-29-203332.log 18892 bytes

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Zoek.exe Version 4.0.0.5 Updated 26-October-2013
          Tool run by Compaq on di 29-10-2013 at 20:35:06,21.
          Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
          Running in: Normal Mode Internet Access Detected
          Launched: C:\Users\Compaq\Desktop\zoek\zoek.exe [Script inserted]

          ==== System Restore Info ======================

          29-10-2013 20:36:24 Zoek.exe System Restore Point Created Succesfully.

          ==== Torpig Check ======================

          HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
          HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


          ==== Empty Folders Check ======================

          C:\ProgramData\Oracle deleted successfully
          C:\ProgramData\Systweak deleted successfully
          C:\Users\Compaq\AppData\Roaming\Systweak deleted successfully
          C:\Users\Thomas\AppData\Local\VirtualStore deleted successfully

          ==== Deleting CLSID Registry Keys ======================

          HKEY_USERS\S-1-5-21-1058838154-3662056880-2109001512-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
          HKEY_USERS\S-1-5-21-1058838154-3662056880-2109001512-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
          HKEY_USERS\S-1-5-21-1058838154-3662056880-2109001512-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
          HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

          ==== Deleting CLSID Registry Values ======================

          HKEY_USERS\S-1-5-21-1058838154-3662056880-2109001512-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
          HKEY_USERS\S-1-5-21-1058838154-3662056880-2109001512-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

          ==== Deleting Services ======================

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.0.12 deleted successfully
          HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater17.0.12 deleted successfully

          ==== Deleting Files \ Folders ======================

          C:\PROGRA~2\MyPC Backup deleted
          C:\Users\Christina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted
          C:\ProgramData\AVG Secure Search deleted
          C:\Users\Christina\AppData\Local\iLivid deleted
          C:\Users\Christina\AppData\Local\AVG Secure Search deleted
          C:\Users\Compaq\AppData\Local\AVG Secure Search deleted
          C:\Users\Thomas\AppData\Local\AVG Secure Search deleted
          C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector deleted
          C:\Windows\SysNative\roboot64.exe deleted
          C:\Windows\SysNative\sasnative64.exe deleted
          C:\Users\Christina\AppData\LocalLow\SweetIM deleted
          C:\Users\Christina\AppData\LocalLow\AVG Secure Search deleted
          C:\Users\Compaq\AppData\LocalLow\AVG Secure Search deleted
          C:\Users\Thomas\AppData\LocalLow\SweetIM deleted
          C:\Users\Thomas\AppData\LocalLow\AVG Secure Search deleted
          C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
          C:\windows\SysNative\Tasks\Advanced System Protector deleted
          C:\windows\SysNative\Tasks\Advanced System Protector_startup deleted
          C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job deleted
          C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
          C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv deleted
          C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
          "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted
          "C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted
          "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll" deleted
          "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.0.12\log4cplusU.dll" deleted
          "C:\PROGRA~2\AVG Secure Search" deleted
          "C:\PROGRA~2\AVG Secure Search" deleted
          "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
          "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted
          "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted
          "C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.0.12" deleted
          "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.0.12" deleted

          ==== Registry Exports ======================

          [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers]

          [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem]
          @="{217FC9C0-3AEA-1069-A2DB-08002B30309D}"

          [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing]
          @="{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"


          ==== Registry Exports x64 ======================

          [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers]

          [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem]
          @="{217FC9C0-3AEA-1069-A2DB-08002B30309D}"

          [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing]
          @="{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"


          ==== Files Recently Created / Modified ======================

          ====== C:\Windows ====
          ====== C:\Users\Compaq\AppData\Local\Temp ====
          2013-10-28 17:29:08 40395C175553CB14D2050888EFCCDF00 4961800 ----a-w- C:\Users\Compaq\AppData\Local\Temp\vcredist_x64.exe
          2013-10-28 17:28:53 858D895AD40DE9779E78C39A116F9553 10355400 ----a-w- C:\Users\Compaq\AppData\Local\Temp\BackupSetup.exe
          2013-10-28 17:28:12 0B18480A1813A3A817CD8C6F3B2A49C0 4396440 ----a-w- C:\Users\Compaq\AppData\Local\Temp\is266438442\585320_stp.EXE
          ====== Java Cache =====
          2013-10-28 18:51:18 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Compaq\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-21d43838
          2013-10-28 18:51:13 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Compaq\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-53b5c8b6
          2013-10-28 18:51:13 CE4FEF03E7784ECFA9CCC2FE55AFFE8A 99 ----a-w- C:\Users\Compaq\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap
          2013-10-28 18:51:12 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Compaq\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-73d21557
          2013-10-29 18:15:22 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Compaq\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-30ffceb2
          2013-10-28 18:51:13 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Compaq\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-3a899ade
          ====== C:\Windows\SysWOW64 =====
          2013-10-28 18:50:16 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe
          2013-10-28 18:50:01 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe
          2013-10-28 18:50:01 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
          2013-10-28 18:50:01 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe
          2013-10-22 14:15:28 5E775F0C365F01A8A7382BBEFC4A53A5 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll
          2013-10-22 14:15:28 351B1A5B8A02A59DD29D122B0D231FA6 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
          2013-10-22 14:15:27 BE8F3297A0BC3D3E3B66D9A45F64F0B9 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll
          2013-10-22 14:15:26 6E9013E3D112E26A42EC057CAE990649 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
          2013-10-22 14:15:26 58A43D9DFFF91C1457EC47BDCF969B59 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
          2013-10-22 14:15:26 556F70EDECE99CCD64C7D8897F3264F4 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll
          2013-10-22 14:15:26 122B216B091D06F672CC8D331128FB06 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll
          2013-10-22 14:15:24 E02C01EB0ED522327AFF3BE5CBCF6017 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll
          2013-10-22 14:15:24 883C0D3A22CE87A3203CD5518EBB5758 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
          2013-10-22 14:15:22 61DC3F2BE3093FE22CD717260946D7AD 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll
          2013-10-22 14:15:22 5A847E98EAF032928E67EE52DE08952D 2876928 ----a-w- C:\Windows\SysWOW64\jscript9.dll
          2013-10-22 14:15:20 DC7DB5BC0E2D135103730E08FE1C540D 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
          2013-10-22 14:15:19 E4FEB264B47360B7296AEA4E052F88D8 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll
          2013-10-22 14:15:17 8F5EAAF76A6811332A8C67DB0D4C395F 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll
          2013-10-22 14:15:11 A7221924181C8EB92B64C5A2D888BEA5 14335488 ----a-w- C:\Windows\SysWOW64\mshtml.dll
          ====== C:\Windows\SysWOW64\drivers =====
          ====== C:\Windows\Sysnative =====
          2013-10-22 14:15:28 991A9D6B797B4D7E9EB29BE1FB4B1D28 526336 ----a-w- C:\Windows\Sysnative\ieui.dll
          2013-10-22 14:15:28 990235D752A40F5F8243ED537FAB2035 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb
          2013-10-22 14:15:26 C4DDAC3F3062739C4C2BB759B36E005D 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
          2013-10-22 14:15:26 A80B91A93EDFFDE3DD2646D6E4CDDC44 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll
          2013-10-22 14:15:26 742B2C69643527763E162C0BA923D086 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll
          2013-10-22 14:15:26 4163195B6D07D3434BDEA78C293B7E0E 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
          2013-10-22 14:15:26 38CFAC1BAFEBC8B0AF8A22093803D38E 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
          2013-10-22 14:15:25 199BD40B1890E1EEFF7438B59787534F 2647552 ----a-w- C:\Windows\Sysnative\iertutil.dll
          2013-10-22 14:15:24 7B4E06047031B2AAA4AE10F00C59BFC7 855552 ----a-w- C:\Windows\Sysnative\jscript.dll
          2013-10-22 14:15:24 214E39F0A8E382F1889B26B46DE0AF81 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
          2013-10-22 14:15:23 D383602755758FA81166B0FD8AFE6D40 3959296 ----a-w- C:\Windows\Sysnative\jscript9.dll
          2013-10-22 14:15:21 882AC0DD997CFC90FBB468D698BD55C6 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll
          2013-10-22 14:15:20 16A3E229F60FA4B05573A0937AB3C3CB 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll
          2013-10-22 14:15:18 D28B35DE88D27EFB27DF4B1E8319E3C0 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll
          2013-10-22 14:15:16 CCDB8FDC289AA9AFA5F8827A2ADB21AD 15404544 ----a-w- C:\Windows\Sysnative\ieframe.dll
          2013-10-22 14:15:14 F026C6F104758D0EB215B017016FAE27 19252224 ----a-w- C:\Windows\Sysnative\mshtml.dll
          ====== C:\Windows\Sysnative\drivers =====
          2013-10-28 18:25:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
          2013-10-15 17:01:23 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
          2013-10-15 17:01:20 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys
          2013-10-15 17:01:20 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys
          2013-10-15 17:01:18 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys
          2013-10-15 17:01:18 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys
          2013-10-15 17:01:16 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
          2013-10-15 17:01:14 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
          2013-10-15 17:01:14 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
          2013-10-15 17:00:55 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
          ====== C:\Windows\Tasks ======
          2013-10-29 18:36:53 -------- d-----w- C:\Windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform
          ====== C:\Windows\Temp ======
          ======= C:\Program Files =====
          2013-10-29 18:35:05 -------- d-----w- C:\Program Files\Microsoft Office
          ======= C:\PROGRA~2 =====
          2013-10-29 18:38:50 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER
          2013-10-29 18:34:54 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services
          2013-10-28 18:53:33 -------- d-----w- C:\PROGRA~2\ESET
          2013-10-28 18:50:25 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
          2013-10-28 18:49:53 -------- d-----w- C:\PROGRA~2\Java
          ======= C: =====
          ====== C:\Users\Compaq\AppData\Roaming ======
          2013-10-29 18:34:16 -------- d-----w- C:\Users\Compaq\AppData\Local\Microsoft Help
          2013-10-28 20:48:15 -------- d-----w- C:\Users\Thomas\AppData\Roaming\AVG2014
          2013-10-28 20:48:05 -------- d-----w- C:\Users\Thomas\AppData\Local\Avg2014
          2013-10-28 18:49:19 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Sun
          2013-10-28 18:41:34 34B1712E63990C1C49E74C8A3E076A55 83864 ----a-w- C:\Windows\SysNative\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
          2013-10-28 18:25:08 -------- d-----w- C:\Users\Compaq\AppData\Local\Programs
          2013-10-28 17:46:11 -------- d-----w- C:\Users\Compaq\AppData\Roaming\AVG2014
          2013-10-28 17:44:18 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014
          2013-10-28 17:42:32 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014
          2013-10-28 17:28:44 -------- d-----w- C:\Users\Compaq\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
          2013-10-15 16:44:52 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014
          2013-10-15 16:42:24 -------- d-----w- C:\Users\Compaq\AppData\Local\Avg2014
          ====== C:\Users\Compaq ======
          2013-10-29 18:40:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
          2013-10-29 18:17:44 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Compaq\Desktop\so6clmmb.exe
          2013-10-29 18:16:04 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Compaq\Desktop\dds.com
          2013-10-28 18:50:25 -------- d-----w- C:\ProgramData\Sun
          2013-10-28 18:50:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
          2013-10-28 18:50:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
          2013-10-28 18:24:03 B3791119229024BEC5BCC6DEF5486732 27837368 ----a-w- C:\Users\Compaq\Downloads\SUPERAntiSpyware.exe
          2013-10-28 18:23:27 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Compaq\Downloads\mbam-setup-1.75.0.1300.exe
          2013-10-28 17:38:37 -------- d-----w- C:\ProgramData\AVG2014
          2013-10-27 16:10:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

          ====== C: exe-files ==
          2013-10-29 18:17:44 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Compaq\Desktop\so6clmmb.exe
          2013-10-28 18:53:33 CE0D0B11986FD2C0247AE88A59B36A6E 579904 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
          2013-10-28 18:53:33 BDB7D97012F9B3102DB72AA76A24942A 546944 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
          2013-10-28 18:53:33 7C9EEC809FB9CDA26EFC245C001EA980 2347384 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
          2013-10-28 18:53:33 7ABF8849E76732C357F419B1AF5668F2 546944 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
          2013-10-28 18:53:33 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
          2013-10-28 18:49:56 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe
          2013-10-28 18:49:56 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
          2013-10-28 18:49:56 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
          2013-10-28 18:49:56 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe
          2013-10-28 18:49:56 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
          2013-10-28 18:49:56 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
          2013-10-28 18:49:56 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe
          2013-10-28 18:49:56 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe
          2013-10-28 18:49:56 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe
          2013-10-28 18:49:55 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
          2013-10-28 18:49:55 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe
          2013-10-28 18:49:55 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe
          2013-10-28 18:49:55 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
          2013-10-28 18:49:55 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe
          2013-10-28 18:49:55 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
          2013-10-28 18:49:55 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe
          2013-10-28 18:49:55 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
          2013-10-28 18:49:55 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe
          2013-10-28 18:49:55 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe
          2013-10-28 18:49:55 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe
          2013-10-28 18:49:55 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
          2013-10-28 18:24:03 B3791119229024BEC5BCC6DEF5486732 27837368 ----a-w- C:\Users\Compaq\Downloads\SUPERAntiSpyware.exe
          2013-10-28 18:23:27 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Compaq\Downloads\mbam-setup-1.75.0.1300.exe
          2013-10-28 17:29:08 40395C175553CB14D2050888EFCCDF00 4961800 ----a-w- C:\Users\Compaq\AppData\Local\Temp\vcredist_x64.exe
          2013-10-28 17:28:53 858D895AD40DE9779E78C39A116F9553 10355400 ----a-w- C:\Users\Compaq\AppData\Local\Temp\BackupSetup.exe
          2013-10-28 17:28:12 0B18480A1813A3A817CD8C6F3B2A49C0 4396440 ----a-w- C:\Users\Compaq\AppData\Local\Temp\is266438442\585320_stp.EXE
          === C: other files ==
          2013-10-29 19:34:24 90A594537C3731C9A3AB3B540868B60B 346 ----a-w- C:\Users\Compaq\AppData\Local\Temp\drives.vbs
          2013-10-29 18:16:04 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Compaq\Desktop\dds.com
          2013-10-28 18:49:56 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip
          2013-10-28 18:25:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

          ==== Folders in C:\ProgramData 0-6 Months Old ======================

          2013-06-23 14:08:43 -------- d-----w- C:\ProgramData\InstallShield
          2013-10-28 17:38:37 -------- d-----w- C:\ProgramData\AVG2014
          2013-10-28 18:25:26 -------- d-----w- C:\ProgramData\Malwarebytes
          2013-10-28 18:50:25 -------- d-----w- C:\ProgramData\Sun

          ==== Firefox Extensions Registry ======================

          [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
          "{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [14-04-2010 15:50]

          ==== Chrome Look ======================

          Google Drive - Christina - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
          YouTube - Christina - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
          Google Search - Christina - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
          Gmail - Christina - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
          Google Docs - Compaq - Default\Extensions\aohghmighlieiainnegkcijnfilokake
          Google Drive - Compaq - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
          YouTube - Compaq - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
          Google Search - Compaq - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
          Chrome In-App Payments service - Compaq - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
          Gmail - Compaq - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
          Google Drive - Thomas - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
          YouTube - Thomas - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
          Google Search - Thomas - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
          Chrome In-App Payments service - Thomas - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
          Gmail - Thomas - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

          ==== Set IE to Default ======================

          Old Values:
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
          "Start Page"="http://nl.msn.com/?pc=UP22&ocid=UP22DHP&dt=012713"

          New Values:
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
          "Start Page"="http://nl.msn.com/?pc=UP22&ocid=UP22DHP&dt=012713"

          ==== All HKCU SearchScopes ======================

          HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
          "DefaultScope"="{28F3E7C2-BD23-4637-BB47-26FBC717C46E}"
          {28F3E7C2-BD23-4637-BB47-26FBC717C46E} Bing Url="http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox"
          {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"

          ==== Reset Google Chrome ======================

          C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
          C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
          C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
          C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
          C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
          C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

          ==== Empty IE Cache ======================

          C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Christina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Christina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
          C:\Users\Christina\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Christina\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
          C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
          C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
          C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4LP4JSZR will be deleted at reboot

          ==== Empty FireFox Cache ======================

          No FireFox Profiles found

          ==== Empty Chrome Cache ======================

          C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
          C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
          C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

          ==== Empty All Flash Cache ======================

          Flash Cache Emptied Successfully

          ==== Empty All Java Cache ======================

          Java Cache cleared successfully

          Comment


          • #6
            Zoek.exe Version 4.0.0.5 Updated 26-October-2013
            Tool run by Compaq on di 29-10-2013 at 21:11:32,45.
            Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
            Running in: Normal Mode Internet Access Detected
            Launched: C:\Users\Compaq\Desktop\zoek\zoek.exe [Script inserted]

            ==== Older Logs ======================

            C:\zoek-results2013-10-29-195927.log 25197 bytes

            ==== Torpig Check ======================

            HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
            HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


            ==== Deleting CLSID Registry Keys ======================


            ==== Deleting CLSID Registry Values ======================


            ==== Deleting Services ======================


            ==== Registry Exports ======================

            [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers]

            [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem]
            @="{217FC9C0-3AEA-1069-A2DB-08002B30309D}"

            [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing]
            @="{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"


            ==== Registry Exports x64 ======================

            [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers]

            [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem]
            @="{217FC9C0-3AEA-1069-A2DB-08002B30309D}"

            [HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing]
            @="{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"


            ==== Files Recently Created / Modified ======================

            ====== C:\Windows ====
            ====== C:\Users\Compaq\AppData\Local\Temp ====
            ====== Java Cache =====
            ====== C:\Windows\SysWOW64 =====
            2013-10-28 18:50:16 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe
            2013-10-28 18:50:01 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe
            2013-10-28 18:50:01 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
            2013-10-28 18:50:01 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe
            2013-10-22 14:15:28 5E775F0C365F01A8A7382BBEFC4A53A5 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll
            2013-10-22 14:15:28 351B1A5B8A02A59DD29D122B0D231FA6 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
            2013-10-22 14:15:27 BE8F3297A0BC3D3E3B66D9A45F64F0B9 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll
            2013-10-22 14:15:26 6E9013E3D112E26A42EC057CAE990649 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
            2013-10-22 14:15:26 58A43D9DFFF91C1457EC47BDCF969B59 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
            2013-10-22 14:15:26 556F70EDECE99CCD64C7D8897F3264F4 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll
            2013-10-22 14:15:26 122B216B091D06F672CC8D331128FB06 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll
            2013-10-22 14:15:24 E02C01EB0ED522327AFF3BE5CBCF6017 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll
            2013-10-22 14:15:24 883C0D3A22CE87A3203CD5518EBB5758 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
            2013-10-22 14:15:22 61DC3F2BE3093FE22CD717260946D7AD 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll
            2013-10-22 14:15:22 5A847E98EAF032928E67EE52DE08952D 2876928 ----a-w- C:\Windows\SysWOW64\jscript9.dll
            2013-10-22 14:15:20 DC7DB5BC0E2D135103730E08FE1C540D 39424 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
            2013-10-22 14:15:19 E4FEB264B47360B7296AEA4E052F88D8 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll
            2013-10-22 14:15:17 8F5EAAF76A6811332A8C67DB0D4C395F 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll
            2013-10-22 14:15:11 A7221924181C8EB92B64C5A2D888BEA5 14335488 ----a-w- C:\Windows\SysWOW64\mshtml.dll
            ====== C:\Windows\SysWOW64\drivers =====
            ====== C:\Windows\Sysnative =====
            2013-10-22 14:15:28 991A9D6B797B4D7E9EB29BE1FB4B1D28 526336 ----a-w- C:\Windows\Sysnative\ieui.dll
            2013-10-22 14:15:28 990235D752A40F5F8243ED537FAB2035 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb
            2013-10-22 14:15:26 C4DDAC3F3062739C4C2BB759B36E005D 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
            2013-10-22 14:15:26 A80B91A93EDFFDE3DD2646D6E4CDDC44 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll
            2013-10-22 14:15:26 742B2C69643527763E162C0BA923D086 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll
            2013-10-22 14:15:26 4163195B6D07D3434BDEA78C293B7E0E 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe
            2013-10-22 14:15:26 38CFAC1BAFEBC8B0AF8A22093803D38E 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
            2013-10-22 14:15:25 199BD40B1890E1EEFF7438B59787534F 2647552 ----a-w- C:\Windows\Sysnative\iertutil.dll
            2013-10-22 14:15:24 7B4E06047031B2AAA4AE10F00C59BFC7 855552 ----a-w- C:\Windows\Sysnative\jscript.dll
            2013-10-22 14:15:24 214E39F0A8E382F1889B26B46DE0AF81 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
            2013-10-22 14:15:23 D383602755758FA81166B0FD8AFE6D40 3959296 ----a-w- C:\Windows\Sysnative\jscript9.dll
            2013-10-22 14:15:21 882AC0DD997CFC90FBB468D698BD55C6 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll
            2013-10-22 14:15:20 16A3E229F60FA4B05573A0937AB3C3CB 53248 ----a-w- C:\Windows\Sysnative\jsproxy.dll
            2013-10-22 14:15:18 D28B35DE88D27EFB27DF4B1E8319E3C0 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll
            2013-10-22 14:15:16 CCDB8FDC289AA9AFA5F8827A2ADB21AD 15404544 ----a-w- C:\Windows\Sysnative\ieframe.dll
            2013-10-22 14:15:14 F026C6F104758D0EB215B017016FAE27 19252224 ----a-w- C:\Windows\Sysnative\mshtml.dll
            ====== C:\Windows\Sysnative\drivers =====
            2013-10-28 18:25:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
            2013-10-15 17:01:23 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
            2013-10-15 17:01:20 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys
            2013-10-15 17:01:20 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys
            2013-10-15 17:01:18 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys
            2013-10-15 17:01:18 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys
            2013-10-15 17:01:16 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
            2013-10-15 17:01:14 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
            2013-10-15 17:01:14 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
            2013-10-15 17:00:55 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
            ====== C:\Windows\Tasks ======
            2013-10-29 18:36:53 -------- d-----w- C:\Windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform
            ====== C:\Windows\Temp ======
            ======= C:\Program Files =====
            2013-10-29 18:35:05 -------- d-----w- C:\Program Files\Microsoft Office
            ======= C:\PROGRA~2 =====
            2013-10-29 18:38:50 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER
            2013-10-29 18:34:54 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services
            2013-10-28 18:53:33 -------- d-----w- C:\PROGRA~2\ESET
            2013-10-28 18:50:25 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
            2013-10-28 18:49:53 -------- d-----w- C:\PROGRA~2\Java
            ======= C: =====
            ====== C:\Users\Compaq\AppData\Roaming ======
            2013-10-29 20:05:15 1CF71AE137372A20E11832E6E763900A 240520 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
            2013-10-29 19:59:27 -------- d-----w- C:\Users\Compaq\AppData\Local\Temp
            2013-10-29 18:34:16 -------- d-----w- C:\Users\Compaq\AppData\Local\Microsoft Help
            2013-10-28 20:48:15 -------- d-----w- C:\Users\Thomas\AppData\Roaming\AVG2014
            2013-10-28 20:48:05 -------- d-----w- C:\Users\Thomas\AppData\Local\Avg2014
            2013-10-28 18:49:19 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Sun
            2013-10-28 18:41:34 34B1712E63990C1C49E74C8A3E076A55 83864 ----a-w- C:\Windows\SysNative\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
            2013-10-28 18:25:08 -------- d-----w- C:\Users\Compaq\AppData\Local\Programs
            2013-10-28 17:46:11 -------- d-----w- C:\Users\Compaq\AppData\Roaming\AVG2014
            2013-10-28 17:44:18 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014
            2013-10-28 17:42:32 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014
            2013-10-28 17:28:44 -------- d-----w- C:\Users\Compaq\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
            2013-10-15 16:44:52 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014
            2013-10-15 16:42:24 -------- d-----w- C:\Users\Compaq\AppData\Local\Avg2014
            ====== C:\Users\Compaq ======
            2013-10-29 18:40:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
            2013-10-29 18:17:44 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Compaq\Desktop\so6clmmb.exe
            2013-10-29 18:16:04 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Compaq\Desktop\dds.com
            2013-10-28 18:50:25 -------- d-----w- C:\ProgramData\Sun
            2013-10-28 18:50:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
            2013-10-28 18:50:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
            2013-10-28 18:24:03 B3791119229024BEC5BCC6DEF5486732 27837368 ----a-w- C:\Users\Compaq\Downloads\SUPERAntiSpyware.exe
            2013-10-28 18:23:27 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Compaq\Downloads\mbam-setup-1.75.0.1300.exe
            2013-10-28 17:38:37 -------- d-----w- C:\ProgramData\AVG2014
            2013-10-27 16:10:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

            ====== C: exe-files ==
            2013-10-29 18:17:44 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Compaq\Desktop\so6clmmb.exe
            2013-10-28 18:53:33 CE0D0B11986FD2C0247AE88A59B36A6E 579904 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
            2013-10-28 18:53:33 BDB7D97012F9B3102DB72AA76A24942A 546944 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
            2013-10-28 18:53:33 7C9EEC809FB9CDA26EFC245C001EA980 2347384 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
            2013-10-28 18:53:33 7ABF8849E76732C357F419B1AF5668F2 546944 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
            2013-10-28 18:53:33 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
            2013-10-28 18:49:56 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe
            2013-10-28 18:49:56 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
            2013-10-28 18:49:56 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
            2013-10-28 18:49:56 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe
            2013-10-28 18:49:56 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
            2013-10-28 18:49:56 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
            2013-10-28 18:49:56 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe
            2013-10-28 18:49:56 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe
            2013-10-28 18:49:56 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe
            2013-10-28 18:49:55 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
            2013-10-28 18:49:55 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe
            2013-10-28 18:49:55 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe
            2013-10-28 18:49:55 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
            2013-10-28 18:49:55 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe
            2013-10-28 18:49:55 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
            2013-10-28 18:49:55 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe
            2013-10-28 18:49:55 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
            2013-10-28 18:49:55 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe
            2013-10-28 18:49:55 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe
            2013-10-28 18:49:55 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe
            2013-10-28 18:49:55 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
            2013-10-28 18:24:03 B3791119229024BEC5BCC6DEF5486732 27837368 ----a-w- C:\Users\Compaq\Downloads\SUPERAntiSpyware.exe
            2013-10-28 18:23:27 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Compaq\Downloads\mbam-setup-1.75.0.1300.exe
            === C: other files ==
            2013-10-29 18:16:04 8B968045D75783A09592C3105F2865DA 688992 ------r- C:\Users\Compaq\Desktop\dds.com
            2013-10-28 18:49:56 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip
            2013-10-28 18:25:25 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

            ==== Folders in C:\ProgramData 0-6 Months Old ======================

            2013-06-23 14:08:43 -------- d-----w- C:\ProgramData\InstallShield
            2013-10-28 17:38:37 -------- d-----w- C:\ProgramData\AVG2014
            2013-10-28 18:25:26 -------- d-----w- C:\ProgramData\Malwarebytes
            2013-10-28 18:50:25 -------- d-----w- C:\ProgramData\Sun

            ==== Firefox Extensions Registry ======================

            [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
            "{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [14-04-2010 15:50]

            ==== Chrome Look ======================

            Google Drive - Christina - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
            YouTube - Christina - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
            Google Search - Christina - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
            Gmail - Christina - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
            Google Docs - Compaq - Default\Extensions\aohghmighlieiainnegkcijnfilokake
            Chrome In-App Payments service - Compaq - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
            Google Drive - Thomas - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
            YouTube - Thomas - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
            Google Search - Thomas - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
            Chrome In-App Payments service - Thomas - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
            Gmail - Thomas - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

            ==== Set IE to Default ======================

            Old Values:
            [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
            "Start Page"="http://nl.msn.com/?pc=UP22&ocid=UP22DHP&dt=012713"

            New Values:
            [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
            "Start Page"="http://nl.msn.com/?pc=UP22&ocid=UP22DHP&dt=012713"

            ==== All HKCU SearchScopes ======================

            HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
            "DefaultScope"="{28F3E7C2-BD23-4637-BB47-26FBC717C46E}"
            {28F3E7C2-BD23-4637-BB47-26FBC717C46E} Bing Url="http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox"
            {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"

            ==== Reset Google Chrome ======================

            C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
            C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

            ==== Empty IE Cache ======================

            C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Users\Christina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Users\Christina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
            C:\Users\Christina\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Users\Christina\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
            C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
            C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
            C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
            C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8EYZ4LPK will be deleted at reboot

            ==== Empty FireFox Cache ======================

            No FireFox Profiles found

            ==== Empty Chrome Cache ======================

            C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
            C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
            C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

            ==== Empty All Flash Cache ======================

            Flash Cache Emptied Successfully

            ==== Empty All Java Cache ======================

            Java Cache cleared successfully

            Comment


            • #7
              Prima, vertel even of er nog klachten zijn aub.

              Windows 10 opstarten in Veilige Modus

              Comment


              • #8
                Hoi,

                Op dit moment geen klachten.

                Comment


                • #9
                  Download Delfix by Xplode naar het bureaublad.

                  Dubbelklik op Delfix.exe om de tool te starten.
                  Zet nu vinkjes voor de volgende items:
                  • Activate UAC
                  • Remove disinfection tools
                  • Create registry backup
                  • Purge System Restore
                  • Reset system settings

                  Klik nu op "Run" en wacht geduldig tot de tool gereed is.
                  Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

                  Windows 10 opstarten in Veilige Modus

                  Comment


                  • #10
                    Gedaan en de log is er gekomen.
                    Mag ik er nu vanuit gaan dat het gereed is?

                    Zo ja dan bedank ik je heel hartelijk voor de geboden hulp.

                    Comment


                    • #11
                      Daar mag je vanuit gaan.

                      Windows 10 opstarten in Veilige Modus

                      Comment


                      • #12
                        nogmaals heel hartelijk bedankt.

                        Comment


                        • #13
                          Graag gedaan.

                          Windows 10 opstarten in Veilige Modus

                          Comment

                          Sorry, you are not authorized to view this page
                          Working...
                          X