Mededeling

Collapse
No announcement yet.

Laptop traag, Google.com niet bereikbaar, scans vinden niks

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Laptop traag, Google.com niet bereikbaar, scans vinden niks

    Hallo,

    Ik denk dat mijn laptop besmet is, maar ik weet niet wat het precies is. Eerst heb ik AVG een scan laten maken, maar die vond niks. Daarna heb ik Malwarebyes Anti-mallware gedownload en laten scannen, ook niks. Tot slot zelfs hijackthis laten scannen en geupload op hijackthis.de, maar daar stond ook niks ernstigs in.

    Normaal gesproken Google ik door de zoekwoorden in de adresbalk in te typen, maar dit werkte niet. Vervolgens de plugin van Firefox geprobeerd, maar dat werkte ook niet. Zelfs Google.com is niet bereikbaar, terwijl Google.nl dit wel is. Ik zie constant iets van gstatic.com ofzo, en dit blijkt weer met mallware te maken hebben.

    Graag hulp.

  • #2
    Download Zoek.zip naar het bureaublad.
    1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
    2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

    • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
      Code:
       
      torpigcheck;
      emptyclsid;
      emptyfolderscheck;delete
      firefoxlook; 
      Chromelook; 
      resethosts; 
      autoclean; 
      iedefaults; 
      filesrcm;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Ik denk dat het lag aan een storing van Telfort gister. Best wel slecht dat ik het niet door had, maar ook wel logisch; meestal werkt bij een storing niks, en nu bijna alles op de klachten in de titel na.

      Heb nog wel een log van de zoek.exe, maar ik weet niet wat voor meerwaarde dit heeft.


      Zoek.exe v5.0.0.0 Updated 14-01-2015
      Tool run by Jeroen on wo 14-01-2015 at 22:06:38,59.
      Microsoft Windows 8.1 6.3.9600 x64
      Running in: Normal Mode Internet Access Detected
      Launched: C:\Users\Jeroen\Desktop\zoek.exe.exe [Scan all users] [Script inserted]

      ==== System Restore Info ======================

      14-1-2015 22:07:53 Zoek.exe System Restore Point Created Succesfully.

      ==== Torpig Check ======================

      HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Ath_CopyHook {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735} C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
      HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
      HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


      ==== Reset Hosts File ======================

      # Copyright (c) 1993-2006 Microsoft Corp.
      #
      # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
      #
      # This file contains the mappings of IP addresses to host names. Each
      # entry should be kept on an individual line. The IP address should
      # be placed in the first column followed by the corresponding host name.
      # The IP address and the host name should be separated by at least one
      # space.
      #
      # Additionally, comments (such as these) may be inserted on individual
      # lines or following the machine name denoted by a '#' symbol.
      #
      # For example:
      #
      # 102.54.94.97 rhino.acme.com # source server
      # 38.25.63.10 x.acme.com # x client host

      127.0.0.1 localhost

      ==== Empty Folders Check ======================

      C:\PROGRA~2\AGEIA Technologies deleted successfully
      C:\Users\Jeroen\AppData\Roaming\Publish Providers deleted successfully
      C:\Users\Jeroen\AppData\Local\Adobe deleted successfully

      ==== Deleting CLSID Registry Keys ======================

      HKEY_USERS\S-1-5-21-910002748-4114560501-3979713832-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
      HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
      HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

      ==== Deleting CLSID Registry Values ======================


      ==== Deleting Services ======================

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.2.0 deleted successfully

      ==== Deleting Files \ Folders ======================

      C:\Users\Jeroen\AppData\Local\AVG Web TuneUp deleted
      C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted
      C:\Program Files\AVG Web TuneUp deleted
      C:\PROGRA~3\AVG Web TuneUp deleted
      C:\PROGRA~3\AVG Security Toolbar deleted
      C:\PROGRA~3\eBay deleted
      C:\PROGRA~3\AVG Secure Search deleted
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
      C:\Users\Jeroen\Downloads\avg_free_stb_all_2015_5557_cnet.exe deleted
      C:\Users\Jeroen\AppData\LocalLow\AVG Web TuneUp deleted
      C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
      C:\windows\SysNative\tasks\update-S-1-5-21-910002748-4114560501-3979713832-1002 deleted
      C:\windows\SysNative\tasks\update-sys deleted
      C:\WINDOWS\tasks\update-S-1-5-21-910002748-4114560501-3979713832-1002.job deleted
      C:\WINDOWS\tasks\update-sys.job deleted
      C:\windows\SysNative\tasks\1014avUpdateInfo deleted
      C:\Users\Jeroen\AppData\Roaming\Mozilla\Firefox\Profiles\5z82rjyw.default\searchplugins\avg-secure-search.xml deleted
      "C:\WINDOWS\Installer\387fa242.msi" deleted
      "C:\PROGRA~2\AVG Web TuneUp\TBAPI.dll" deleted
      "C:\PROGRA~2\AVG Web TuneUp\vprot.exe" deleted
      "C:\PROGRA~2\Skillbrains\lightshot\5.2.0.17\DXGIODScreenshot.dll" deleted
      "C:\PROGRA~2\Skillbrains\lightshot\5.2.0.17\Lightshot.dll" deleted
      "C:\PROGRA~2\Skillbrains\lightshot\5.2.0.17\Lightshot.exe" deleted
      "C:\PROGRA~2\Skillbrains\lightshot\5.2.0.17\uploader.dll" deleted
      "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.2.0\avgdttbx.dll" deleted
      "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.2.0\log4cplusU.dll" deleted
      "C:\PROGRA~2\Skillbrains" deleted
      "C:\PROGRA~2\AVG Web TuneUp" not deleted
      "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
      "C:\PROGRA~2\Skillbrains\lightshot" deleted
      "C:\PROGRA~2\Skillbrains\lightshot\5.2.0.17" deleted
      "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted
      "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted
      "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.2.0" deleted
      "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.2.0" deleted

      ==== Files Recently Created / Modified ======================

      ====== C:\WINDOWS ====
      2014-12-27 13:22:59 ACDBE1ED38167C8B01B8F63161BB2CEA 2374784 ----a-w- C:\WINDOWS\explorer.exe
      2014-12-24 14:59:35 9B2C4A2B498F91D769AD53FAB4794D1A 28578 ----a-w- C:\WINDOWS\diagwrn.xml
      2014-12-24 14:59:35 9B2C4A2B498F91D769AD53FAB4794D1A 28578 ----a-w- C:\WINDOWS\diagerr.xml
      ====== C:\Users\Jeroen\AppData\Local\Temp ====
      2015-01-14 16:34:41 7CBE02A02B5A7F377B2E19D42B57D6ED 43008 ----a-w- C:\Users\Jeroen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpamcunz.dll
      ====== Java Cache =====
      ====== C:\WINDOWS\SysWOW64 =====
      ====== C:\WINDOWS\SysWOW64\drivers =====
      ====== C:\WINDOWS\Sysnative =====
      2015-01-14 16:54:12 29A888F3136B2643E22113B5422B46F9 87040 ----a-w- C:\WINDOWS\Sysnative\TSWbPrxy.exe
      2015-01-08 22:01:06 D5D9ADE778937C4866D9AEBAF1E8FFFE 763912 ------w- C:\WINDOWS\Sysnative\HPDiscoPMC211.dll
      2015-01-02 12:03:18 A7B22A0542D02AB67A0A0D3107DD53F0 275080 ------w- C:\WINDOWS\Sysnative\MpSigStub.exe
      ====== C:\WINDOWS\Sysnative\drivers =====
      2015-01-13 18:06:05 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
      2015-01-13 18:03:20 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys
      2015-01-13 18:03:20 9D7BFFDB5FA62B600DF1FCB4919D9D79 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys
      2015-01-13 18:03:20 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
      2015-01-02 14:19:26 BAF08BEEC204D01E6CDB47F2BCD4A5DD 52000 ----a-w- C:\WINDOWS\Sysnative\drivers\avgtpx64.sys
      2014-12-27 13:44:52 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
      2014-12-27 13:36:15 8DF1254093B5C354CE725EB6B9B0DE19 146752 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys
      2014-12-27 13:14:33 7A1A3F213CDB3363D179D5014272025D 402432 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
      2014-12-27 13:14:32 674A4702E4E144E8710ED1A2EC6DD049 96768 ----a-w- C:\WINDOWS\Sysnative\drivers\agilevpn.sys
      2014-12-27 13:14:31 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\WINDOWS\Sysnative\drivers\vwifimp.sys
      2014-12-27 13:14:30 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\WINDOWS\Sysnative\drivers\vwififlt.sys
      2014-12-27 13:13:56 D537815E450A149752C15868392AD1F3 110592 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFPf.sys
      2014-12-27 13:13:56 7CCBBCEE408A5DBE3FE47297DB5A6CFC 227840 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFRd.sys
      2014-12-24 14:51:16 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_SynTP_01009.Wdf
      2014-12-24 14:50:56 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
      2014-12-24 14:44:58 B02118A776C368F7EE1A8CC81378D265 153920 -c--a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys
      2014-12-24 14:44:58 A770340FC02B999EF0DE6C2A6BC8437C 39744 -c--a-w- C:\WINDOWS\Sysnative\drivers\intelpep.sys
      2014-12-24 14:44:58 7B7C482CF48E6EE33664340D1A78E6FE 238912 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys
      2014-12-24 14:44:58 24A8DFC07E4BAF29AEA26E383D4CC886 86336 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys
      2014-12-24 14:44:19 DE8D12B4C3F55FA2C5E9774314F6C58A 258368 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys
      2014-12-24 14:44:19 4AD874CDC812EC156265E451B6B09DAB 114496 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys
      2014-12-24 14:44:19 0359607177E5E9F6041136CC0A5CB0B6 35320 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys
      2014-12-24 14:44:02 9F08A6608F98B5407E7DDBCF306573EF 27456 ----a-w- C:\WINDOWS\Sysnative\drivers\rdpvideominiport.sys
      2014-12-24 14:44:02 6D2EE96150E35B9EA49F2B481DE0369A 177472 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
      2014-12-24 14:44:02 4E1207CE16E615B0B7A70DC889F4500E 563976 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys
      2014-12-24 14:41:22 E3FCE2A6B3533D99A3B498504DF9CC47 474432 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys
      2014-12-24 14:41:22 CCB3A2BB60FE5073F2DEA63FE83CF8FE 2497344 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys
      2014-12-24 14:41:22 7F23E38C5B6448F91439E4066645191E 428864 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
      2014-12-24 14:41:22 66732C13628BDB1AB0D6FD46027327C2 148800 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
      ====== C:\WINDOWS\Tasks ======
      2014-12-24 14:51:16 D213C0D49B2CE7BA18519B13FDE78E0E 264 ----a-w- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
      2014-12-19 20:11:05 FB6A6977307118F479810711BC1DBBF7 940 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
      2014-12-19 20:11:05 317B85E0D83BC8AF9B96DFAA3D276014 3828 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater
      2014-12-19 20:05:46 AD30C18B67359BCEA0BF5310B9673C10 4052 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA
      2014-12-19 20:05:46 2E64F21945CAFAD1E6BF609EFE962023 1080 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
      2014-12-19 20:05:45 8000067B5141536ADCCCDF66FB564381 3816 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore
      2014-12-19 20:05:45 6E0EEF5695917C3C14A6A383573ABAAB 1076 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
      2014-12-19 19:57:09 E573880D9107C568F45A6E4BB98CA0C4 3598 ----a-w- C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-910002748-4114560501-3979713832-1002
      ====== C:\WINDOWS\Temp ======
      ======= C:\Program Files =====
      2015-01-13 18:52:57 -------- d-----w- C:\Program Files\Lavasoft
      2015-01-13 18:52:11 -------- d-----w- C:\Program Files\Common Files\Lavasoft
      2015-01-08 22:00:54 -------- d-----w- C:\Program Files\HP
      2014-12-25 12:54:13 -------- d-----w- C:\Program Files\Common Files\Atheros
      2014-12-24 14:51:20 -------- d-----w- C:\Program Files\NVIDIA Corporation
      2014-12-24 14:50:55 -------- d-----w- C:\Program Files\Synaptics
      2014-12-24 14:50:46 -------- d-----w- C:\Program Files\Realtek
      2014-12-24 14:37:21 -------- d-----w- C:\Program Files\Reference Assemblies
      2014-12-24 14:37:21 -------- d-----w- C:\Program Files\MSBuild
      2014-12-21 11:52:16 -------- d-----w- C:\Program Files\Common Files\DESIGNER
      2014-12-21 11:51:48 -------- d-----w- C:\Program Files\Microsoft.NET
      2014-12-21 11:50:34 -------- d-----w- C:\Program Files\Microsoft SQL Server
      2014-12-21 11:48:14 -------- d-----w- C:\Program Files\Microsoft Analysis Services
      2014-12-21 11:48:05 -------- d-----w- C:\Program Files\Microsoft Office
      2014-12-20 20:36:40 -------- d-----w- C:\Program Files\Sony
      2014-12-20 15:47:09 -------- d-----w- C:\Program Files\MPC-HC
      ======= C:\PROGRA~2 =====
      2015-01-08 22:00:54 -------- d-----w- C:\PROGRA~2\HP
      2015-01-02 14:19:18 -------- d-----w- C:\PROGRA~2\AVG Web TuneUp
      2015-01-02 12:14:28 -------- d-----w- C:\PROGRA~2\AVG
      2014-12-24 14:52:42 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation
      2014-12-24 14:37:22 -------- d-----w- C:\PROGRA~2\Reference Assemblies
      2014-12-24 14:37:22 -------- d-----w- C:\PROGRA~2\MSBuild
      2014-12-21 11:51:49 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server
      2014-12-21 11:48:14 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services
      2014-12-20 20:36:41 -------- d-----w- C:\PROGRA~2\Sony
      2014-12-19 20:05:41 -------- d-----w- C:\PROGRA~2\Google
      2014-12-19 19:56:45 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service
      ======= C: =====
      ====== C:\Users\Jeroen\AppData\Roaming ======
      2015-01-13 18:54:23 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\LavasoftStatistics
      2015-01-13 18:52:40 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Lavasoft
      2015-01-08 21:58:17 -------- d-----w- C:\Users\Jeroen\AppData\Local\HP
      2015-01-02 21:32:26 -------- d-----w- C:\Users\Jeroen\AppData\Local\Popcorn-Time
      2015-01-02 21:13:32 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
      2015-01-02 21:13:06 -------- d-----w- C:\Users\Jeroen\AppData\Local\Popcorn Time
      2015-01-02 19:02:02 9596CA4CA7B6FE30F5349340BC9C5305 43632 ----a-w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\prvlcl.dat
      2015-01-02 14:19:07 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft
      2015-01-02 12:15:59 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\AVG2015
      2015-01-02 12:15:48 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015
      2015-01-02 12:15:26 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg2015
      2015-01-02 12:15:26 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\TuneUp Software
      2015-01-02 12:14:28 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg2015
      2015-01-02 12:11:13 -------- d-----w- C:\Users\Jeroen\AppData\Local\Avg2015
      2015-01-02 12:03:21 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Locallow\Microsoft
      2014-12-27 13:47:19 -------- d-----w- C:\Users\Jeroen\AppData\Local\Spotify
      2014-12-27 13:46:58 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Spotify
      2014-12-27 13:44:54 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Microsoft
      2014-12-25 12:49:10 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Identities
      2014-12-24 15:17:08 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft
      2014-12-24 15:16:37 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe
      2014-12-24 15:04:40 -------- d-----w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
      2014-12-24 15:04:40 -------- d-----w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
      2014-12-24 14:59:45 -------- d-s---w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft
      2014-12-24 14:59:45 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
      2014-12-24 14:59:45 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp
      2014-12-24 14:59:45 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft
      2014-12-24 14:59:45 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
      2014-12-24 14:59:45 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
      2014-12-24 14:59:45 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
      2014-12-24 14:59:43 -------- d-s---w- C:\Users\Jeroen\AppData\Roaming\Microsoft
      2014-12-24 14:59:43 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
      2014-12-24 14:59:43 -------- d-----w- C:\Users\Jeroen\AppData\Local\Temp
      2014-12-24 14:59:43 -------- d-----w- C:\Users\Jeroen\AppData\Local\Microsoft
      2014-12-24 14:59:43 -------- d-----r- C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
      2014-12-24 14:59:43 -------- d-----r- C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
      2014-12-24 14:59:43 -------- d-----r- C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
      2014-12-24 14:52:04 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
      2014-12-24 14:39:31 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft
      2014-12-22 20:15:54 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
      2014-12-22 20:13:26 50CC804A19444C47D832642971E684BA 425 ----a-w- C:\Users\Jeroen\AppData\Local\UserProducts.xml
      2014-12-22 20:13:08 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Dropbox
      2014-12-22 00:01:42 8AF8C5702A44B51BC81B198CAADE3ED4 153712 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
      2014-12-21 11:48:07 -------- d-----w- C:\Users\Jeroen\AppData\Local\Microsoft Help
      2014-12-21 11:45:02 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\NVIDIA
      2014-12-20 20:36:41 -------- d-----w- C:\Users\Jeroen\AppData\Local\Sony
      2014-12-20 20:26:49 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Sony
      2014-12-20 15:56:15 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\MPC-HC
      2014-12-20 15:46:14 -------- d-----w- C:\Users\Jeroen\AppData\Local\Programs
      2014-12-20 15:33:26 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\uTorrent
      2014-12-19 20:12:05 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Transformice
      2014-12-19 20:11:06 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baffler
      2014-12-19 20:10:46 -------- d-----w- C:\Users\Jeroen\AppData\Local\Apps
      2014-12-19 20:05:37 -------- d-----w- C:\Users\Jeroen\AppData\Local\Google
      2014-12-19 19:56:51 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Mozilla
      2014-12-19 19:56:51 -------- d-----w- C:\Users\Jeroen\AppData\Local\Mozilla
      2014-12-19 19:54:34 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\PnrpSqm
      2014-12-19 19:52:32 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
      2014-12-19 19:51:59 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Intel Corporation
      2014-12-19 19:51:07 -------- d-----w- C:\Users\Jeroen\AppData\Local\BMExplorer
      2014-12-19 19:50:52 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Atheros
      2014-12-19 19:50:02 -------- d-----r- C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
      2014-12-19 19:50:02 -------- d-----r- C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
      2014-12-19 19:49:25 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Adobe
      2014-12-19 19:48:51 -------- d-----w- C:\Users\Jeroen\AppData\Local\VirtualStore
      2014-12-19 19:48:40 -------- d-s---w- C:\Users\Jeroen\AppData\Locallow\Microsoft
      2014-12-19 19:48:40 -------- d-----w- C:\Users\Jeroen\AppData\Local\Packages
      2014-12-19 19:46:49 -------- d-----w- C:\Users\Jeroen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
      ====== C:\Users\Jeroen ======
      2015-01-13 18:54:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
      2015-01-13 18:51:40 -------- d-----w- C:\ProgramData\Lavasoft
      2015-01-13 18:50:48 86030A018A5996EEC88B166AFB84B81B 1924232 ----a-w- C:\Users\Jeroen\Downloads\Adaware_Installer.exe
      2015-01-13 18:01:17 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Jeroen\Downloads\mbam-setup-2.0.4.1028.exe
      2015-01-08 22:01:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
      2015-01-08 22:00:55 -------- d-----w- C:\ProgramData\HP
      2015-01-08 21:59:12 B110D9C63250C460898888382784BFE2 57 ----a-w- C:\ProgramData\Ament.ini
      2015-01-02 20:41:31 0BE2DB178BB610ABA2599F00130DF6A6 23187344 ----a-w- C:\Users\Jeroen\Downloads\Popcorn-Time-0.3.6-e28da6a68-Win-Signed-Setup.exe
      2015-01-02 12:15:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
      2015-01-02 12:14:58 -------- d-----w- C:\ProgramData\AVG2015
      2015-01-02 12:11:13 -------- d--h--w- C:\ProgramData\Common Files
      2014-12-25 12:53:33 -------- d---a-r- C:\Users\Jeroen\OneDrive
      2014-12-25 12:48:57 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Jeroen\ntuser.ini
      2014-12-24 14:59:45 -------- d--h--w- C:\Users\UpdatusUser\AppData
      2014-12-24 14:59:45 -------- d-----r- C:\Users\UpdatusUser\Desktop
      2014-12-24 14:59:43 -------- d--h--w- C:\Users\Jeroen\AppData
      2014-12-24 14:59:43 -------- d-----r- C:\Users\Jeroen\Favorites
      2014-12-24 14:59:43 -------- d-----r- C:\Users\Jeroen\Documents
      2014-12-24 14:59:43 -------- d-----r- C:\Users\Jeroen\Desktop
      2014-12-24 14:52:28 -------- d-----w- C:\ProgramData\NVIDIA
      2014-12-24 14:51:30 -------- d-----w- C:\ProgramData\NVIDIA Corporation
      2014-12-23 09:41:44 -------- d-----w- C:\ProgramData\Energy Management
      2014-12-22 20:16:58 -------- d-----r- C:\Users\Jeroen\Dropbox
      2014-12-22 20:13:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
      2014-12-21 11:52:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
      2014-12-21 11:48:02 -------- d-----w- C:\ProgramData\Microsoft Help
      2014-12-20 20:36:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
      2014-12-20 20:36:41 -------- d-----w- C:\ProgramData\Sony
      2014-12-19 20:06:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
      2014-12-19 19:56:45 -------- d-----w- C:\ProgramData\Mozilla
      2014-12-19 19:50:55 -------- d-----w- C:\ProgramData\Atheros
      2014-12-19 19:50:02 -------- d-----r- C:\Users\Jeroen\Searches
      2014-12-19 19:49:31 -------- d-----r- C:\Users\Jeroen\Contacts
      2014-12-19 19:46:49 -------- d-----r- C:\Users\Jeroen\Videos
      2014-12-19 19:46:49 -------- d-----r- C:\Users\Jeroen\Saved Games
      2014-12-19 19:46:49 -------- d-----r- C:\Users\Jeroen\Pictures
      2014-12-19 19:46:49 -------- d-----r- C:\Users\Jeroen\Music
      2014-12-19 19:46:49 -------- d-----r- C:\Users\Jeroen\Links
      2014-12-19 19:46:49 -------- d-----r- C:\Users\Jeroen\Downloads
      2014-12-16 18:46:15 -------- d--h--r- C:\Users\Public\AccountPictures

      ====== C: exe-files ==
      2015-01-14 21:27:51 9E587AFE2AD4873C809F1E0C598AB435 114800 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe
      2015-01-14 16:54:12 29A888F3136B2643E22113B5422B46F9 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
      2015-01-13 18:51:36 DE03EB9ADA0AF736C30361C6CC233C12 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-910002748-4114560501-3979713832-1002\$I4VAPMF.exe
      2015-01-13 18:51:29 86030A018A5996EEC88B166AFB84B81B 1924232 ----a-w- C:\$Recycle.Bin\S-1-5-21-910002748-4114560501-3979713832-1002\$R4VAPMF.exe
      2015-01-13 18:50:48 86030A018A5996EEC88B166AFB84B81B 1924232 ----a-w- C:\Users\Jeroen\Downloads\Adaware_Installer.exe
      2015-01-13 18:01:17 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Jeroen\Downloads\mbam-setup-2.0.4.1028.exe
      === C: other files ==
      2015-01-14 18:05:18 106169FF673860574D9CB97B1D929956 192 ----a-w- C:\Users\Jeroen\AppData\Local\Temp\my_favorites.addic7ed.zip
      2015-01-13 18:06:05 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
      2015-01-13 18:03:20 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
      2015-01-13 18:03:20 9D7BFFDB5FA62B600DF1FCB4919D9D79 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
      2015-01-13 18:03:20 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys

      ==== Folders in C:\PROGRA~3 0-6 Months Old ======================

      2014-12-19 19:50:55 -------- d-----w- C:\PROGRA~3\Atheros
      2014-12-19 19:56:45 -------- d-----w- C:\PROGRA~3\Mozilla
      2014-12-19 20:11:08 -------- d-----w- C:\PROGRA~3\McAfee Security Scan
      2014-12-20 20:36:41 -------- d-----w- C:\PROGRA~3\Sony
      2014-12-21 11:48:02 -------- d-----w- C:\PROGRA~3\Microsoft Help
      2014-12-23 09:41:44 -------- d-----w- C:\PROGRA~3\Energy Management
      2014-12-24 14:51:30 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
      2014-12-24 14:52:28 -------- d-----w- C:\PROGRA~3\NVIDIA
      2014-12-24 15:17:27 -------- d-sh--we C:\PROGRA~3\Bureaublad
      2014-12-24 15:17:27 -------- d-sh--we C:\PROGRA~3\Documenten
      2014-12-24 15:17:27 -------- d-sh--we C:\PROGRA~3\Menu Start
      2014-12-24 15:17:27 -------- d-sh--we C:\PROGRA~3\Sjablonen
      2015-01-02 12:11:13 -------- d-----w- C:\PROGRA~3\MFAData
      2015-01-02 12:11:13 -------- d--h--w- C:\PROGRA~3\Common Files
      2015-01-02 12:14:58 -------- d-----w- C:\PROGRA~3\AVG2015
      2015-01-08 22:00:55 -------- d-----w- C:\PROGRA~3\HP
      2015-01-13 18:03:20 -------- d-----w- C:\PROGRA~3\Malwarebytes
      2015-01-13 18:51:40 -------- d-----w- C:\PROGRA~3\Lavasoft

      ==== Firefox Start and Search pages ======================

      ProfilePath: C:\Users\Jeroen\AppData\Roaming\Mozilla\Firefox\Profiles\5z82rjyw.default
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.search.defaultenginename.US", "Google");
      user_pref("browser.search.selectedEngine", "AVG Secure Search");

      ==== Firefox Extensions Registry ======================

      [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
      "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04-04-2014 11:36]

      ==== Firefox Extensions ======================

      ProfilePath: C:\Users\Jeroen\AppData\Roaming\Mozilla\Firefox\Profiles\5z82rjyw.default
      - AVG Web TuneUp - %ProfilePath%\extensions\[email protected]
      - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

      AppDir: C:\Program Files (x86)\Mozilla Firefox
      - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      ==== Firefox Plugins ======================

      Profilepath: C:\Users\Jeroen\AppData\Roaming\Mozilla\Firefox\Profiles\5z82rjyw.default
      8560995C727974F27F2A1CE68909FEB9 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll - Shockwave Flash


      ==== Deleted Firefox Extensions ======================

      C:\Users\Jeroen\AppData\Roaming\Mozilla\Firefox\Profiles\5z82rjyw.default\extensions\[email protected] deleted

      ==== Chromium Look ======================

      Google Chrome Version: 39.0.2171.95 (Possible outdated, latest Stable version: 39.0.2171.99)

      HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
      bopakagnckmlgajfccecajhnimjiiedh - No path found

      Google Slides - Jeroen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
      Google Docs - Jeroen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
      Google Drive - Jeroen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
      YouTube - Jeroen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      Google Search - Jeroen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      Google Sheets - Jeroen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
      Google Wallet - Jeroen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
      Gmail - Jeroen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ==== Set IE to Default ======================

      Old Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://lenovo13.msn.com"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{045AB162-8BC3-4F2F-A4E6-89FF7026BCF4}"

      New Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://lenovo13.msn.com"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

      ==== All HKCU SearchScopes ======================

      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
      {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
      {045AB162-8BC3-4F2F-A4E6-89FF7026BCF4} Unknown Url="Not_Found"
      {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

      ==== Deleting CLSID Registry Keys ======================

      HKEY_USERS\S-1-5-21-910002748-4114560501-3979713832-1002\Software\Microsoft\Internet Explorer\SearchScopes\{045AB162-8BC3-4F2F-A4E6-89FF7026BCF4} deleted successfully

      ==== Deleting CLSID Registry Values ======================


      ==== Deleting Registry Keys ======================

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2930C5A7A643BC408B07549094935DB deleted successfully
      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A5C0392D-46A7-4CB3-800B-5794909453BD} deleted successfully
      HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2930C5A7A643BC408B07549094935DB deleted successfully

      ==== Empty IE Cache ======================

      C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Jeroen\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Users\Jeroen\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

      ==== Empty FireFox Cache ======================

      C:\Users\Jeroen\AppData\Local\Mozilla\Firefox\Profiles\5z82rjyw.default\cache2 emptied successfully

      ==== Empty Chrome Cache ======================

      C:\Users\Jeroen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

      ==== Empty All Flash Cache ======================

      Flash Cache Emptied Successfully

      ==== Empty All Java Cache ======================

      No Java Cache Found

      ==== C:\zoek_backup content ======================

      C:\zoek_backup (files=469 folders=154 118874357 bytes)

      ==== Empty Temp Folders ======================

      C:\Users\Default\AppData\Local\Temp emptied successfully
      C:\Users\Default User\AppData\Local\Temp emptied successfully
      C:\Users\Jeroen\AppData\Local\Temp will be emptied at reboot
      C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
      C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
      C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
      C:\WINDOWS\Temp will be emptied at reboot

      ==== After Reboot ======================

      ==== Empty Temp Folders ======================

      C:\WINDOWS\Temp successfully emptied
      C:\Users\Jeroen\AppData\Local\Temp successfully emptied

      ==== Empty Recycle Bin ======================

      C:\$RECYCLE.BIN successfully emptied

      ==== Deleting Files / Folders ======================

      "C:\PROGRA~2\AVG Web TuneUp" not found

      ==== EOF on wo 14-01-2015 at 22:39:52,69 ======================

      Comment


      • #4
        Gaat weer goed nu toch >?

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Ja volgens mij wel

          Comment


          • #6
            Download Delfix by Xplode naar het bureaublad.

            KLIK HIER voor een vergroting!
            (Klik bovenstaande afbeelding aan voor een vergroting!)

            Dubbelklik op Delfix.exe om de tool te starten.
            Zet nu vinkjes voor de volgende items:
            • Remove disinfection tools
            • Purge System Restore
            • Reset system settings

            Klik nu op "Run" en wacht geduldig tot de tool gereed is.
            Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Bedankt

              Comment

              Sorry, you are not authorized to view this page
              Working...
              X