Politievirus Windows Vista

[Stroekes]

Normaal opstarten lukt inderdaad, bedankt!

[Stroekes]

Ik heb ondertussen hitmanpro laten lopen, hier volgt het logbestand:

HitmanPro 3.7.7.205
www.hitmanpro.com


  Computer name . . . . : PC_VAN_MICHIEL
  Windows . . . . . . . : 6.0.0.6000.X86/2
  User name . . . . . . : PC_van_Michiel\Michiel
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Trial (30 days left)


  Scan date . . . . . . : 2013-09-26 19:58:50
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 3m 29s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : Yes


  Threats . . . . . . . : 17
  Traces  . . . . . . . : 112


  Objects scanned . . . : 1.173.298
  Files scanned . . . . : 8.180
  Remnants scanned  . . : 255.545 files / 909.573 keys


Miniport ____________________________________________________________________


  Primary
     DriverObject . . . : 83C25E40
     DriverName . . . . : \Driver\nvstor32
     DriverPath . . . . : \SystemRoot\system32\DRIVERS\nvstor32.sys
     StartIo  . . . . . : 00000000 +0
     IRP_MJ_SCSI  . . . : 832741E8 +0
  Solution
     DriverObject . . . : 83C25E40
     DriverName . . . . : \Driver\nvstor32
     DriverPath . . . . : \SystemRoot\system32\DRIVERS\nvstor32.sys
     StartIo  . . . . . : 00000000 +0
     IRP_MJ_SCSI  . . . : 80688D0C \SystemRoot\system32\drivers\storport.sys+15628


Malware _____________________________________________________________________


  C:\Users\Michiel\AppData\Local\Temp\bvfvbre -> Deleted
     Size . . . . . . . : 67.072 bytes
     Age  . . . . . . . : 110.9 days (2013-06-07 23:34:35)
     Entropy  . . . . . : 7.5
     SHA-256  . . . . . : EB8F246B24391E466315305F310D7BD23E3C284BFDF1F9C47AAB77D6AAC3CAE0
   > G Data . . . . . . : Trojan.GenericKDZ.21043
   > Ikarus . . . . . . : Win32.SuspectCrc!IK
     Fuzzy  . . . . . . : 118.0


  C:\WGASetup.exe -> Quarantined
     Size . . . . . . . : 36.352 bytes
     Age  . . . . . . . : 722.3 days (2011-10-05 13:34:24)
     Entropy  . . . . . : 6.0
     SHA-256  . . . . . : 5F1E26E0385A27C19F577F23FEAED2131064FA130F36622D19A0D2C72B48029C
   > G Data . . . . . . : Trojan.Generic.1751683 (Engine A)
     Fuzzy  . . . . . . : 106.0




Potential Unwanted Programs _________________________________________________


  HKU\S-1-5-21-2954557990-614029316-2174820816-1000\Software\Softonic\ (Softonic)


Cookies _____________________________________________________________________


  C:\Users\Michiel\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adhese.be
  C:\Users\Michiel\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserving.unibet.com
  C:\Users\Michiel\AppData\Local\Google\Chrome\User Data\Default\Cookies:be.sitestat.com
  C:\Users\Michiel\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
  C:\Users\Michiel\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
  C:\Users\Michiel\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
  C:\Users\Michiel\AppData\Roaming\Microsoft\Windows\Cookies\michiel@ad.yieldmanager[2].txt
  C:\Users\Michiel\AppData\Roaming\Microsoft\Windows\Cookies\michiel@doubleclick[1].txt

[Jion]

Top!

Nu nog de malware verwijderen. ;-)

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• 
  
• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• 
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[Stroekes]

Logfile of random's system information tool 1.09 (written by random/random)

Run by Michiel at 2013-09-26 21:56:36

Microsoft® Windows Vista™ Home Premium

System drive C: has 55 GB (60%) free of 91 GB

Total RAM: 894 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:56:58, on 26/09/2013

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16982)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Users\Michiel\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michiel\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michiel\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michiel\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wuauclt.exe

C:\Users\Michiel\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michiel\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Michiel\Desktop\RSIT.exe

C:\Program Files\trend micro\Michiel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Michiel\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = laptop

O17 - HKLM\Software\..\Telephony: DomainName = laptop

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = laptop

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe

O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--

End of file - 5208 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2954557990-614029316-2174820816-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2954557990-614029316-2174820816-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-12-18 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-12-18 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-11-21 13601312]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-11-21 92704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

"Google Update"=C:\Users\Michiel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-10 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series]

C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series (Kopie 1)]

C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

C:\Users\Michiel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-10 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

C:\Program Files\PowerISO\PWRISOVM.EXE [2011-11-15 312376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

C:\Program Files\Windows Defender\MSASCui.exe [2011-12-11 1006264]

C:\Users\Michiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.4.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-09-26 21:56:36 ----D---- C:\rsit

2013-09-26 21:56:36 ----D---- C:\Program Files\trend micro

2013-09-26 19:51:04 ----ASH---- C:\hiberfil.sys

2013-09-25 21:58:45 ----A---- C:\Windows\system32\LnkProtect.dll

2013-09-25 21:49:59 ----D---- C:\Program Files\HitmanPro

2013-09-25 21:49:09 ----D---- C:\ProgramData\HitmanPro

======List of files/folders modified in the last 1 month======

2013-09-26 21:56:50 ----D---- C:\Windows\Prefetch

2013-09-26 21:56:36 ----RD---- C:\Program Files

2013-09-26 21:56:30 ----D---- C:\Windows\Temp

2013-09-26 21:28:46 ----D---- C:\Windows\System32

2013-09-26 21:28:46 ----D---- C:\Windows\inf

2013-09-26 21:28:46 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-09-26 21:27:03 ----D---- C:\Windows\system32\drivers

2013-09-26 20:06:07 ----D---- C:\Windows\system32\catroot2

2013-09-26 19:34:45 ----A---- C:\Windows\ntbtlog.txt

2013-09-26 16:48:07 ----A---- C:\Users\Michiel\AppData\Roaming\skype.ini

2013-09-25 23:12:50 ----SHD---- C:\System Volume Information

2013-09-25 21:49:09 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-18 428088]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-11 239168]

R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2011-11-15 112096]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]

R3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2008-07-29 904192]

R3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-11-21 7451264]

R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2009-07-30 282144]

R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2011-12-11 82432]

R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]

S3 a624b9pj;a624b9pj; C:\Windows\system32\drivers\a624b9pj.sys []

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]

S3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]

S3 NVENETFD;NVIDIA nForce-netwerkcontroller; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]

S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 387616]

R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2013-09-26 106280]

R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 178720]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-11-21 203296]

S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S4 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]

-----------------EOF-----------------

[Jion]

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java SE 7 en download daar de juiste Java versie naar uw bureaublad, 32 of 64 bit. Voor 32 bit download je Windows x86, voor 64 bit download je Windows x64.

• 
  
• Sluit alle programma's die eventueel open zijn - Zeker je web browser!
  
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  
• Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
  
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  
• Herhaal dit tot alle oudere versies verdwenen zijn.
  
• Na het verwijderen van alle oudere versies, herstart je pc.
  
• Dubbelklik vervolgens op jre-7-windows-x64 / x86 op je Bureaublad om de nieuwste versie van Java te installeren.
  

Download Zoek.zip naar het bureaublad.

• 
  
• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

C:\Users\Michiel\AppData\Roaming\skype.ini;f
C:\Users\Michiel\AppData\Roaming\skype_old.dat;f
autoclean;
startupall; 
filesrcm;

• 
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Stroekes]

Zoek.exe Version 4.0.0.4 Updated 27-September-2013

Tool run by Michiel on wo 02/10/2013 at 9:35:13,69.

Microsoft® Windows Vista™ Home Premium 6.0.6000 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Michiel\Desktop\zoek.exe [script inserted]

==== System Restore Info ======================

2/10/2013 9:36:18 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\Users\Michiel\AppData\Roaming\skype.ini" deleted

"C:\Users\Michiel\AppData\Roaming\skype_old.dat" deleted

"C:\Users\Michiel\AppData\Roaming\skype.ini" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Michiel\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\system32 =====

2013-10-02 07:27:57 AF661355EBAB898EB92D5454AEF93CE0 868264 ----a-w- C:\Windows\System32\npDeployJava1.dll

2013-10-02 07:27:57 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\Windows\System32\javaws.exe

2013-10-02 07:27:20 EC94122E6DCB6E731D8513A89AC9CF12 175016 ----a-w- C:\Windows\System32\javaw.exe

2013-10-02 07:27:20 EC2A0F271C0FD4AD57B137845577F539 175016 ----a-w- C:\Windows\System32\java.exe

2013-10-02 07:27:20 65F0FBCDBBA20FC4B0DADCA922150A99 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

2013-09-26 18:03:16 96D36798E6C3B0FE52F94E7D795AFBDF 650 ----a-w- C:\Windows\System32\.crusader

2013-09-25 19:58:45 6B155402BF20B57F944BFA0B1294C779 135464 ----a-w- C:\Windows\System32\LnkProtect.dll

====== C:\Windows\system32\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-02 07:29:46 -------- d-----w- C:\Program Files\Common Files\Java

2013-10-02 07:26:40 -------- d-----w- C:\Program Files\Java

2013-09-26 19:56:36 -------- d-----w- C:\Program Files\trend micro

2013-09-25 19:49:59 -------- d-----w- C:\Program Files\HitmanPro

======= C: =====

====== C:\Users\Michiel\AppData\Roaming ======

2013-10-02 07:18:22 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Locallow\Sun

====== C:\Users\Michiel ======

2013-10-02 07:33:28 122A32A068A76C220AD47B3C2780407C 1263104 ----a-w- C:\Users\Michiel\Desktop\Z-Analyse.exe

2013-10-02 07:28:23 -------- d-----w- C:\ProgramData\Oracle

2013-10-02 07:27:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2013-10-02 07:23:27 FB3263A6B34EC34E79AF56C0221E6AFA 29036456 ----a-w- C:\Users\Michiel\Downloads\jre-7u40-windows-i586.exe

2013-10-02 07:19:38 4D818D141E46488AAA121DD792D5C8C3 115886080 ----a-w- C:\Users\Michiel\Desktop\jre-7u40-windows-i586.exe

2013-09-26 19:55:56 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Michiel\Desktop\RSIT.exe

2013-09-26 17:17:49 8B968045D75783A09592C3105F2865DA 688992 ----a-w- C:\Users\Michiel\Desktop\dds.com

2013-09-25 19:50:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

2013-09-25 19:49:09 -------- d-----w- C:\ProgramData\HitmanPro

====== C: exe-files ==

2013-10-02 07:33:28 122A32A068A76C220AD47B3C2780407C 1263104 ----a-w- C:\Users\Michiel\Desktop\Z-Analyse.exe

2013-10-02 07:27:57 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\Windows\System32\javaws.exe

2013-10-02 07:27:20 EC94122E6DCB6E731D8513A89AC9CF12 175016 ----a-w- C:\Windows\System32\javaw.exe

2013-10-02 07:27:20 EC2A0F271C0FD4AD57B137845577F539 175016 ----a-w- C:\Windows\System32\java.exe

2013-10-02 07:26:52 33329EE40961C9F75753135EEFEE5215 16296 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe

2013-10-02 07:26:52 20121F1F03EA62AE7DBE20A5C065E62B 146344 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe

2013-10-02 07:26:51 F744671F237351A00580DEBDA7B13C58 15784 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe

2013-10-02 07:26:51 DE16D31DDE767A35C4727D4F5C4F5165 49064 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe

2013-10-02 07:26:51 8B060210811F4C88280BB1FE097C8D18 15784 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe

2013-10-02 07:26:51 85369335B06BA3EF80DBB2463BD75FC6 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe

2013-10-02 07:26:51 79E6E98DD340052FB62E85FC5C0F40B9 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe

2013-10-02 07:26:50 F07B981F68160C8932BD7E2A056E3542 15784 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe

2013-10-02 07:26:50 ED2542D50B46FACB647E9ACE15376F71 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe

2013-10-02 07:26:50 A5937B2A94424CF1B13A4AD503AF6B2E 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe

2013-10-02 07:26:50 8BAE06DA395B81D5BB9D335719B4C71F 15784 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe

2013-10-02 07:26:50 879FBD4327A0411AD856CD256E05ACC8 15784 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe

2013-10-02 07:26:50 46D4A740A9CD31274B372AB31FDAB767 16296 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe

2013-10-02 07:26:50 3F17C8C96551E1DFADAD909282D7A53B 15784 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe

2013-10-02 07:26:50 14478E73336D593E396FEE603118DF73 15784 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe

2013-10-02 07:26:49 FE62A080B6B3846FB18F04B488BF686F 66984 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe

2013-10-02 07:26:49 FB81754A3C79379C3882128875C8C948 48552 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe

2013-10-02 07:26:49 EC94122E6DCB6E731D8513A89AC9CF12 175016 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe

2013-10-02 07:26:49 EC2A0F271C0FD4AD57B137845577F539 175016 ----a-w- C:\Program Files\Java\jre7\bin\java.exe

2013-10-02 07:26:49 ACA17F8E1F9E8891DE15E2527D8D74D0 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe

2013-10-02 07:26:49 20238A6FE9CA82DB6AA17CB08F4906CF 15784 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe

2013-10-02 07:23:27 FB3263A6B34EC34E79AF56C0221E6AFA 29036456 ----a-w- C:\Users\Michiel\Downloads\jre-7u40-windows-i586.exe

2013-10-02 07:19:38 4D818D141E46488AAA121DD792D5C8C3 115886080 ----a-w- C:\Users\Michiel\Desktop\jre-7u40-windows-i586.exe

2013-09-26 19:56:40 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Michiel.exe

2013-09-26 19:55:56 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Michiel\Desktop\RSIT.exe

2013-09-26 18:11:00 EB73E00567789C54C25B69EB9ACCA404 34530656 ----a-w- C:\Users\Michiel\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.76\29.0.1547.76_chrome_installer.exe

2013-09-26 18:05:50 6466C051022547489D3409205128881B 59784 ----atw- C:\Users\Michiel\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateBroker.exe

2013-09-26 18:05:50 1CA3976D1B1FE826ADF339F90AC25C60 59784 ----atw- C:\Users\Michiel\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe

2013-09-26 18:05:49 A6F8D4FBC12177A75AB4C06D059229B6 784664 ----a-w- C:\Users\Michiel\AppData\Local\Google\Update\1.3.21.153\GoogleUpdateSetup.exe

2013-09-26 18:05:43 D9A08472D8D0218A0AE2C9D9F63EA531 290696 ----atw- C:\Users\Michiel\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

2013-09-26 18:05:42 8726802EA4FBFFA3FD54FD2449BF51D4 217992 ----atw- C:\Users\Michiel\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe

2013-09-26 18:05:41 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Michiel\AppData\Local\Google\Update\1.3.21.153\GoogleUpdate.exe

2013-09-26 18:05:38 A6F8D4FBC12177A75AB4C06D059229B6 784664 ----a-w- C:\Users\Michiel\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe

2013-09-26 10:51:10 F5BBA95472F18B6223AC2F3AED397223 106280 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe

2013-09-25 19:50:00 76ADBD909FA0898834BE3A8C0EA76609 9186416 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe

=== C: other files ==

2013-10-02 07:26:52 8C636C988365FC3E61F1B5C5ACECCB55 18675 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip

2013-09-26 17:17:49 8B968045D75783A09592C3105F2865DA 688992 ----a-w- C:\Users\Michiel\Desktop\dds.com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-2954557990-614029316-2174820816-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"Google Update"="C:\Users\Michiel\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"

"NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

"Google Update"="C:\Users\Michiel\AppData\Local\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DAEMON Tools Lite"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON Stylus DX4400 Series]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EPSON Stylus DX4400 Series"

"hkey"="HKCU"

"command"="C:\\Windows\\system32\\spool\\DRIVERS\\W32X86\\3\\E_FATICAE.EXE /FU \"C:\\Windows\\TEMP\\E_SDE7C.tmp\" /EF \"HKCU\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON Stylus DX4400 Series (Kopie 1)]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="EPSON Stylus DX4400 Series (Kopie 1)"

"hkey"="HKCU"

"command"="C:\\Windows\\system32\\spool\\DRIVERS\\W32X86\\3\\E_FATICAE.EXE /FU \"C:\\Windows\\TEMP\\E_SDA67.tmp\" /EF \"HKCU\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Google Update"

"hkey"="HKCU"

"command"="\"C:\\Users\\Michiel\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="GrooveMonitor"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PWRISOVM.EXE"

"hkey"="HKLM"

"command"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE -startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Windows Defender"

"hkey"="HKLM"

"command"="%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ehRecvr]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ehSched]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ehstart]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EPSON_PM_RPCV4_01]

==== Startup Folders ======================

2013-06-03 14:47:34 1028 ----a-w- C:\Users\Michiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2954557990-614029316-2174820816-1000Core.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2954557990-614029316-2174820816-1000UA.job --a------ C:\Users\MiC:hiel\AppData\LoC:al\Google\Update\GoogleUpdate.exe []

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Michiel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Michiel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Michiel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Michiel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Michiel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Michiel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on wo 02/10/2013 at 9:55:24,73 ======================

[Jion]

Ziet er netjes uit.

Merk je verder nog problemen op?

[Stroekes]

Nope, verder werkt alles naar behoren!

[Jion]

Top!

Tijd voor de grote schoonmaak dan:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• 
  
• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Als je verder geen vragen meer hebt, mag je op "Markeer als Opgelost" tokkelen.

[Stroekes]

Alles is in orde, heel erg bedankt voor de hulp, zonder jou was het niet gelukt