kan niet verwijderen ""http://isearch.omiga-plus.com/?type=sc"" !!!!!!

[yener]

Zoek.exe Version 4.0.0.5 Updated 05-November-2013

Tool run by Esma on vr 08/11/2013 at 15:52:10,57.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Esma\AppData\Local\Temp\Rar$EX03.180\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

8/11/2013 15:55:15 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\revision deleted successfully

C:\ProgramData\revision deleted successfully

C:\Users\Esma\AppData\Roaming\Nico Mak Computing deleted successfully

C:\Users\Esma\AppData\Roaming\Octoshape deleted successfully

C:\Users\Esma\AppData\Roaming\SmashFrenzy3 deleted successfully

C:\Users\Esma\AppData\Roaming\WinRAR deleted successfully

C:\Users\Esma\AppData\Local\ADDP deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56361A71-4E9F-401D-9E12-8AEAA3D7A672} deleted successfully

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{56361A71-4E9F-401D-9E12-8AEAA3D7A672} deleted successfully

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56361A71-4E9F-401D-9E12-8AEAA3D7A672} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{56361A71-4E9F-401D-9E12-8AEAA3D7A672} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56361A71-4E9F-401D-9E12-8AEAA3D7A672} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{56361A71-4E9F-401D-9E12-8AEAA3D7A672} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{56361A71-4E9F-401D-9E12-8AEAA3D7A672} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\BBSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BBSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\BBSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BBSvc deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56361A71-4E9F-401D-9E12-8AEAA3D7A672}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\Program Files\MakeItLive deleted

C:\Program Files\Microsoft\BingBar deleted

C:\ProgramData\eSafe deleted

C:\Program Files\SopCast deleted

C:\Program Files\PHPNukeDU deleted

C:\Program Files\Common Files\DVDVideoSoft\bin deleted

C:\Program Files\uTorrentBar_NL deleted

C:\Program Files\YTD Toolbar deleted

C:\ProgramData\YTD Video Downloader deleted

C:\Users\Esma\AppData\Local\CRE deleted

C:\Users\Esma\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted

C:\Users\Esma\AppData\LocalLow\PHPNukeDU deleted

C:\Users\Esma\AppData\LocalLow\uTorrentBar_NL deleted

C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted

C:\Windows\system32\tasks\Desk 365 RunAsStdUser deleted

C:\prefs.js deleted

C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCall.dll" deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla.dll" deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla17.dll" deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla18.exe" deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla19.dll" deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla2.dll" deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla20.dll" deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla22.dll" deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseCustomCalla22.exe" deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP\WiseData.ini" deleted

"C:\Windows\220FB0354744483A9A0B41DF77061583.TMP" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-11-04 18:39:35 A9D56A34095AB80E85AD630B8405182A 81920 ----a-w- C:\Windows\eSellerateControl350.dll

2013-11-04 18:39:35 02127FDD91FDA05FA8B201A4171CC0E2 356352 ----a-w- C:\Windows\eSellerateEngine.dll

====== C:\Users\Esma\AppData\Local\Temp ====

2013-11-04 19:03:16 BCB0728F4B117855765CE8FE883B5E9B 1536 ----a-w- C:\Users\Esma\AppData\Local\Temp\NOSEventMessages.dll

2013-11-04 14:18:48 F7F10EB2D6BBD690491C4E5F4B0D9C1A 498360 ----a-w- C:\Users\Esma\AppData\Local\Temp\MSS\3.8.130.8\McUICnt.exe

2013-11-04 14:18:48 E4882D07A94409BE728D2B7EB1A0355A 153280 ----a-w- C:\Users\Esma\AppData\Local\Temp\MSS\3.8.130.8\McInstallerRes_LD.dll

2013-11-04 14:18:48 206A83BDC11D09FB1B3740236ED5E9EE 418568 ----a-w- C:\Users\Esma\AppData\Local\Temp\MSS\3.8.130.8\mcbrwsr2.dll

2013-11-04 14:18:48 1589E640071083714607A200D0155866 264008 ----a-w- C:\Users\Esma\AppData\Local\Temp\MSS\3.8.130.8\McInstallerRes.dll

2013-11-04 14:18:48 0C16A79F80239D737E86A3E9C075C158 571472 ----a-w- C:\Users\Esma\AppData\Local\Temp\MSS\3.8.130.8\McInstallerStartup.dll

2013-11-04 09:33:52 0679D39A697632EBD50DD438AB633214 45665360 ----a-w- C:\Users\Esma\AppData\Local\Temp\SHSetup.exe

2013-11-04 09:19:29 CC6631EE64A4DD63F4A7D0B55E59E455 1980232 ----a-w- C:\Users\Esma\AppData\Local\Temp\UNINSTALL.EXE

2013-11-04 09:17:25 D8CD92EC440E97B9F146AB8AF5A22599 163720 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\psuser.dll

2013-11-04 09:17:25 CFAF7B67C78D09D79688AEDCA3D090E2 597896 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\npGoogleUpdate3.dll

2013-11-04 09:17:25 5A868A07FD086421BC103C8087023B31 163720 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\psmachine.dll

2013-11-04 09:17:23 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleUpdateOnDemand.exe

2013-11-04 09:17:23 70AB209D149CB85AB9B8021947AFB6B0 26112 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleUpdateHelper.msi

2013-11-04 09:17:23 6D6B5D52BB81F82F5D0103E6175D1F4F 869256 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\goopdate.dll

2013-11-04 09:17:23 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleUpdateSetup.exe

2013-11-04 09:17:22 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleUpdateBroker.exe

2013-11-04 09:17:22 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleCrashHandler.exe

2013-11-04 09:17:22 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleUpdate.exe

2013-11-04 09:17:22 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleCrashHandler64.exe

2013-11-03 19:03:01 20F03B1B926F4EA65763E364ACAD7C59 4698984 ----a-w- C:\Users\Esma\AppData\Local\Temp\oi_{0EE0B98F-F785-45BB-B64B-C05751CBB040}.exe

====== C:\Windows\system32 =====

2013-11-04 18:39:35 D5405DD640E870B1DD4F5B4BD08865BB 1122304 ----a-w- C:\Windows\System32\libeay32.dll

2013-11-04 18:39:35 8EAE03A0F0BF13AF27702E29460D7B47 274432 ----a-w- C:\Windows\System32\ssleay32.dll

====== C:\Windows\system32\drivers =====

2013-11-04 19:09:47 8C547EB6709BF41E0625EFCDF13C63CE 595552 ----a-w- C:\Windows\System32\drivers\klif.sys

2013-11-04 19:09:47 2442777B6275B3F4F0D967933525648C 74848 ----a-w- C:\Windows\System32\drivers\klflt.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-04 21:58:29 -------- d-----w- C:\Program Files\trend micro

2013-11-04 19:11:05 -------- d-----w- C:\Program Files\Kaspersky Lab

2013-11-04 18:39:35 -------- d-----w- C:\Program Files\Omiga Plus Removal Tool

2013-11-04 09:35:12 -------- d-----w- C:\Program Files\Enigma Software Group

2013-11-04 09:34:17 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard

======= C: =====

====== C:\Users\Esma\AppData\Roaming ======

====== C:\Users\Esma ======

2013-11-04 22:20:12 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Esma\Downloads\RSIT.exe

2013-11-04 19:14:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013

2013-11-04 19:11:05 -------- d-----w- C:\ProgramData\Kaspersky Lab

2013-11-03 17:48:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast

====== C: exe-files ==

2013-11-04 22:24:49 CFCCB55A013592243777C73E917652E0 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2422730465-428965375-3337096384-1000\$I5JXD56.exe

2013-11-04 22:24:45 39BE52E0E2DD37EECCEFAF46DD85114B 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2422730465-428965375-3337096384-1000\$IZ8UI67.exe

2013-11-04 22:24:35 545229FCFD00BCEDAC1AC6FC49F031F5 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2422730465-428965375-3337096384-1000\$IBS7VOY.exe

2013-11-04 22:24:31 2172026FBFD8DCD0036E5B1C18CC78A1 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2422730465-428965375-3337096384-1000\$IVEQXPS.exe

2013-11-04 22:20:12 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Esma\Downloads\RSIT.exe

2013-11-04 22:18:11 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Esma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XL8MSEMM\RSIT.exe

2013-11-04 21:58:31 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Esma.exe

2013-11-04 19:22:05 5F041EE9B898A75CD284A6E21B3DCCA0 39864 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\ffcert.exe

2013-11-04 19:22:05 587EFD6A3A30A35A27904D21AE1FB882 356376 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\avp.exe

2013-11-04 19:07:21 BE42B516425DC83DA8DBDAE4492C5071 178454784 ----a-w- C:\Users\Esma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8V259IGO\kav13.0.1.4190nl-nl.exe

2013-11-04 18:39:35 2856DE158A6FFC29F61DF4015F7C8A57 10942448 ----a-w- C:\Program Files\Omiga Plus Removal Tool\Report.exe

2013-11-04 14:18:48 F7F10EB2D6BBD690491C4E5F4B0D9C1A 498360 ----a-w- C:\Users\Esma\AppData\Local\Temp\MSS\3.8.130.8\McUICnt.exe

2013-11-04 09:33:52 0679D39A697632EBD50DD438AB633214 45665360 ----a-w- C:\Users\Esma\AppData\Local\Temp\SHSetup.exe

2013-11-04 09:19:29 CC6631EE64A4DD63F4A7D0B55E59E455 1980232 ----a-w- C:\Users\Esma\AppData\Local\Temp\UNINSTALL.EXE

2013-11-04 09:17:43 1DB5B92E54BA5E4976995B6BE4B0BB81 34615136 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\30.0.1599.101\30.0.1599.101_chrome_installer.exe

2013-11-04 09:17:23 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleUpdateOnDemand.exe

2013-11-04 09:17:23 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleUpdateSetup.exe

2013-11-04 09:17:22 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleUpdateBroker.exe

2013-11-04 09:17:22 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleCrashHandler.exe

2013-11-04 09:17:22 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleUpdate.exe

2013-11-04 09:17:22 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Users\Esma\AppData\Local\Temp\{DA5E13C8-EE39-4623-9F8D-2B57996C766E}\GoogleCrashHandler64.exe

2013-11-03 19:03:01 20F03B1B926F4EA65763E364ACAD7C59 4698984 ----a-w- C:\Users\Esma\AppData\Local\Temp\oi_{0EE0B98F-F785-45BB-B64B-C05751CBB040}.exe

=== C: other files ==

2013-11-04 19:22:06 EA26CB00F83686856F2C79673C00C686 136024 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\drv32\501\p\kl1.sys

2013-11-04 19:22:06 EA26CB00F83686856F2C79673C00C686 136024 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\drv32\501\kl1.sys

2013-11-04 19:22:06 E7EFE379B05BB01F13885C5DBE5A4E64 44432 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\drv32\p\kltdi.sys

2013-11-04 19:22:06 E7EFE379B05BB01F13885C5DBE5A4E64 44432 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\drv32\kltdi.sys

2013-11-04 19:22:06 C21FACBBC1F7C8533646D6ECC4E846A3 3018626 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\loc\decl2.zip

2013-11-04 19:22:06 BE21AC70BB25B9BA0D79AA510D6BBFCB 594528 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\drv32\600\p\klif.sys

2013-11-04 19:22:06 BE21AC70BB25B9BA0D79AA510D6BBFCB 594528 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\drv32\600\klif.sys

2013-11-04 19:22:06 A58507C2827C3AE1D4CCB2746AAB349F 25944 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\drv32\600\p\klmouflt.sys

2013-11-04 19:22:06 A58507C2827C3AE1D4CCB2746AAB349F 25944 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\drv32\600\klmouflt.sys

2013-11-04 19:22:06 24AEBAD59D1DE8A7CC36E8F09F999362 25944 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\drv32\600\p\klkbdflt.sys

2013-11-04 19:22:06 24AEBAD59D1DE8A7CC36E8F09F999362 25944 ----a-w- C:\ProgramData\Kaspersky Lab\AVP13\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav13\13.0.1.4190\drv32\600\klkbdflt.sys

2013-11-04 19:09:47 8C547EB6709BF41E0625EFCDF13C63CE 595552 ----a-w- C:\Windows\System32\drivers\klif.sys

2013-11-04 19:09:47 2442777B6275B3F4F0D967933525648C 74848 ----a-w- C:\Windows\System32\drivers\klflt.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Facebook Update"="C:\Users\Esma\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"NokiaSuite.exe"="C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ArcadeDeluxeAgent"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe"

"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe"

"PLFSetI"="C:\Windows\PLFSetI.exe"

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"LManager"="C:\Program Files\Launch Manager\LManager.exe"

"BackupManagerTray"="C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -k"

"Acer ePower Management"="C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe"

"EgisTecLiveUpdate"="C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"

"mwlDaemon"="C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"

"PlayMovie"="C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"

"CLMLServer"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"

"NokiaMusic FastStart"="C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe /command:faststart"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

"RemoteControl"="C:\Users\Esma\Desktop\PDVDServ.exe"

"LanguageShortcut"="C:\Users\Esma\Desktop\Language\Language.exe"

"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe"

"ehTray.exe"="C:\Windows\ehome\ehTray.exe"

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"Facebook Update"="C:\Users\Esma\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"NokiaSuite.exe"="C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray"

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

==== Startup Folders ======================

2013-04-25 10:12:25 228 ---h--w- C:\Users\Esma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BackupManager.list

2013-09-19 17:39:24 995 ----a-w- C:\Users\Esma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2013-04-25 00:25:38 198 ---h--w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BackupManager.list

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 22:03]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2422730465-428965375-3337096384-1000Core.job --a------ C:\Users\Esma\AppData\Local\Facebook\Update\FacebookUpdate.exe [28/06/2013 19:43]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2422730465-428965375-3337096384-1000UA.job --a------ C:\Users\Esma\AppData\Local\Facebook\Update\FacebookUpdate.exe [28/06/2013 19:43]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:F0C:\ProgramC:Files\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe]

"C:\Windows\system32\tasks\4571" [wscript.exe C:\Users\Esma\AppData\Local\Temp\launchie.vbs //B]

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2422730465-428965375-3337096384-1000Core" [C:\Users\Esma\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2422730465-428965375-3337096384-1000UA" [C:\Users\Esma\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\HPCustParticipation HP Photosmart 5510 series" ["C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe"]

"C:\Windows\system32\tasks\User_Feed_Synchronization-{E0562372-0AD0-4502-9D5D-80F2B1D74BAC}" [C:\Windows\system32\msfeedssync.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"content_blocker@kaspersky.com"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com" [04/11/2013 20:22]

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"addlyrics@addlyrics.net"="C:\Program Files\AddLyrics\FF" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\urladvisor.crx[16/05/2013 19:41]

hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\content_blocker_chrome.crx[16/05/2013 19:41]

jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\ChromeExt\virtkbd.crx[16/05/2013 19:38]

nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files\TornTV.com\torn2_10.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]

Extended Protection - Esma - Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml

Kaspersky URL Advisor - Esma - Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj

Content Blocker - Esma - Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail

Virtual Keyboard - Esma - Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh

Google Wallet - Esma - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

undetermined - Esma - Default\Extensions\BackupManager.list

==== Chrome Fix ======================

C:\Users\Esma\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

"Search Page"="Google"

"Default_Page_URL"="Isearch.omiga-plus.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Isearch.omiga-plus.com"

"Default_Page_URL"="Isearch.omiga-plus.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search/?q=%s"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

"Start Page"="https://www.google.be/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{18267DC0-44CF-4B00-93E3-DB15EE1A7846}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{18267DC0-44CF-4B00-93E3-DB15EE1A7846} Google Url="{searchTerms} - Google zoeken"

{33BB0A4E-99AF-4226-BDF6-49120163DE86} Unknown Url="Not_Found"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{82682F40-ECD2-4BFA-ADAD-96CD529BCE2A} Google Url="{searchTerms} - Google zoeken"

==== Reset Google Chrome ======================

C:\Users\Esma\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Esma\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2422730465-428965375-3337096384-1000\Software\Mozilla\Firefox\Extensions\addlyrics@addlyrics.net deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Esma\Desktop\Calculator.lnk - C:\Windows\system32\calc.exe

C:\Users\Esma\Desktop\Dropbox.lnk - C:\Users\Esma\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

C:\Users\Esma\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Isearch.omiga-plus.com

C:\Users\Esma\Desktop\VoipBuster.lnk - C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe

C:\Users\Esma\Desktop\Arif foto's\Argenta\Prullenbak - Snelkoppeling.lnk -

C:\Users\Esma\Desktop\Fotos waterschade Karaca\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Esma\Desktop\niet verzonden fotos werken\Media converter.lnk - C:\Program Files\Media converter\MediaConverter.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Acer Arcade Deluxe.lnk - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe

C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\Benodigdheden kopen - HP Photosmart 5510 series.lnk - C:\Program Files\HP\HP Photosmart 5510 series\Bin\hpqDTSS.exe

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe

C:\Users\Public\Desktop\Etnicom.lnk - C:\Windows\Installer\{BB86126C-B14E-416F-8F05-6D3D204A7289}\chat.exe

C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files\HP Photo Creations\PhotoProduct.exe

C:\Users\Public\Desktop\HP Photosmart 5510 series.lnk - C:\Program Files\HP\HP Photosmart 5510 series\Bin\HP Photosmart 5510 series.exe -Start UDCDevicePage

C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\starter_avp.exe

C:\Users\Public\Desktop\MyWinLocker.lnk - C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlMgtConsole.exe

C:\Users\Public\Desktop\Nokia Ovi Player.lnk - C:\Windows\Installer\{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}\NewShortcut212_97D9937048B14BA7A06DF2BCC5B56955.exe

C:\Users\Public\Desktop\Nokia PC Suite.lnk - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Users\Public\Desktop\Nokia Suite.lnk - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate.lnk - C:\Program Files\Xilisoft\Video Converter Ultimate\vcloader.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Esma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Isearch.omiga-plus.com

C:\Users\Esma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Isearch.omiga-plus.com

C:\Users\Esma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Esma\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

C:\Users\Esma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Esma\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe

C:\Users\Esma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Esma\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013\Bezoek Kaspersky Lab op het internet.lnk - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\kl.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013\Kaspersky Anti-Virus 2013 Help.lnk - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\Doc\nl\KAV\context.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013\Kaspersky Anti-Virus 2013 verwijderen.lnk - C:\Windows\System32\msiexec.exe /i{560985FB-4B76-4121-9189-7A2CDC7886D6} REMOVE=ALL

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013\Kaspersky Anti-Virus 2013.lnk - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\starter_avp.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013\Licentieovereenkomst.lnk - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\Doc\nl\license.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast\SopCast.lnk - C:\Program Files\SopCast\SopCast.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast\Uninstall.lnk - C:\Program Files\SopCast\uninst.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast\Website.lnk - C:\Program Files\SopCast\SopCast.url

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Shrink 3.2.lnk - C:\Program Files\DVD Shrink\DVD Shrink 3.2.exe

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe Isearch.omiga-plus.com

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Media converter.lnk - C:\Program Files\Media converter\MediaConverter.exe

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nokia Ovi Player.lnk - C:\Windows\Installer\{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}\NewShortcut2_CDF681E133824FFDB6C41A0530C561D5.exe

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpyHunter.lnk - C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Xilisoft Video Converter Ultimate.lnk - C:\Program Files\Xilisoft\Video Converter Ultimate\vcloader.exe

==== shortcuts After Repair ======================

C:\Users\Esma\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Esma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Esma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Esma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Esma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Esma\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Esma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Esma\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Esma\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Esma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on vr 08/11/2013 at 16:38:53,60 ======================

[iEscape]

@ yener,

Wacht nu rustig af totdat 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.

[kape]

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

[yener]

# AdwCleaner v3.012 - Report created 11/11/2013 at 09:36:53

# Updated 11/11/2013 by Xplode

# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)

# Username : Esma - PC_VAN_ESMA

# Running from : C:\Users\Esma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CBKND08K\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{106F626E-37A8-421C-A666-832F55E0AA23}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{106F626E-37A8-421C-A666-832F55E0AA23}

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\hdcode

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16447

-\\ Mozilla Firefox v

*************************

AdwCleaner[R0].txt - [2945 octets] - [11/11/2013 09:24:53]

AdwCleaner[s0].txt - [2937 octets] - [11/11/2013 09:36:53]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2997 octets] ##########

[kape]

En ben je nu verlost van je ongewenste meldingen ?

[yener]

ik krijg geen meldingen nimmer, maar moet ik mn pc wekelijks scannen ofzo??

[kape]

Uitstekend ... dan gaan we eerst de gebruikte tools en nog wat restjes verwijderen. Dat doe je zo:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Om je PC netjes te houden kan het geen kwaad dat je wekelijks (naast je constante antivirusprogramma) nog eens een scan doet met Malwarebytes of AdwCleaner, twee programma's die je gratis kan downloaden. Ook CCleaner is een aanrader om alles netjes te houden.