Melding bij het opstarten

Voor ik begin; ik ben een computerleek wat betreft foutmeldingen en dergelijke. Misschien is dit niks, maar dit stoort me enorm. Telkens ik m'n laptop opstart krijg ik volgende melding:

Wat kan ik hieraan doen ?

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

Ik krijg het logje niet gepost, telkens word ik naar een blanco pagina geleid. Hier is de download link; Zippyshare.com - Log.txt

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.

5 december 2013 aangepast door clarkie

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
 {7F6AFBF1-E065-4627-A2FD-810366367D01};c
 C:\Users\Jonas\AppData\Roaming\DefaultTab;fs
 {d77aa852-def3-43cb-a3f5-bd679de72f32};c
 C:\Program Files (x86)\lucky leap;fs
 {95B7759C-8C7F-4BF1-B163-73684A933233};c
 C:\Program Files (x86)\AVG SafeGuard toolbar;fs
 SearchProtectAll;s
 C:\Program Files (x86)\SearchProtect;fs
 SearchProtect;s
 C:\Users\Jonas\AppData\Roaming\SearchProtect;fs
 C:\Program Files (x86)\MyPC Backup;fs
 CltMngSvc;s
 DefaultTabUpdate;s
 Update lucky leap;s
 Util lucky leap;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d77aa852-def3-43cb-a3f5-bd679de72f32}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar];r64
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "SearchProtect"=-;r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 "SearchProtectAll"=-;r64
 C:\ProgramData\Conduit;fs
 C:\Program Files (x86)\pazera-software;fs
 C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69;fs
  emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

Zoek.exe Version 4.0.0.5 Updated 05-December-2013

Tool run by Jonas on za 07/12/2013 at 8:35:13,41.

Microsoft Windows 8 6.2.9200 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Jonas\Downloads\zoek\zoek.com [script inserted] [Checkboxes used]

==== System Restore Info ======================

7/12/2013 8:37:05 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully

C:\Program Files\log deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\Users\Jonas\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3242234490-1136771567-420685120-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-3242234490-1136771567-420685120-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-3242234490-1136771567-420685120-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d77aa852-def3-43cb-a3f5-bd679de72f32} deleted successfully

HKEY_USERS\S-1-5-21-3242234490-1136771567-420685120-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-3242234490-1136771567-420685120-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-3242234490-1136771567-420685120-1002\Software\Microsoft\Internet Explorer\SearchScopes\{01A76E85-ECC1-4DB0-84B8-9951499667B2} deleted successfully

HKEY_USERS\S-1-5-21-3242234490-1136771567-420685120-1002\Software\Microsoft\Internet Explorer\SearchScopes\{A8CAF5A7-ED54-4DD6-BA23-5564DACA0DBE} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d77aa852-def3-43cb-a3f5-bd679de72f32}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"SearchProtect"=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"SearchProtectAll"=-

==== Deleting Files \ Folders ======================

C:\Users\Jonas\AppData\Roaming\DefaultTab not found

C:\Program Files (x86)\lucky leap not found

C:\Program Files (x86)\AVG SafeGuard toolbar not found

C:\Program Files (x86)\SearchProtect deleted

C:\Program Files (x86)\MyPC Backup deleted

C:\ProgramData\Conduit deleted

C:\Program Files (x86)\pazera-software deleted

C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 deleted

C:\PROGRA~2\Optimizer Pro deleted

C:\PROGRA~2\Conduit deleted

C:\Users\Jonas\AppData\Local\CRE deleted

C:\Users\Jonas\AppData\Local\NativeMessaging deleted

C:\Users\Jonas\AppData\Local\Bundled software uninstaller deleted

C:\Users\Jonas\AppData\Local\Conduit deleted

C:\windows\SysNative\Tasks\BackgroundContainer Startup Task deleted

C:\Users\Jonas\AppData\LocalLow\Conduit deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted

C:\END deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin\ChromeModule.dll" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin\cltmng.exe" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin\rep.dat" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin\ChromeModule.dll" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin\cltmng.exe" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin\rep.dat" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin" deleted

"C:\Users\Jonas\AppData\Roaming\SearchProtect\bin" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Jonas\AppData\Local\Temp ====

2013-12-05 17:27:39 EF1F9E91FACE90F9EB1FF4E490ED59E1 1854128 ----a-w- C:\Users\Jonas\AppData\Local\Temp\UNINSTALL.EXE

2013-11-29 21:46:51 23C1E4FAB1F3FEC848BD3BE96E303F00 17187328 ----a-w- C:\Users\Jonas\AppData\Local\Temp\BeidMW.msi

2013-11-29 21:46:51 0ADD9ADA47F614C1DCFDF3A204E8FC56 18927104 ----a-w- C:\Users\Jonas\AppData\Local\Temp\BeidMW64.msi

2013-11-23 12:55:09 975993043E355206A1FBA5A702044F0C 5178144 ----a-w- C:\Users\Jonas\AppData\Local\Temp\tbConn.dll

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-11-29 21:42:14 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf

2013-11-20 20:54:51 F554291C0A11F5B713B54C5886D4AA31 12613408 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys

2013-11-20 20:54:51 3F403A74349FCE04DF8D7BE24E6A02BD 32544 ----a-w- C:\Windows\Sysnative\drivers\nvpciflt.sys

2013-11-15 11:21:59 E6AF4DF1817953D73C519B17CF849756 1455448 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

2013-11-15 11:21:59 E5F7328B1D29BCE791862CD3C0DD382A 447320 ----a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS

2013-11-15 11:21:59 9110193D93960E38B8692E4519C75D72 285016 ----a-w- C:\Windows\Sysnative\drivers\spaceport.sys

2013-11-15 11:21:59 24928B55AE74ACD3BBCB355ED580AE3C 288768 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys

2013-11-13 10:13:08 7C0E0EDF18D6CC565D7BFBB451709FA5 576512 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-11-13 10:13:07 44BB9C31E6242C4BD1CE7C2B440C2533 96600 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-12-05 16:30:04 -------- d-----w- C:\Program Files\trend micro

2013-11-12 10:50:52 -------- d-----w- C:\Program Files\iTunes

2013-11-12 10:50:52 -------- d-----w- C:\Program Files\iPod

2013-11-09 14:30:56 -------- d-----w- C:\Program Files\VSTPlugIns

2013-11-09 14:30:56 -------- d-----w- C:\Program Files\Common Files\VST3

======= C:\PROGRA~2 =====

2013-11-29 21:47:14 -------- d-----w- C:\PROGRA~2\Belgium Identity Card

2013-11-14 10:10:27 -------- d-----w- C:\PROGRA~2\Novation

2013-11-12 10:50:52 -------- d-----w- C:\PROGRA~2\iTunes

2013-11-09 14:30:56 -------- d-----w- C:\PROGRA~2\Uninstall Information

2013-11-09 14:30:56 -------- d-----w- C:\PROGRA~2\COMMON~1\VST3

======= C: =====

====== C:\Users\Jonas\AppData\Roaming ======

2013-11-13 10:51:06 -------- d-----w- C:\Users\Jonas\AppData\Local\NVIDIA Corporation

====== C:\Users\Jonas ======

2013-12-05 16:29:57 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Jonas\Downloads\RSITx64.exe

2013-11-29 21:47:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID

2013-11-14 10:14:12 -------- d-----w- C:\ProgramData\Focusrite

2013-11-12 10:50:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2013-11-09 14:30:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Novation

====== C: exe-files ==

2013-12-07 07:33:27 2617F1E9A788592FCC5372D75793FEFA 2895160 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000560a\dao.17429581.exe

2013-12-05 17:27:39 EF1F9E91FACE90F9EB1FF4E490ED59E1 1854128 ----a-w- C:\Users\Jonas\AppData\Local\Temp\UNINSTALL.EXE

2013-12-05 16:30:04 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Jonas.exe

2013-12-05 16:29:57 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Jonas\Downloads\RSITx64.exe

2013-12-05 16:05:41 07E9F997CD7F384421B7052724D5F9E0 2862248 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00005602\dao.17412379.exe

2013-11-30 11:34:28 1968746D067A913ECDCF9F5154FA36AB 2861864 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000055e8\dao.17377842.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3242234490-1136771567-420685120-1002\Software\Microsoft\Windows\CurrentVersion\Run]

"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"

"Facebook Update"="C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"GoogleChromeAutoLaunch_7F41DE71C33EFD8EC5D292FBB70B0F95"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60"

"THX Audio Control Panel"="C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe /r"

"UpdReg"="C:\Windows\UpdReg.EXE"

"Super-Charger"="C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"

"VGAOCAP"="C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe"

"KLM"="C:\Program Files (x86)\MSI\KLM\KLM.exe"

"AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"

"S-Bar"="%PROGRAMFILES%\S-Bar\S-Bar.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"

"Facebook Update"="C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"GoogleChromeAutoLaunch_7F41DE71C33EFD8EC5D292FBB70B0F95"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll,C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp"

"THXCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64"

"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"

"Radio Manager"="C:\Program Files (x86)\SCM\Radio Manager.exe"

"SCM"="C:\Program Files (x86)\SCM\SCM.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Folders ======================

2012-11-28 19:12:45 2278 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3242234490-1136771567-420685120-1002Core.job --a-------- C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe [07/09/2013 10:22]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3242234490-1136771567-420685120-1002UA.job --a-------- C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe [07/09/2013 10:22]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/07/2013 10:45]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/07/2013 10:45]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3242234490-1136771567-420685120-1002Core" [C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3242234490-1136771567-420685120-1002UA" [C:\Users\Jonas\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx[16/05/2013 18:41]

hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx[16/05/2013 18:41]

hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx[16/05/2013 18:41]

jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx[16/05/2013 18:38]

lipgolpfajiadodbcbljdpmbmbdmfcil - C:\Users\Jonas\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx[]

pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx[16/05/2013 18:41]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

lipgolpfajiadodbcbljdpmbmbdmfcil - C:\Users\Jonas\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx[]

Google Docs - Jonas - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Jonas - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Jonas - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Jonas - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Kaspersky URL Advisor - Jonas - Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj

AdBlock - Jonas - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Safe Money - Jonas - Default\Extensions\hakdifolhalapjijoafobooafbilfakh

Content Blocker - Jonas - Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail

Windows Media Player Extension for HTML5 - Jonas - Default\Extensions\hokdglbhghcebcopdbanieangmcamaak

Virtual Keyboard - Jonas - Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh

Top Eleven - Jonas - Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn

Google Wallet - Jonas - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Jonas - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Anti-Banner - Jonas - Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman

DefaultTab - C:\Windows\sysWoW64\config\systemprofile - Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

==== Chrome Fix ======================

C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully

C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully

C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage deleted successfully

C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage-journal deleted successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.conduit.com/?ctid=CT3306061&octid=CT3306061&SearchSource=61&CUI=UN34863936403170211&UM=2&UP=SP6238BB39-F09A-4AB7-869C-BAE06A33BB0F"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{A8CAF5A7-ED54-4DD6-BA23-5564DACA0DBE}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A8CAF5A7-ED54-4DD6-BA23-5564DACA0DBE}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{BF528DCA-F2D0-4875-82B1-F932316F5B5D} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3242234490-1136771567-420685120-1002\Software\Microsoft\Internet Explorer\SearchScopes\{BF528DCA-F2D0-4875-82B1-F932316F5B5D} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20H7OADM will be deleted at reboot

C:\Users\Jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GMV3RHD will be deleted at reboot

C:\Users\Jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OFHMVJN5 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Jonas\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Jonas\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20H7OADM" not found

"C:\Users\Jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GMV3RHD" not found

"C:\Users\Jonas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OFHMVJN5" not found

==== EOF on za 07/12/2013 at 8:52:32,87 ======================

En komt de foutmelding nu nog opdagen bij het opstarten ?

Nee, het komt er niet meer op, bedankt! Al snap ik niet wat ik precies heb gedaan door enkel logjes te posten.. xD Werkt deze methode trouwens bij de meeste dingen ?

Nee, het komt er niet meer op, bedankt! Al snap ik niet wat ik precies heb gedaan door enkel logjes te posten.. xD Werkt deze methode trouwens bij de meeste dingen ?

Uitstekend resultaat, dus ... en dit enkel door het posten van logjes, dat zou handig zijn. Maar je hebt ondertussen via zoek.exe ook wel enkele handelingen gedaan waarmee de malware werd verwijderd. Zo simpel was het nu ook weer niet

En werkt deze methode bij de meeste dingen ? Bij de meest gangbare besmettingen werkt deze methode wel degelijk. Maar ... het is er eentje die je absoluut niet op eigen houtje mag doen, maar enkel onder begeleiding van ervaren malwarehelpers. De logjes maken is één ding, de logjes (en de fouten erin) analyseren is nog iets anders.

Om de zaak volledig op te lossen, mag je nu de gebruikte tools en de restjes van de besmettingen nog opruimen.

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Alles is probleemloos verlopen. Google Chrome was al mijn standaard browser, en CCleaner had ik ook al staan. Toch nog 1 vraagje; als ik schijnbaar met malware zat, hoe komt het dan dat mijn anti-virus het niet aangaf tijdens het scannen ? Ik gebruik een betaalde, legale versie van Kaspersky Internet Security 2013.