Mededeling

Collapse
No announcement yet.

Last van Pop ups + ongewenste sites

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Last van Pop ups + ongewenste sites

    Ondanks dat Avira Antivirus op de laptop heb , word ik sinds ongeveer twee manden geleden continu lastig gevallen met pop ups, sites die spontaan geopend worden etc etc. De laptop wordt ook steeds langzamer.
    Hoe krijg ik dat weg ??? en hoe voorkom je dit ondanks dat je denkt dat je met Avira veilig was!!

  • #2
    Download Zoek.zip naar het bureaublad.
    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.


    Antivirussoftware uitschakelen
    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

    Zoek.exe uitvoeren
    Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
    • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Klik nu op de knop "Run script".
    • Er verschijnt een popup met de melding dat er geen script aangetroffen is, druk gewoon op OK.
    • Zoek.exe gaat nu een scan + reparatie uitvoeren, bij sommige systemen kan deze langer dan een half uur duren.
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.


    Zoek.exe logbestand plaatsen
    • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht.
      (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Bedankt voor de reactie. Het is nog niet opgelost. Ik heb per ongeluk op verkerde ikontje gedrukt. Ga ik straks aan de slag. Dan hoort u nog van mij.

      Comment


      • #4
        Run zoek.exe aub en plaats de uitslag.

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Ik heb het uitgevoerd alleen weet ik niet hoe kan ik het logje als bijlage toevoegen. (ik zie nergens dat icoontje bijlage??)
          Dan doe ik het op manier knippen/plakken.

          Gr. Anida

          Zoek.exe v5.0.0.0 Updated 07-February-2014
          Tool run by Mak on za 08-02-2014 at 14:59:32,96.
          Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
          Running in: Normal Mode Internet Access Detected
          Launched: C:\Users\Mak\Downloads\zoek (1)\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]

          ==== System Restore Info ======================

          8-2-2014 15:01:08 Zoek.exe System Restore Point Created Succesfully.

          ==== Empty Folders Check ======================

          C:\PROGRA~2\MSXML 4.0 deleted successfully
          C:\PROGRA~2\Research In Motion deleted successfully
          C:\PROGRA~2\VideoLAN deleted successfully
          C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
          C:\Program Files\Google deleted successfully
          C:\ProgramData\Babylon deleted successfully
          C:\Users\Mak\AppData\Roaming\Mugle deleted successfully
          C:\Users\Mak\AppData\Roaming\PerformerSoft deleted successfully
          C:\Users\Mak\AppData\Roaming\TP deleted successfully
          C:\Users\Mak\AppData\Roaming\Windows Live Writer deleted successfully
          C:\Users\Mak\AppData\Local\Savings Sidekick deleted successfully

          ==== Deleting CLSID Registry Keys ======================

          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully
          HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4A1338D8-0821-4D34-B7F4-118EF7152E3D} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
          HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
          HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
          HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
          HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
          HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
          HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
          HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully

          ==== Deleting CLSID Registry Values ======================

          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully
          HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\[email protected] deleted successfully

          ==== Deleting Services ======================

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully
          HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully
          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ibupdaterservice deleted successfully
          HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ibupdaterservice deleted successfully

          ==== FireFox Fix ======================

          ProfilePath: C:\Users\Mak\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}

          ---- FireFox user.js and prefs.js backups ----

          user_08-02-2014_1510_.backup
          prefs_08-02-2014_1510_.backup

          ==== Registry Fix Code ======================

          Windows Registry Editor Version 5.00

          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
          "bProtector Start Page"=-
          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
          "bProtectorDefaultScope"=-

          ==== Deleting Files \ Folders ======================

          C:\PROGRA~2\Savings Sidekick deleted
          C:\PROGRA~2\iLivid deleted
          C:\PROGRA~2\HomeTab deleted
          C:\PROGRA~2\MyPC Backup deleted
          C:\PROGRA~2\Plus-HD-1.2 deleted
          C:\SoloApp deleted
          C:\Users\Mak\AppData\Roaming\speedanalysis.ico deleted
          C:\Users\Mak\AppData\Roaming\zulagames deleted
          C:\Users\Mak\AppData\Roaming\SpeedAnalysis2 deleted
          C:\Users\Mak\AppData\Roaming\SpeedAnalysis3 deleted
          C:\Users\Mak\AppData\Roaming\HomeTab deleted
          C:\Users\Mak\AppData\Roaming\Babylon deleted
          C:\Users\Mak\AppData\Roaming\SimplyTech deleted
          C:\Users\Mak\AppData\Roaming\File Scout deleted
          C:\Users\Mak\AppData\Roaming\OpenCandy deleted
          C:\ProgramData\AskPartnerNetwork deleted
          C:\ProgramData\APN deleted
          C:\ProgramData\Partner deleted
          C:\ProgramData\boost_interprocess deleted
          C:\ProgramData\IBUpdaterService deleted
          C:\Users\Mak\AppData\Local\iLivid deleted
          C:\Users\Mak\AppData\Local\Ilivid Player deleted
          C:\Users\Mak\AppData\Local\APN deleted
          C:\Users\Mak\AppData\Local\Updater5060 deleted
          C:\Users\Mak\AppData\Local\Linkury deleted
          C:\Users\Mak\AppData\Local\avgchrome deleted
          C:\Users\Mak\AppData\Local\AskPartnerNetwork deleted
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data deleted
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences deleted
          C:\Users\Mak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard deleted
          C:\Windows\SysNative\roboot64.exe deleted
          C:\windows\SysNative\Tasks\LaunchApp deleted
          C:\Users\Mak\Downloads\iLividSetup (1).exe deleted
          C:\Users\Mak\Downloads\iLividSetup (2).exe deleted
          C:\Users\Mak\Downloads\iLividSetup (3).exe deleted
          C:\Users\Mak\Downloads\iLividSetup (4).exe deleted
          C:\Users\Mak\Downloads\iLividSetup.exe deleted
          C:\Users\Mak\Downloads\rcpsetupmarm1_marm1203911984nl.exe deleted
          C:\Users\Mak\Downloads\VideoPerformerSetup (1).exe deleted
          C:\Users\Mak\Downloads\VideoPerformerSetup.exe deleted
          C:\Users\Mak\AppData\LocalLow\Plus-HD-1.2 deleted
          C:\Users\Mak\AppData\LocalLow\HomeTab deleted
          C:\Users\Mak\AppData\LocalLow\searchqutoolbar deleted
          C:\Users\Mak\AppData\LocalLow\BabylonToolbar deleted
          C:\Users\Mak\AppData\LocalLow\SimplyTech deleted
          C:\Windows\tasks\Plus-HD-1.2-chromeinstaller.job deleted
          C:\Windows\tasks\Plus-HD-1.2-codedownloader.job deleted
          C:\Windows\tasks\Plus-HD-1.2-enabler.job deleted
          C:\Windows\tasks\Plus-HD-1.2-firefoxinstaller.job deleted
          C:\Windows\tasks\Plus-HD-1.2-updater.job deleted
          C:\windows\SysNative\tasks\Plus-HD-1.2-chromeinstaller deleted
          C:\windows\SysNative\tasks\Plus-HD-1.2-codedownloader deleted
          C:\windows\SysNative\tasks\Plus-HD-1.2-enabler deleted
          C:\windows\SysNative\tasks\Plus-HD-1.2-firefoxinstaller deleted
          C:\windows\SysNative\tasks\Plus-HD-1.2-updater deleted
          C:\windows\SysNative\tasks\Updater5060.exe deleted
          C:\windows\SysNative\TASKS\Scheduled Update for Ask Toolbar deleted
          C:\windows\SysNative\tasks\BitGuard deleted
          C:\Windows\Launcher.exe deleted
          C:\Windows\Syswow64\shoAE3C.tmp deleted
          C:\Windows\SysWow64\searchplugins deleted
          C:\Windows\SysWow64\Extensions deleted
          C:\Users\Mak\AppData\Roaming\Mozilla\Extensions\[email protected] deleted
          C:\Users\Mak\AppData\Roaming\Mozilla\Extensions\[email protected] deleted
          C:\Users\Mak\AppData\Roaming\Mozilla\Extensions\[email protected] deleted
          "C:\Users\Mak\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AV [email protected]" deleted
          "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted
          "C:\PROGRA~2\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll" deleted
          "C:\PROGRA~2\AskPartnerNetwork" deleted
          "C:\PROGRA~2\Searchqu Toolbar" not deleted
          "C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted
          "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted
          "C:\PROGRA~2\Searchqu Toolbar\Datamngr" not deleted
          "C:\PROGRA~2\Searchqu Toolbar\Datamngr\x64" not deleted

          ==== Files Recently Created / Modified ======================

          ====== C:\Windows ====
          ====== C:\Users\Mak\AppData\Local\Temp ====
          2014-02-06 14:29:44 65F00BFEF4AA0BDB459F358ADE919110 340560 ----a-w- C:\Users\Mak\AppData\Local\Temp\uninst1.exe
          2014-02-06 14:26:22 951C6D4B071985CD89187B332D31B7C6 17298824 ----a-w- C:\Users\Mak\AppData\Local\Temp\BC2E.dir\InstallFlashPlayer.exe
          ====== Java Cache =====
          ====== C:\Windows\SysWOW64 =====
          ====== C:\Windows\SysWOW64\drivers =====
          ====== C:\Windows\Sysnative =====
          ====== C:\Windows\Sysnative\drivers =====
          2014-01-14 18:14:32 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
          2014-01-14 18:14:32 DD253AFC3BC6CBA412342DE60C3647F3 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys
          2014-01-14 18:14:32 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
          2014-01-14 18:14:32 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
          2014-01-14 18:14:32 765A92D428A8DB88B960DA5A8D6089DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys
          2014-01-14 18:14:32 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
          2014-01-14 18:14:32 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
          2014-01-14 18:14:29 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
          ====== C:\Windows\Tasks ======
          ====== C:\Windows\Temp ======
          ======= C:\Program Files =====
          ======= C:\PROGRA~2 =====
          ======= C: =====
          ====== C:\Users\Mak\AppData\Roaming ======
          ====== C:\Users\Mak ======

          ====== C: exe-files ==
          2014-02-06 14:29:44 65F00BFEF4AA0BDB459F358ADE919110 340560 ----a-w- C:\Users\Mak\AppData\Local\Temp\uninst1.exe
          2014-02-06 14:26:22 951C6D4B071985CD89187B332D31B7C6 17298824 ----a-w- C:\Users\Mak\AppData\Local\Temp\BC2E.dir\InstallFlashPlayer.exe
          2014-02-05 22:54:08 75571C40ECC29BCBFF16B1FC3C3ED170 364880 ----a-w- C:\ProgramData\NVIDIA\Updatus\Download\57B6\updatus.17778707_RUNASUSER.exe
          2014-02-04 14:11:58 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe
          === C: other files ==

          ==== Startup Registry Enabled ======================

          [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
          "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

          [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
          "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

          [HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1000\Software\Microsoft\Windows\CurrentVersion\Run]
          "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

          [HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Run]
          "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
          "Facebook Update"="C:\Users\Mak\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
          "Linkury Chrome Smartbar"="C:\Users\Mak\AppData\Local\Linkury\Application\Smartbar.exe startup"
          "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
          "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
          "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

          [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
          "mctadmin"="C:\Windows\System32\mctadmin.exe"

          [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
          "mctadmin"="C:\Windows\System32\mctadmin.exe"

          [HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
          "mctadmin"="C:\Windows\System32\mctadmin.exe"

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
          "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
          "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
          "Dolby Home Theater v4"="C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart"
          "PlusService"="C:\Program Files (x86)\Yuna Software\Messenger Plus\PlusService.exe"
          "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
          "DATAMNGR"="C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE"
          "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
          "avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"
          "ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

          [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
          "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
          "Facebook Update"="C:\Users\Mak\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
          "Linkury Chrome Smartbar"="C:\Users\Mak\AppData\Local\Linkury\Application\Smartbar.exe startup"
          "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
          "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
          "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

          ==== Startup Registry Enabled x64 ======================

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
          "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
          "HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
          "Persistence"="C:\Windows\system32\igfxpers.exe"
          "IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray"
          "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp"
          "PSQLLauncher"="C:\Program Files\Protector Suite\launcher.exe /startup"
          "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

          [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
          "AppInit_DLLs"="c:\\progra~3\\bitguard\\271832~1.68\\{c16c1~1\\loader.dll c:\\progra~3\\bitguard\\271769~1.27\\{c16c1~1\\loader.dll c:\\windows\\system32\\nvinitx.dll"

          ==== Startup Folders ======================

          2012-09-20 21:05:41 1300 ----a-w- C:\Users\Mak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

          ==== Task Scheduler Jobs ======================

          C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-313346196-3791272623-4133974678-1001Core.job --a------ C:\Users\Mak\AppData\Local\Facebook\Update\FacebookUpdate.exe [11-07-2012 22:55]
          C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-313346196-3791272623-4133974678-1001UA.job --a------ C:\Users\Mak\AppData\Local\Facebook\Update\FacebookUpdate.exe [11-07-2012 22:55]
          C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25-01-2012 18:53]

          ==== Other Scheduled Tasks ======================

          "C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe]
          "C:\Windows\SysNative\tasks\AdobeFlashPlayerUpdate 2" [C:\Windows\SysWOW64\FlashPlayerUpdateService.exe]
          "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
          "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-313346196-3791272623-4133974678-1001Core" [C:\Users\Mak\AppData\Local\Facebook\Update\FacebookUpdate.exe]
          "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-313346196-3791272623-4133974678-1001UA" [C:\Users\Mak\AppData\Local\Facebook\Update\FacebookUpdate.exe]
          "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
          "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
          "C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe]
          "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

          ==== Firefox Extensions Registry ======================

          [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
          "[email protected]"="C:\Users\Mak\AppData\Roaming\Mozilla\Extensions\speedanalysis03 @SpeedAnalysis.com"
          [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
          "[email protected]"="C:\Users\Mak\AppData\Roaming\Mozilla\Extensions\speedanalysis03 @SpeedAnalysis.com"

          ==== Firefox Extensions ======================

          ==== Firefox Plugins ======================


          ==== Chrome Look ======================

          HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
          aaaaacalgebmfelllfiaoknifldpngjh - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
          aaaangmfdabjilefmognkgcebjgcojek - C:\Users\Mak\AppData\Local\APN\GoogleCRXs\aaaangmfdabjilefmognkgcebjgcojek_7.14.1.0.crx
          gflandjopdloblmlcoiidmncpinmmacn - C:\Users\Mak\AppData\Roaming\zulagames\zulagames.crx
          lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02-03-2012 10:53]
          mkomokjcjgcbbdganakoegfidglagpkg - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx

          Avira SearchFree Toolbar plus Web Protection - Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
          Avira Toolbar - Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangmfdabjilefmognkgcebjgcojek
          Zula Games - Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn
          Plus-HD-1.2 - Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpcbdkoekecjkbjeccbapdkpcmoiloa
          Skype Click to Call - Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
          HomeTab - Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkomokjcjgcbbdganakoegfidglagpkg
          Google Wallet - Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

          ==== Chrome Fix ======================

          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh deleted successfully
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangmfdabjilefmognkgcebjgcojek deleted successfully
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaangmfdabjilefmognkgcebjgcojek_0.localstorage deleted successfully
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn deleted successfully
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkomokjcjgcbbdganakoegfidglagpkg deleted successfully
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mkomokjcjgcbbdganakoegfidglagpkg_0.localstorage deleted successfully
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpcbdkoekecjkbjeccbapdkpcmoiloa deleted successfully
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idpcbdkoekecjkbjeccbapdkpcmoiloa_0.localstorage deleted successfully
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_idpcbdkoekecjkbjeccbapdkpcmoiloa_0 deleted successfully
          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idpcbdkoekecjkbjeccbapdkpcmoiloa deleted successfully

          ==== Set IE to Default ======================

          Old Values:
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
          "Start Page"="https://www.google.nl/?gws_rd=cr&ei=833yUu_mKoSp0QXhyIHYAQ"
          "Search Page"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Default_Page_URL"="http://www.aldi.com"
          "Search Bar"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Default_Search_URL"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Use Search Asst"="yes"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
          "Default_Search_URL"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Bar"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Page"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
          "Default_Search_URL"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Bar"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Page"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
          "Default_Search_URL"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Page"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Bar"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
          "Default_Search_URL"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Page"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Bar"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
          "(Default)"="http://search.certified-toolbar.com?si=64843&st=bs&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
          "(Default)"="http://search.certified-toolbar.com?si=64843&st=bs&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
          "(Default)"="http://search.certified-toolbar.com?si=64843&st=bs&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
          "(Default)"="http://search.certified-toolbar.com?si=64843&st=bs&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
          "(Default)"="http://search.certified-toolbar.com?si=64843&st=bs&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
          "(Default)"="http://search.certified-toolbar.com?si=64843&st=bs&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&q=%s"
          [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
          "Default"="http://www.plusnetwork.com/?sp=addr&q={searchTerms}"
          "(Default)"="http://search.certified-toolbar.com?si=64843&st=bs&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&q=%s"
          [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
          "Default"="http://www.plusnetwork.com/?sp=addr&q={searchTerms}"
          "(Default)"="http://search.certified-toolbar.com?si=64843&st=bs&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&q=%s"
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
          "(Default)"="http://search.certified-toolbar.com?si=64843&st=bs&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&q=%s"
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
          "Default"="http://www.plusnetwork.com/?sp=addr&q={searchTerms}"
          "(Default)"="http://search.certified-toolbar.com?si=64843&st=bs&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
          "Tabs"="about:newtab"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
          "Tabs"="about:newtab"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
          "Default_Search_URL"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Bar"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Page"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
          "Default_Search_URL"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Bar"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Page"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
          "Default_Search_URL"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Bar"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Page"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
          "Default_Search_URL"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Bar"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Page"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
          "Default_Search_URL"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "SearchAssistant"="http://www.plusnetwork.com/?sp=addr&q={searchTerms}"
          "Search Bar"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          "Search Page"="http://search.certified-toolbar.com?si=64843&tid=6581&ver=4.7&ts=1378497205128&tguid=64843-6581-1378497205128-4507162BD99C46E05679156AD40FC5DD&st=chrome&q="
          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
          "DefaultScope"="{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}"
          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}] not found

          New Values:
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
          "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
          "Start Page"="https://www.google.nl/?gws_rd=cr&ei=833yUu_mKoSp0QXhyIHYAQ"
          "Use Search Asst"="no"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
          "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
          "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
          [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
          "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
          [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
          "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
          "(Default)"="http://search.msn.com/results.asp?q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
          "(Default)"="http://search.msn.com/results.asp?q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
          "(Default)"="http://search.msn.com/results.asp?q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
          "(Default)"="http://search.msn.com/results.asp?q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
          "(Default)"="http://search.msn.com/results.asp?q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
          "(Default)"="http://search.msn.com/results.asp?q=%s"
          [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
          "(Default)"="http://search.msn.com/results.asp?q=%s"
          [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
          "(Default)"="http://search.msn.com/results.asp?q=%s"
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
          "(Default)"="http://search.msn.com/results.asp?q=%s"
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
          "(Default)"="http://search.msn.com/results.asp?q=%s"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
          "Tabs"="res://ieframe.dll/tabswelcome.htm"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
          "Tabs"="res://ieframe.dll/tabswelcome.htm"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
          "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
          [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
          "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
          [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
          "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
          [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
          "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
          [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
          "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
          "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
          "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

          ==== All HKCU SearchScopes ======================

          HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
          {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
          {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"
          {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"
          {724CA8C0-8458-446A-B966-0B62EAD0459F} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7&rlz=1I7MDNE_enDE393"

          ==== Deleting CLSID Registry Keys ======================

          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d7ad3eb-ea9e-48d5-a5b5-ecaa2d48341b} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311121155} deleted successfully
          HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully
          HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully
          HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2d7ad3eb-ea9e-48d5-a5b5-ecaa2d48341b} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d7ad3eb-ea9e-48d5-a5b5-ecaa2d48341b} deleted successfully
          HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
          HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
          HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} deleted successfully
          HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110011501160} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160} deleted successfully
          HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311121155} deleted successfully
          HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311121155} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121155} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121155} deleted successfully

          ==== Deleting CLSID Registry Values ======================

          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\mozilla\Firefox\Extensions\[email protected] deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\mozilla\Firefox\Extensions\[email protected] deleted successfully
          HKEY_USERS\S-1-5-21-313346196-3791272623-4133974678-1001\Software\mozilla\Firefox\Extensions\[email protected] deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{2d7ad3eb-ea9e-48d5-a5b5-ecaa2d48341b} deleted successfully
          HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\[email protected] deleted successfully
          HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\[email protected] deleted successfully
          HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\[email protected] deleted successfully

          ==== Deleting Registry Keys ======================

          HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaangmfdabjilefmognkgcebjgcojek deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn deleted successfully
          HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mkomokjcjgcbbdganakoegfidglagpkg deleted successfully
          HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid deleted successfully
          HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} deleted successfully
          HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar deleted successfully
          HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.2 deleted successfully
          HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5b719707-d4d0-4592-a904-9939df8c089f}_is1 deleted successfully

          ==== Empty IE Cache ======================

          C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Users\Mak\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
          C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

          ==== Empty FireFox Cache ======================

          No FireFox Cache found

          ==== Empty Chrome Cache ======================

          C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

          ==== Empty All Flash Cache ======================

          Flash Cache Emptied Successfully

          ==== Empty All Java Cache ======================

          Java Cache cleared successfully

          ==== C:\zoek_backup content ======================

          C:\zoek_backup (files=2924 folders=639 264175842 bytes)

          ==== Empty Temp Folders ======================

          C:\Users\Default\AppData\Local\Temp emptied successfully
          C:\Users\Default User\AppData\Local\Temp emptied successfully
          C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
          C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
          C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
          C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
          C:\Users\Mak\AppData\Local\Temp will be emptied at reboot
          C:\Windows\Temp will be emptied at reboot

          ==== After Reboot ======================

          ==== Empty Temp Folders ======================

          C:\Windows\Temp successfully emptied
          C:\Users\Mak\AppData\Local\Temp successfully emptied

          ==== Empty Recycle Bin ======================

          C:\$RECYCLE.BIN successfully emptied

          ==== Deleting Files / Folders ======================

          "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
          "C:\PROGRA~2\Searchqu Toolbar" not found

          ==== EOF on za 08-02-2014 at 15:24:59,96 ======================

          Comment


          • #6
            Flinke opruiming, hoe gaat het nu?

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Beste Juisterr,

              Het is opgelost. Het gaat nu uitstekend. Geen last meer van vremde sites en pop ups. Mijn laptop is ook veel sneller geworden. Ik ben je zo dankbaar.

              Groet. Anida

              Comment


              • #8
                Beste Juisterr,

                Nog een vraagje. Wat moet ik verder met dat Zoek.zip bestandje op mijn bureaublad? Zal ik hem zo laten staan of moet ik hem verwijderen?

                Gr. Anida

                Comment


                • #9
                  Download Delfix by Xplode naar het bureaublad.

                  KLIK HIER voor een vergroting!
                  (Klik bovenstaande afbeelding aan voor een vergroting!)

                  Dubbelklik op Delfix.exe om de tool te starten.
                  Zet nu vinkjes voor de volgende items:
                  • Remove disinfection tools
                  • Purge System Restore
                  • Reset system settings

                  Klik nu op "Run" en wacht geduldig tot de tool gereed is.
                  Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

                  Windows 10 opstarten in Veilige Modus

                  Comment


                  • #10
                    Beste Juisterr,

                    Graag hoor ik van jou of het verstandig is bepaalde programma's instaleren tegen de spyware-infecties /malware-infecties als preventie en ook als aanvulling op mijn antivirusprogramma (Avira) op mijn laptop en zo wel, welke programma's kan jij aan mij adviseren?

                    Gr. Anida

                    Comment


                    • #11
                      Voer sowieso nog even een volledige systeemscan uit en wijzig alle gebuikte wachtwoorden, maar dat staat hieronder verder beschreven.

                      De volgende programma's en bijbehorende log bestanden mag je verwijderen. MBAM en de Emsisoft Emergency Kit kan je gewoon blijven gebruiken om periodiek de computer te scannen (wel eerst updaten).
                      • Zoek.exe
                      • DDS



                      Aangezien de problemen zijn verholpen adviseer ik u nog wel even het onderstaande uit te voeren.

                      1.) Volledige systeemscan
                      Ik raad u aan om met behulp van de Emsisoft Emergency Kit nog een volledige systeemscan uit te voeren, op de onderstaande link treft u de handleiding van dit programma.
                      Mochten er nog speciale detecties zijn waarvan u niet weet wat u het beste kan doen dan kunt u uw vraag gewoon hier stellen.

                      2.) Systeemherstelpunten verwijderen
                      Als de computer geïnfecteerd is geweest met een malware infectie is het raadzaam om alle aanwezige systeemherstelpunten te verwijderen, want hier kunnen namelijk besmette herstelpunten tussen zitten.
                      • Hoe u de herstelpunten verwijderd leest u hier


                      3.) Wachtwoorden wijzigen
                      De meeste malware maakt een uitgaande verbinding met een Command & Control-server waarbij er vertrouwelijke gegevens zoals bijvoorbeeld inloggegevens worden buitgemaakt, indien uw computer geïnfecteerd is geweest is het dan ook raadzaam om al uw gebruikte wachtwoorden te wijzigen.
                      Meer informatie hierover leest u hier

                      4.) Installeren van essentiële updates.
                      Hoe u uw besturingssysteem en overige software up to date houdt kunt u hier lezen.
                      Door middel van het programma Secunia PSI wordt u automatisch gewaarschuwd indien er updates voor de geïnstalleerde software beschikbaar is, meer informatie leest u hier

                      5.) Pas op voor 'Phishing' berichten.
                      Phishing is een vorm van internet oplichting (fraude), met valse e-mailberichten en websites die er vertrouwd uitzien wordt er getracht 'logingegevens' en andere persoonlijke informatie te achterhalen.
                      Dit gebeurt vaak op hele slinkse manieren, zoals bijvoorbeeld e-mailberichten waarin u gevraagd wordt uw inloggegevens te verifiëren, in deze gevallen wordt u vaak naar een valse (clone) website gestuurd, zodra u uw gegevens hier hebt ingevoerd zijn deze in de handen van de kwaadwillende met alle gevolgen van dien.


                      6.) Preventie informatie & het gebruik van beveiligings software.
                      Om de kans op een her-infectie te minimaliseren kan je naast de gebruikte beveiligingssoftware een aanvullende malwarescanner installeren zoals Emsisoft Anti-Malware of Malwarebytes' Antimalware om de bescherming te optimaliseren.
                      Hier staat meer informatie hoe u een infectie in de toekomst kunt voorkomen, lees dit eens op uw gemak door.

                      Windows 10 opstarten in Veilige Modus

                      Comment


                      • #12
                        Beste Juisterr,

                        Heel erg bedankt voor al je hulp en advies.
                        Ik gan straks aan de slag.

                        Een vraag: Wat moet ik verder met de snelkoppeling "Delfix by Xplode" op het bureaublad. Moet deze verwijderd worden? Ook uit het systeem, want volgens mij staat het nog een keer op C schijf?

                        Gr. Anida

                        Comment


                        • #13
                          Mag je gewoon verwijderen.

                          Windows 10 opstarten in Veilige Modus

                          Comment

                          Sorry, you are not authorized to view this page
                          Working...
                          X