Gesloten
1
Hallo Mensen,

ook ik heb nu dat vervelende qv06 virus op mn pc
wie wil mij even helpen aub

gr Deny Loonen.
2
Goedemiddag,

Download Afbeelding Zoek.zip naar het bureaublad.
  1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

    Code: Selecteer alles

    chromelook;
    firefoxlook;
    startupall;
    filesrcm;
    
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.
Volg me op Twitter: @bartblaze
Mijn persoonlijke blog: Blaze's Security Blog

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie Afbeelding
3
Zoek.exe Version 4.0.0.4 Updated 19-September-2013
Tool run by Deny on zo 22-09-2013 at 13:33:35,17.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Deny\Desktop\zoek.exe [Script inserted]

==== System Restore Info ======================

22-9-2013 13:34:59 Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Deny\AppData\Local\Temp ====
2013-09-21 18:30:23 AB9AFD7C725D3E5EA0BA8EC4A637F695 1292920 ----a-w- C:\Users\Deny\AppData\Local\Temp\eIntaller\36A23A9C8CD544bb9752CD910F6945C5\DProtect.exe
2013-09-21 18:30:23 67CD4575597480529776360AC0F41A2A 461880 ----a-w- C:\Users\Deny\AppData\Local\Temp\eIntaller\36A23A9C8CD544bb9752CD910F6945C5\eXQ.exe
2013-09-21 18:30:23 256F569179D786680CD216C0240A42D3 825920 ----a-w- C:\Users\Deny\AppData\Local\Temp\eIntaller\36A23A9C8CD544bb9752CD910F6945C5\eGdpSvc.exe
2013-09-10 18:59:54 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Deny\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe
2013-09-10 18:59:54 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Deny\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe
====== C:\Windows\SysWOW64 =====
2013-09-20 13:45:34 B970BDB5B39DB29E3DEEE356B1104A11 389120 ----a-w- C:\Windows\SysWOW64\RegistryHelperLM.ocx
2013-09-14 11:16:09 DD59A1286F629FE3D5D3B9466F3A7413 78296 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-14 11:16:08 77DFACAE7BB2882371CE35BD28DF3066 694232 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-11 08:38:14 DA150FBA450DB268C3DD1D389DF261EB 562688 ----a-w- C:\Windows\SysWOW64\WSShared.dll
2013-09-11 08:38:13 B4C5FC67D38883F84BE232F521D80261 628736 ----a-w- C:\Windows\SysWOW64\wuapi.dll
2013-09-11 08:38:13 4A4A793059187D8C85797F0FB8D9E48C 91648 ----a-w- C:\Windows\SysWOW64\sppc.dll
2013-09-11 08:38:12 68309D440373633C54CCD61FFAB4948C 143872 ----a-w- C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 08:38:10 810B2358688A62CD67F0FBC699628D48 159232 ----a-w- C:\Windows\SysWOW64\WSSync.dll
2013-09-11 08:38:07 EC598115895C5E2BFCC3EC6D1DD5E1E2 167424 ----a-w- C:\Windows\SysWOW64\WSClient.dll
2013-09-11 08:38:07 B607284B548E9749B7DFE21F0B0EE376 20992 ----a-w- C:\Windows\SysWOW64\wups.dll
2013-09-11 08:38:05 77C93B12A1ACB58FD06DFEE17856B65B 126976 ----a-w- C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 08:38:05 44596FBFDD963FA0F7F7F96EFA6E3008 84992 ----a-w- C:\Windows\SysWOW64\wudriver.dll
2013-09-11 08:38:04 FAC41DA4259549C5468AFC1FA53CED3A 35328 ----a-w- C:\Windows\SysWOW64\wuapp.exe
2013-09-11 08:38:00 B7267F83DE710AF993A15380C1F33239 83968 ----a-w- C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 08:38:00 62FB9CC2F6E0EF8015EA06ECFD746154 76800 ----a-w- C:\Windows\SysWOW64\setupcln.dll
2013-09-11 08:35:16 5FE24CECBD39A12E0BDDE3931FA5478B 14332928 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2013-09-11 08:35:11 76A981040FC0C9BA0C6EDC91BE99C3E4 2876928 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2013-09-11 08:35:09 B7D15FC840EB5A401A9A2D15A4BA1A94 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2013-09-11 08:35:06 A1BBF4D3F0F8164CF9A8B46B428100C6 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2013-09-11 08:35:05 7AC3F683EE68A588A26BDBBA1CC296B2 2048000 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2013-09-11 08:35:04 F73CE26EFC7AE039A8534722395CE9A7 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll
2013-09-11 08:35:03 907EFFBAD00EF8FAF0347AF63F895FFE 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 08:35:02 F21025151AA06B25DC6FCE169560F4E4 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 08:35:01 1669544D9288099E7BE0CF73EF8B9F3E 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll
2013-09-11 08:34:59 B2F431895A7F787466EFEAB87C5F014F 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2013-09-11 08:34:59 210074573A7E60E425A8E4667B55FA7C 44032 ----a-w- C:\Windows\SysWOW64\UXInit.dll
2013-09-11 08:34:57 E6BEEF5265329CBB3DDF95CE89F08580 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 08:34:57 69B892115CD4E738FB0F2834DDB9002A 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2013-09-11 08:34:57 0904FD891C44DE02D14A66DF07B64D6A 534528 ----a-w- C:\Windows\SysWOW64\uxtheme.dll
2013-09-11 08:34:56 F76B96D80327187F52B01E0082571F20 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 08:33:52 0AC4D04D2D127CAE2BE09FBA48D19639 2273792 ----a-w- C:\Windows\SysWOW64\msftedit.dll
2013-09-11 08:33:49 4F2214EB1269A6B906E2402883E0A658 551424 ----a-w- C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 08:33:46 0E38A984BE8C1F4A095B4A4E8BA1EB23 125440 ----a-w- C:\Windows\SysWOW64\winmm.dll
2013-09-11 08:33:44 DF790AE26A476DAA05210BA571B45AAC 160256 ----a-w- C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 08:33:44 3631AE3089DE4FAA50D3BD62E370299E 385768 ----a-w- C:\Windows\SysWOW64\WerFault.exe
2013-09-11 08:33:41 34076BB22B3975BDA4D98E1A0F03F199 268800 ----a-w- C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 08:33:39 DB51E3BB92AAE9608CB4AC08A9E263B1 1022464 ----a-w- C:\Windows\SysWOW64\gdi32.dll
2013-09-11 08:33:36 1C51CD68DB8C774E4C69CD628CFC4C80 245248 ----a-w- C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 08:33:35 A179B0FB8241BC7FEF62E0AA5F315F9B 702464 ----a-w- C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 08:33:32 499403FAB514EF7C468F1E9157F8F7BA 67072 ----a-w- C:\Windows\SysWOW64\openfiles.exe
2013-09-11 08:33:30 68451FE440B77BD6447E8AF1D21FD62B 245760 ----a-w- C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 08:33:29 1342E8DE249F4049536F38F8D473CE26 154112 ----a-w- C:\Windows\SysWOW64\WinSCard.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-09-18 20:35:16 01084DEE62A0118BE52C0F8CF520781A 438672 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT
2013-09-12 15:53:51 AFB0FFB0E349B72EB335BDE6FDFD164B 144896 ----a-w- C:\Windows\Sysnative\tssdisai.dll
2013-09-11 08:38:21 061A977C920FBE4BF71FF47C966DDDCA 4917760 ----a-w- C:\Windows\Sysnative\sppsvc.exe
2013-09-11 08:38:19 D4D04839F3DFAF09D94BAB1016F7A297 2371728 ----a-w- C:\Windows\Sysnative\WSService.dll
2013-09-11 08:38:19 4DD390AE1E1AD7EE02EFBB40FFBFE353 209200 ----a-w- C:\Windows\Sysnative\NotificationUI.exe
2013-09-11 08:38:18 C80BE09E09CBD2D85D95C96CD9EA839B 1164288 ----a-w- C:\Windows\Sysnative\sppobjs.dll
2013-09-11 08:38:18 9DEC60D4783377097014DFCCA31E69F8 3275776 ----a-w- C:\Windows\Sysnative\wuaueng.dll
2013-09-11 08:38:16 C34DDB3F1082D40B9795AB7013C6E8B3 688640 ----a-w- C:\Windows\Sysnative\WSShared.dll
2013-09-11 08:38:16 0F33B2A36E50793A08C86A0DBFFD60D5 105984 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll
2013-09-11 08:38:14 C121D6818C4FD2B8572F3409D4FF556F 120320 ----a-w- C:\Windows\Sysnative\sppc.dll
2013-09-11 08:38:14 8C5DEF64385DD9B15792CECF05A88D79 773120 ----a-w- C:\Windows\Sysnative\wuapi.dll
2013-09-11 08:38:14 20FAFBD28EC1128955308E7ABA5E765A 368640 ----a-w- C:\Windows\Sysnative\sppwinob.dll
2013-09-11 08:38:12 DD9730BDD6515CE314F2EAAADFE54951 183808 ----a-w- C:\Windows\Sysnative\WSSync.dll
2013-09-11 08:38:11 EA2C469FD4B4B4CC984CAD8D48B13652 1621504 ----a-w- C:\Windows\Sysnative\wucltux.dll
2013-09-11 08:38:10 A0C07056756C94FA19B231BBE58C33DF 49664 ----a-w- C:\Windows\Sysnative\wups.dll
2013-09-11 08:38:10 633B9891D7C18B992CE9C6AF08DF4D05 49152 ----a-w- C:\Windows\Sysnative\wups2.dll
2013-09-11 08:38:09 2C1C2A1AAB6B364AD4C10D71BFF91B28 59416 ----a-w- C:\Windows\Sysnative\wuauclt.exe
2013-09-11 08:38:08 AFE039373642AA6C5003FED9417A857F 252416 ----a-w- C:\Windows\Sysnative\WUSettingsProvider.dll
2013-09-11 08:38:08 AA3BF5E865917912239E52E2217556CA 204800 ----a-w- C:\Windows\Sysnative\WSClient.dll
2013-09-11 08:38:08 00DC7D597DAA2740100B18BDD8CA8B7E 198656 ----a-w- C:\Windows\Sysnative\Windows.ApplicationModel.Store.dll
2013-09-11 08:38:06 C30E6549F9770CF8925C06978E616841 142848 ----a-w- C:\Windows\Sysnative\wuwebv.dll
2013-09-11 08:38:06 BDE065A9A03ECFA09A4ADBE4FE3EFE0B 174592 ----a-w- C:\Windows\Sysnative\storewuauth.dll
2013-09-11 08:38:05 26479DAFA9B1A91A101388819CD32FD9 99328 ----a-w- C:\Windows\Sysnative\wudriver.dll
2013-09-11 08:38:04 6925399CDC69C6DC9C829DAFF9F85681 40448 ----a-w- C:\Windows\Sysnative\wuapp.exe
2013-09-11 08:38:03 5C1442CC4FD8628839852297C05D6EF2 81408 ----a-w- C:\Windows\Sysnative\setupcln.dll
2013-09-11 08:35:21 0CBE4F2B4C2316814693EAF8F9CD98A7 19246592 ----a-w- C:\Windows\Sysnative\mshtml.dll
2013-09-11 08:35:14 1FFB9680178BAA8BFE2BE5CF91FBD574 3959296 ----a-w- C:\Windows\Sysnative\jscript9.dll
2013-09-11 08:35:12 55B082D7A4823B963975F7D32C7AC8BA 15404544 ----a-w- C:\Windows\Sysnative\ieframe.dll
2013-09-11 08:35:10 AE4AD9943B92F71C7552F3CBC94F3CF6 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll
2013-09-11 08:35:10 4C95B1B5ADF6E82D7A8FA2DD8D383626 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll
2013-09-11 08:35:04 37A27E7A53724DF4193C0337891609AB 915968 ----a-w- C:\Windows\Sysnative\uxtheme.dll
2013-09-11 08:35:03 6DBE239FF1C9650A794C974B8C7913D7 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll
2013-09-11 08:35:02 D2CFD6F140FBC9F6F09B8DB42ACBE4B1 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2013-09-11 08:35:02 6A0910927CDCBCF5EFE79B73D0B7596B 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll
2013-09-11 08:35:00 FAA0282FF13ECFB8B620E01619703850 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2013-09-11 08:35:00 6344E1B323F993C1F7FB68C028D356D6 855552 ----a-w- C:\Windows\Sysnative\jscript.dll
2013-09-11 08:34:59 163464CAAF793906958F7098DA9C9C6D 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll
2013-09-11 08:34:58 74671852110963BD2D23740E65C84206 53760 ----a-w- C:\Windows\Sysnative\UXInit.dll
2013-09-11 08:34:57 CC062CD7E7CBA0EFD0EF7975DD4CA1C4 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll
2013-09-11 08:34:57 A45FE588EC4D64620E755FAE8735856D 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2013-09-11 08:34:56 C23E349B999CAC55B398C36E0FA54A88 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2013-09-11 08:33:51 3884117CE4FEC35E4A1A7A62918B1F34 1156096 ----a-w- C:\Windows\Sysnative\IKEEXT.DLL
2013-09-11 08:33:50 814F4A0774F08F580D71FA7E880CD454 1025024 ----a-w- C:\Windows\Sysnative\localspl.dll
2013-09-11 08:33:50 560A9357766AB0CDF38143EA3A66DA64 2839552 ----a-w- C:\Windows\Sysnative\msftedit.dll
2013-09-11 08:33:49 7A102E79DD8F1032BCB76064E2E50C4A 778752 ----a-w- C:\Windows\Sysnative\oleaut32.dll
2013-09-11 08:33:48 45A2DE308D27355F0F0D13499C8207DA 1300480 ----a-w- C:\Windows\Sysnative\gdi32.dll
2013-09-11 08:33:46 73133A0C0CA63817BFF2CB9DE65B64E7 723968 ----a-w- C:\Windows\Sysnative\BFE.DLL
2013-09-11 08:33:46 58B7BEACEB8B19A9698FE85B76C88ED9 381952 ----a-w- C:\Windows\Sysnative\FWPUCLNT.DLL
2013-09-11 08:33:46 12DE753B04FE08427BC4BA3133BFB1DB 414208 ----a-w- C:\Windows\Sysnative\wwanconn.dll
2013-09-11 08:33:45 C89FAB42CD5FD672506031D941529A74 439488 ----a-w- C:\Windows\Sysnative\WerFault.exe
2013-09-11 08:33:45 8E5271A1AC463276023B39BC846F299C 230912 ----a-w- C:\Windows\Sysnative\WinSCard.dll
2013-09-11 08:33:45 827AE73CD7CB3A8292A50EF39169071F 115712 ----a-w- C:\Windows\Sysnative\winmm.dll
2013-09-11 08:33:45 0ABF97013CA7400213DCBDC7B499AF85 183808 ----a-w- C:\Windows\Sysnative\winmmbase.dll
2013-09-11 08:33:44 AF1349386D4C6786EF4E34FACEF15042 263680 ----a-w- C:\Windows\Sysnative\wcmsvc.dll
2013-09-11 08:33:44 6D9E07436B6646EC8F7EFFD39B6BA288 447488 ----a-w- C:\Windows\Sysnative\wwansvc.dll
2013-09-11 08:33:40 FF2E7B5DEF4C46870E8D00B80BBDB1DC 370688 ----a-w- C:\Windows\Sysnative\Wwanadvui.dll
2013-09-11 08:33:40 8C7D71CE2F03E8CD6F1045D9275E6E1D 74240 ----a-w- C:\Windows\Sysnative\wcmcsp.dll
2013-09-11 08:33:39 97D3B79F36CBD8B70F0D9BA6939D2462 391168 ----a-w- C:\Windows\Sysnative\Windows.Networking.BackgroundTransfer.dll
2013-09-11 08:33:38 9A218BB2D3EC7CAAC84351D59204013A 77312 ----a-w- C:\Windows\Sysnative\openfiles.exe
2013-09-11 08:33:37 93BBEFF2825AFD81651EA2D938AAFCCA 543744 ----a-w- C:\Windows\Sysnative\wwanmm.dll
2013-09-11 08:33:31 B8BF7450DC17F940DD3B1A853F62724F 888832 ----a-w- C:\Windows\Sysnative\nshwfp.dll
2013-09-11 08:33:30 DB5C9AD31E50EDC86C6072EDE1E89692 312832 ----a-w- C:\Windows\Sysnative\LocationApi.dll
2013-09-11 08:33:25 2CE63B3A60C54BF7421B090429C286B0 387583 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml
2013-09-11 08:33:22 947B40E8199C16F0E62EABC312813DF7 4038144 ----a-w- C:\Windows\Sysnative\win32k.sys
====== C:\Windows\Sysnative\drivers =====
2013-09-11 08:38:07 FAEF4C245BE832DB41B15DAAC336AFB7 58200 ----a-w- C:\Windows\Sysnative\drivers\dam.sys
2013-09-11 08:33:45 09039F3D5A23483010AA6F5FE388F3C4 327512 ----a-w- C:\Windows\Sysnative\drivers\Classpnp.sys
2013-09-11 08:33:42 FC2B8B06BDBD3B6457F5A3DA9AD2410E 120144 ----a-w- C:\Windows\Sysnative\drivers\msgpioclx.sys
2013-09-11 08:33:42 F58B030A0664385C707B8C1C63682041 195416 ----a-w- C:\Windows\Sysnative\drivers\sdbus.sys
2013-09-11 08:33:42 DD7B107B2BB3EE845F57315EF4ECAC9A 125784 ----a-w- C:\Windows\Sysnative\drivers\dumpsd.sys
2013-09-11 08:33:42 630555943E5A3FE21010CE91EC7FC84F 341504 ----a-w- C:\Windows\Sysnative\drivers\HdAudio.sys
2013-09-11 08:33:39 BFC7FE4AAEB61317A921871B4085EF4B 119040 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS
2013-09-11 08:33:39 3F1F31883EAC9DDDF836ACC6D1DAC36C 96512 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys
2013-09-11 08:33:35 25C50F4EDF70D0A831E0566BD181CCF2 321536 ----a-w- C:\Windows\Sysnative\drivers\udfs.sys
====== C:\Windows\Tasks ======
2013-09-21 18:30:19 DED68056DCA3E478951D9480AF4A0B22 934 ----a-w- C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-09-21 18:30:19 5666D2804628080D9C2FA3823F214868 3906 ----a-w- C:\Windows\Sysnative\Tasks\DealPlyLiveUpdateTaskMachineUA
2013-09-21 18:30:16 92A295C227A35A6B5A0901B611A4CB8D 930 ----a-w- C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-09-21 18:30:16 6AFD8F96D147C92B4941BE224A2D54BC 3670 ----a-w- C:\Windows\Sysnative\Tasks\DealPlyLiveUpdateTaskMachineCore
2013-09-21 18:30:08 FC88FB45FD30A851FA7059BE46FA3064 2656 ----a-w- C:\Windows\Sysnative\Tasks\Dealply
2013-09-21 18:30:08 49089ECF4F910CADE512C4581AA144D8 318 ----a-w- C:\Windows\Tasks\Dealply.job
2013-09-21 18:30:05 6542AD043B57C00D40D38AF105BD75E5 3364 ----a-w- C:\Windows\Sysnative\Tasks\DealPlyUpdate
2013-09-21 18:29:48 28A5632C64225B5C4D0995269B532FCC 3342 ----a-w- C:\Windows\Sysnative\Tasks\AmiUpdXp
2013-09-21 18:29:47 E18321DF50D4BEA2C9828A4EA382B744 352 ----a-w- C:\Windows\Tasks\AmiUpdXp.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
2013-09-21 18:30:49 -------- d-----w- C:\Program Files (x86)\LemurLeap
2013-09-21 18:30:14 -------- d-----w- C:\Program Files (x86)\DealPlyLive
2013-09-21 18:29:52 -------- d-----w- C:\Program Files (x86)\DealPly
2013-09-21 17:54:14 -------- d-----w- C:\Program Files (x86)\TomTom International B.V
2013-09-21 17:54:06 -------- d-----w- C:\Program Files (x86)\MyTomTom 3
======= C: =====
====== C:\Users\Deny\AppData\Roaming ======
2013-09-21 18:35:26 -------- d-----w- C:\Users\Deny\AppData\Local\Garmin
2013-09-21 18:34:47 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Garmin
2013-09-21 18:30:14 -------- d-----w- C:\Users\Deny\AppData\Local\DealPlyLive
2013-09-21 18:30:07 -------- d-----w- C:\Users\Deny\AppData\Roaming\Dealply
2013-09-21 18:29:53 -------- d-----w- C:\Users\Deny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-09-21 18:29:47 -------- d-----w- C:\Users\Deny\AppData\Local\SwvUpdater
2013-09-21 17:54:18 -------- d-----w- C:\Users\Deny\AppData\Local\TomTom
2013-09-08 21:01:59 -------- d-----w- C:\Users\Deny\AppData\Roaming\WebApp
====== C:\Users\Deny ======
2013-09-21 18:34:36 -------- d-----w- C:\ProgramData\Package Cache
2013-09-21 18:31:21 -------- d-----w- C:\ProgramData\Registry Helper
2013-09-21 18:30:43 -------- d-----w- C:\ProgramData\eSafe
2013-09-21 18:30:13 -------- d-----w- C:\ProgramData\DealPlyLive
2013-09-21 17:54:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom

====== C: exe-files ==
2013-09-21 18:38:53 D059303DE167532F6261EE97E8937D15 12142192 ----a-w- C:\ProgramData\Garmin\Core Update Service\APP-express-windows-2.3.14.0\GarminExpressInstaller.exe
2013-09-21 18:34:36 E34B6E26F90059F81B532F038A5906BD 865536 ------w- C:\ProgramData\Package Cache\{31a12940-e5c8-4d27-a6ac-005212152f1f}\GarminExpressInstaller.exe
2013-09-21 18:33:28 0146D957BB0EFC933F78D62DDA605B88 12332168 ----a-w- C:\Users\Deny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UBEPVSWM\GarminExpress.exe
2013-09-21 18:30:51 1CBD0DC5ED80A0838D57FF63F4F3F7BD 211481 ----a-w- C:\Program Files (x86)\LemurLeap\LemurLeapUninstall.exe
2013-09-21 18:30:47 FB87C703B9138DBD6596B25A4CE62131 783688 ----a-w- C:\Users\Deny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WI47CW30\Setup[1].exe
2013-09-21 18:30:43 256F569179D786680CD216C0240A42D3 825920 ----a-w- C:\ProgramData\eSafe\eGdpSvc.exe
2013-09-21 18:30:23 AB9AFD7C725D3E5EA0BA8EC4A637F695 1292920 ----a-w- C:\Users\Deny\AppData\Local\Temp\eIntaller\36A23A9C8CD544bb9752CD910F6945C5\DProtect.exe
2013-09-21 18:30:23 67CD4575597480529776360AC0F41A2A 461880 ----a-w- C:\Users\Deny\AppData\Local\Temp\eIntaller\36A23A9C8CD544bb9752CD910F6945C5\eXQ.exe
2013-09-21 18:30:23 256F569179D786680CD216C0240A42D3 825920 ----a-w- C:\Users\Deny\AppData\Local\Temp\eIntaller\36A23A9C8CD544bb9752CD910F6945C5\eGdpSvc.exe
2013-09-21 18:30:16 ED69D24A6366493C67824E2567AE13FA 61984 ----atw- C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe
2013-09-21 18:30:16 9FCD1448C709C227BA6A146B681CC869 148000 ----atw- C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
2013-09-21 18:30:16 4ED040118E13DBB1698AF876D0783BE4 61984 ----atw- C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe
2013-09-21 18:30:14 9FCD1448C709C227BA6A146B681CC869 148000 ----atw- C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHandler.exe
2013-09-21 18:30:14 9FCD1448C709C227BA6A146B681CC869 148000 ----atw- C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLive.exe
2013-09-21 18:29:53 9EDB539E1C37A8B66774220033208F97 892928 ----a-w- C:\Program Files (x86)\DealPly\uninst.exe
2013-09-21 18:29:53 85B506F990081FD58D5AEA2FD94CA2A9 92704 ----a-w- C:\Program Files (x86)\DealPly\DealPlyUpdateRun.exe
2013-09-21 18:29:53 591F7C7BDE59E71E362699683E91B471 108600 ----a-w- C:\Program Files (x86)\DealPly\DealPlyUpdateVer.exe
2013-09-21 18:29:53 3B909BBE92B3C85222732959D99A0C9A 78424 ----a-w- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe
2013-09-21 18:29:47 15D7F6FC1473A62819C51E9118167830 310312 ----a-w- C:\Users\Deny\AppData\Local\SwvUpdater\Updater.exe
2013-09-21 18:29:21 70C66D8B210AB808A87737F5EB0342A0 155680 ----a-w- C:\Users\Deny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H9XQ4L9G\GarminExpress__2594_il8964967.exe
=== C: other files ==
2013-09-21 18:30:29 09227EBEBCFDB1876F96D8C74C1CA3CF 371915 ----a-w- C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
2013-09-21 18:30:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Deny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0OZ2VP0J\1.1.5.2[1].crx
2013-09-21 18:30:24 09227EBEBCFDB1876F96D8C74C1CA3CF 371915 ----a-w- C:\Users\Deny\AppData\Local\Temp\eIntaller\36A23A9C8CD544bb9752CD910F6945C5\newtab.crx
2013-09-21 18:29:52 A0F53BD216D5BCD8F59ED2BBDCBA55A3 4126 ----a-w- C:\Program Files (x86)\DealPly\DealPly.xpi
2013-09-21 18:29:52 934D13BE2F1F4188A5D7E64A93BA66E1 51066 ----a-w- C:\Program Files (x86)\DealPly\DealPly.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"uTorrent"="C:\Users\Deny\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"SearchProtection"="C:\Users\Deny\AppData\Roaming\Search Protection\SearchProtection.EXE /autostart"
"Power2GoExpress8"="C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
"GoogleChromeAutoLaunch_9D744EA460C19D49596748631F920788"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"ROC_ROC_NT"="C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe / /PROMPT /CMPID=ROC_NT"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"Registry Helper"="C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe /boot"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"uTorrent"="C:\Users\Deny\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"SearchProtection"="C:\Users\Deny\AppData\Roaming\Search Protection\SearchProtection.EXE /autostart"
"Power2GoExpress8"="C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
"GoogleChromeAutoLaunch_9D744EA460C19D49596748631F920788"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\AmiUpdXp.job --a-------- C:\Users\Deny\AppData\Local\SwvUpdater\Updater.exe [21-09-2013 20:29]
C:\Windows\tasks\Dealply.job --a-------- C:\Users\Deny\AppData\Roaming\Dealply\UPDATE1\UPDATE1.exe []
C:\Windows\tasks\DealPlyLiveUpdateTaskMachineCore.job --a-------- C:\ProgramC:FilesC:x86\DealPlyLive\Update\DealPlyLive.exe []
C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job --a-------- [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-11-2012 17:48]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-11-2012 17:48]
C:\Windows\tasks\HPCeeScheduleForDeny.job --a-------- [Undetermined Task]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
boipimhfjpakfgckhbljjengakjhkcbp - C:\Users\Deny\AppData\Roaming\BabSolution\CR\mixiDj.crx[16-05-2013 14:26]
ejnmnhkgiphcaeefbaooconkceehicfi - C:\Program Files (x86)\DealPly\DealPly.crx[21-07-2013 17:14]
ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[21-09-2013 20:30]
jjhaaimjpjbhmjdhgfipokpnopedmddo - C:\Program Files (x86)\OApps\chrome-sl.crx[28-06-2013 11:31]
jlnfdbbladgcmhhamgkioifhbobjaoof - C:\Program Files (x86)\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx[31-08-2013 09:36]
jpmbfleldcgkldadpdinhjjopdfpjfjp - C:\Users\Deny\AppData\Local\Wajam\Chrome\wajam.crx[02-05-2013 21:21]
kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[12-02-2013 08:04]
kpepfkjapeclaafmhoelccknpfedainn - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx[19-04-2013 04:56]
ooepecapjfnpoblcjpgibomhcnlgbnbj - C:\Program Files (x86)\NetScoutToolbar\chrome\NetScoutToolbar.crx[14-01-2013 05:04]

Google Drive - Deny - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Deny - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
MixiDJ Toolbar - Deny - Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Google Search - Deny - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Select City - Deny - Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Select Links App - Deny - Default\Extensions\jjhaaimjpjbhmjdhgfipokpnopedmddo
LemurLeap - Deny - Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Wajam - Deny - Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
DefaultTab - Deny - Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
NetScout Toolbar - Deny - Default\Extensions\ooepecapjfnpoblcjpgibomhcnlgbnbj
Gmail - Deny - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
undetermined - Deny - Default\Extensions\newtab.crx

==== EOF on zo 22-09-2013 at 13:40:45,89 ======================
4
Hier staat inderdaad heel wat rommel op.

Start Afbeelding Zoek.exe nogmaals met het onderstaande script.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

    Code: Selecteer alles

    autoclean;
    
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.
Volg me op Twitter: @bartblaze
Mijn persoonlijke blog: Blaze's Security Blog

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie Afbeelding
5
Zoek.exe Version 4.0.0.4 Updated 19-September-2013
Tool run by Deny on zo 22-09-2013 at 17:30:34,80.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Deny\Desktop\zoek.exe [Script inserted]

==== Older Logs ======================

C:\zoek-results22-09-2013-1340.log 25395 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Internet Explorer\SearchScopes\{289F982B-1A39-492F-8EB3-5C6F219DA252} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Internet Explorer\SearchScopes\{86E5A70A-4A17-40C2-86B1-91453E6BA643} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Internet Explorer\SearchScopes\{96B29C85-3305-401E-9DC1-88DD1BDF7BB8} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BFC6699-66AA-4522-8267-EA455277932C} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dealplylivem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dealplylive deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\defaulttabsearch deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\defaulttabupdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\wajamupdater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wajamupdater deleted successfully

==== Deleting Files \ Folders ======================

"C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx" deleted
"C:\Windows\Tasks\Dealply.job" deleted
"C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job" deleted
"C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job" deleted
"C:\windows\SysNative\Tasks\Dealply" deleted
"C:\windows\SysNative\Tasks\DealPlyLiveUpdateTaskMachineCore" deleted
"C:\windows\SysNative\Tasks\DealPlyLiveUpdateTaskMachineUA" deleted
"C:\windows\SysNative\Tasks\DealPlyUpdate" deleted
"C:\Windows\tasks\AmiUpdXp.job" deleted
"C:\windows\SysNative\Tasks\EPUpdater" deleted
"C:\END" deleted
"C:\Windows\Launcher.exe" deleted
"C:\Users\Deny\AppData\Roaming\mixidj\sqlite3.dll" deleted
"C:\Program Files (x86)\DealPly\DealPlyIE.dll" deleted
"C:\Program Files (x86)\LemurLeap\LemurLeap.Common.dll" deleted
"C:\Program Files (x86)\LemurLeap\LemurLeapBHO.dll" deleted
"C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe" deleted
"C:\Program Files (x86)\OApps\SelectionLinks.dll" deleted
"C:\Users\Deny\AppData\Roaming\Search Protection\SearchProtection.exe" deleted
"C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjApp.dll" deleted
"C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjEng.dll" deleted
"C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll" deleted
"C:\Program Files (x86)\Wajam\IE\priam_bho.dll" deleted
"C:\Users\Deny\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll" deleted
"C:\Users\Deny\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll" deleted
"C:\Users\Deny\AppData\Roaming\mixidj" deleted
"C:\Program Files (x86)\DefaultTab" deleted
"C:\Program Files (x86)\DealPly" not deleted
"C:\Program Files (x86)\DealPlyLive" deleted
"C:\Program Files (x86)\Protected Search" deleted
"C:\Program Files (x86)\mixidj" not deleted
"C:\Program Files (x86)\LemurLeap" not deleted
"C:\Program Files (x86)\OApps" not deleted
"C:\Program Files (x86)\Wajam" not deleted
"C:\Users\Deny\AppData\Roaming\BabSolution" deleted
"C:\Users\Deny\AppData\Roaming\Babylon" deleted
"C:\Users\Deny\AppData\Roaming\Dealply" deleted
"C:\Users\Deny\AppData\Roaming\DefaultTab" not deleted
"C:\Users\Deny\AppData\Roaming\Search Protection" deleted
"C:\Users\Deny\AppData\Roaming\OpenCandy" deleted
"C:\ProgramData\Registry Helper" deleted
"C:\ProgramData\eSafe" deleted
"C:\ProgramData\DealPlyLive" deleted
"C:\ProgramData\Babylon" deleted
"C:\ProgramData\Package Cache" deleted
"C:\Users\Deny\AppData\Local\Wajam" deleted
"C:\Users\Deny\AppData\Local\DealPlyLive" deleted
"C:\Users\Deny\AppData\Local\SwvUpdater" deleted
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search" deleted
"C:\Users\Deny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam" deleted
"C:\Users\Deny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly" deleted
"C:\Users\Deny\AppData\LocalLow\mixidj" deleted
"C:\Users\Deny\AppData\LocalLow\Softonic" deleted
"C:\Users\Deny\AppData\LocalLow\SimplyTech" deleted
"C:\windows\SysNative\tasks\ProtectedSearch" deleted
"C:\Program Files (x86)\mixidj\mixidj" not deleted
"C:\Program Files (x86)\mixidj\mixidj\1.8.18.8" not deleted
"C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh" not deleted
"C:\Program Files (x86)\Wajam\IE" not deleted
"C:\Users\Deny\AppData\Roaming\DefaultTab\DefaultTab" not deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
boipimhfjpakfgckhbljjengakjhkcbp - C:\Users\Deny\AppData\Roaming\BabSolution\CR\mixiDj.crx[]
ejnmnhkgiphcaeefbaooconkceehicfi - C:\Program Files (x86)\DealPly\DealPly.crx[]
ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[]
jjhaaimjpjbhmjdhgfipokpnopedmddo - C:\Program Files (x86)\OApps\chrome-sl.crx[]
jlnfdbbladgcmhhamgkioifhbobjaoof - C:\Program Files (x86)\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx[]
jpmbfleldcgkldadpdinhjjopdfpjfjp - C:\Users\Deny\AppData\Local\Wajam\Chrome\wajam.crx[]
kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[]
kpepfkjapeclaafmhoelccknpfedainn - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx[]
ooepecapjfnpoblcjpgibomhcnlgbnbj - C:\Program Files (x86)\NetScoutToolbar\chrome\NetScoutToolbar.crx[14-01-2013 05:04]

MixiDJ Toolbar - Deny - Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Select Links App - Deny - Default\Extensions\jjhaaimjpjbhmjdhgfipokpnopedmddo
LemurLeap - Deny - Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Wajam - Deny - Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
DefaultTab - Deny - Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
NetScout Toolbar - Deny - Default\Extensions\ooepecapjfnpoblcjpgibomhcnlgbnbj

==== Chrome Fix ======================

C:\Program Files (x86)\NetScoutToolbar\chrome\NetScoutToolbar.crx deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_boipimhfjpakfgckhbljjengakjhkcbp_0.localstorage deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhaaimjpjbhmjdhgfipokpnopedmddo deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jlnfdbbladgcmhhamgkioifhbobjaoof_0.localstorage deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooepecapjfnpoblcjpgibomhcnlgbnbj deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ooepecapjfnpoblcjpgibomhcnlgbnbj_0.localstorage deleted successfully
C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ooepecapjfnpoblcjpgibomhcnlgbnbj_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.startpagina.nl/"
"Default_Page_URL"="http://www.qvo6.com/?utm_source=b&utm_m ... 1379788228"
"Search Page"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Start Default_Page_URL"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Default_Search_URL"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Bar"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Default_Search_URL"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Bar"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Page"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Default_Search_URL"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Bar"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Page"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Default_Page_URL"="http://www.qvo6.com/?utm_source=b&utm_m ... 1379788228"
"Start Page"="http://www.qvo6.com/?utm_source=b&utm_m ... 1379788228"
"Search Page"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Start Default_Page_URL"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Search Bar"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Default_Page_URL"="http://www.qvo6.com/?utm_source=b&utm_m ... 1379788228"
"Start Page"="http://www.qvo6.com/?utm_source=b&utm_m ... 1379788228"
"Search Page"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Start Default_Page_URL"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Search Bar"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si= ... d=619&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si= ... d=619&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si= ... d=619&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si= ... d=619&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si= ... d=619&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si= ... d=619&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si= ... d=619&q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si= ... d=619&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si= ... d=619&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si= ... d=619&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.qvo6.com/newtab/?utm_source= ... 1379788228"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.qvo6.com/newtab/?utm_source= ... 1379788228"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Default_Search_URL"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Bar"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Page"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Default_Search_URL"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Bar"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Page"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Default_Search_URL"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Bar"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Page"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Default_Search_URL"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Bar"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Page"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si= ... me&tid=619"
"Default_Search_URL"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Bar"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
"Search Page"="http://search.certified-toolbar.com?si= ... 9&st=bs&q="
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{afdbddaa-5d3f-42ee-b79c-185a7020515b}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.startpagina.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... c=HPNTDFJS"
{33BB0A4E-99AF-4226-BDF6-49120163DE86} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1346-1543 ... earchTerms}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{415419C3-DAD0-4DF1-AC37-22C72AD81878} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{415419C3-DAD0-4DF1-AC37-22C72AD81878} deleted successfully
HKEY_USERS\S-1-5-21-4059890851-3174142401-2215351355-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{415419C3-DAD0-4DF1-AC37-22C72AD81878} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{415419C3-DAD0-4DF1-AC37-22C72AD81878} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Deny\Desktop\The.Hangover.2009.DvDRip-FxM - Snelkoppeling.lnk - C:\Users\Deny\Downloads\The.Hangover.2009.DvDRip-FxM\The.Hangover.2009.DvDRip-FxM.avi

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Apple Video Converter Box.lnk - C:\Program Files (x86)\Apple Video Converter Box\Apple Video Converter Box.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\eBay.nl.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe http://redirect.hp.com/svs/rdr?TYPE=4&t ... =all&c=124" onclick="window.open(this.href);return false;
C:\Users\Public\Desktop\Garmin Express.lnk - C:\Program Files (x86)\Garmin\Express\Express.exe
C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Users\Public\Desktop\µTorrent.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Deny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379788228" onclick="window.open(this.href);return false;

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk - C:\Program Files (x86)\Garmin\Express\Express.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379788228" onclick="window.open(this.href);return false;
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PhotoDirector.lnk - C:\Program Files (x86)\CyberLink\PhotoDirector\PhotoDirector.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\MyTomTom.lnk - C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe ""
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\Verwijder MyTomTom.lnk - C:\Program Files (x86)\MyTomTom 3\Uninstall MyTomTom3.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Video Converter Box.lnk - C:\Program Files (x86)\Apple Video Converter Box\Apple Video Converter Box.exe
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379788228" onclick="window.open(this.href);return false;
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379788228" onclick="window.open(this.href);return false;
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Deny\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Utility Center.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Utility Center\HPPU.exe
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379788228" onclick="window.open(this.href);return false;

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\eBay.nl.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe
C:\Users\Deny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Deny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jjhaaimjpjbhmjdhgfipokpnopedmddo deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ooepecapjfnpoblcjpgibomhcnlgbnbj deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Deny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Deny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Deny\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\DealPly" not found
"C:\Program Files (x86)\mixidj" not found
"C:\Program Files (x86)\LemurLeap" not found
"C:\Program Files (x86)\OApps" not found
"C:\Program Files (x86)\Wajam" not found
"C:\Users\Deny\AppData\Roaming\DefaultTab" not found

==== EOF on zo 22-09-2013 at 17:58:38,88 ======================
6
Dat ziet er goed uit, voer ter controle nog eens een scan uit met AdwCleaner:

Download Afbeelding AdwCleaner by Xplode naar het bureaublad.
  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner.exe om de tool te starten.
  • Klik vervolgens op de knop Scan.
  • Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  • Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  • Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  • Het logbestand wordt eveneens opgeslagen op de systeemschijf in de map C:\AdwCleaner als AdwCleaner[S0].txt.
  • Plaats dit logbestand als bijlage in het volgende bericht.
Volg me op Twitter: @bartblaze
Mijn persoonlijke blog: Blaze's Security Blog

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie Afbeelding
7
# AdwCleaner v3.004 - Report created 22/09/2013 at 18:57:22
# Updated 15/09/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Deny - WOONKAMERLAPTOP
# Running from : C:\Users\Deny\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\AVG Secure Search

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.credentialdialogmachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachine
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3webmachinefallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc
Key Deleted : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band
Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DealPly
Key Deleted : HKCU\Software\dealplylive
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\mixidj
Key Deleted : HKCU\Software\ProtectedSearch
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DealPly
Key Deleted : HKLM\Software\dealplylive
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\mixidj
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mixidj
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16688

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v27.0.1453.116

[ File : C:\Users\Deny\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12866 octets] - [22/09/2013 18:56:32]
AdwCleaner[S0].txt - [11939 octets] - [22/09/2013 18:57:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12000 octets] ##########
8
Mooi, die heeft nog wat restjes kunnen opruimen. :good: Hoe staat het momenteel met de problemen, heb je nog last van qv06?

Voer eventueel nog het volgende uit:

Download Afbeelding Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt, echter hoeft u deze niet te plaatsen.
Volg me op Twitter: @bartblaze
Mijn persoonlijke blog: Blaze's Security Blog

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie Afbeelding
9
Hallo Bart,

je hebt me geweldig geholpen, bedankt.
hij draait weer goed en heb geen problemen meer.

heb nog 2 vragen,

ik heb Avast virusscanner
wat kan ik doen om deze vervuiling tegen te gaan?
en wat moet ik doen om elke week mn laptop op te ruimen?

gr Deny Loonen.

nogmaals bedankt.
10
Dag Deny,

Graag gedaan ;) !

Om deze soort vervuiling tegen te gaan zou ik aanraden om WOT te gebruiken, dit is een add-on in je browser die je waarschuwt indien je op een mogelijk schadelijke site komt:
http://www.mywot.com/" onclick="window.open(this.href);return false;


Je kan eveneens 1x per week Ccleaner uitvoeren. Het deel over het register dien je maar 1x per maand uit te voeren.
Download Afbeelding CCleaner naar het bureaublad.

Installeer CCleaner en start CCleaner op.
  • Klik in de linkse kolom op Cleaner.
  • Klik achtereenvolgens op Analyseren en Opschonen.
  • Klik vervolgens in de linkse kolom op Register en klik op Scan naar problemen.
  • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK.
  • Dan krijg je de vraag om een back-up te maken, klik op JA. en kies dan Herstel alle geselecteerde fouten.
  • Sluit hierna CCleaner af.
Volg me op Twitter: @bartblaze
Mijn persoonlijke blog: Blaze's Security Blog

Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie Afbeelding
Gesloten

Terug naar “Hulp bij malware problemen, adware, ongewenste software en een trage computer”