Hallo,

Ik heb gisteren iets gedownload en waarschijnlijk heb ik een virus mee gekregen, ik kom n.l niet af van webssearches, com Kunt u mij vertellen hoe ik van deze hinderlijke zoekmachine af kom.

Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
(hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (klik hier voor meer informatie over hoe zoek.exe te gebruiken)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.

• Dubbelklik vervolgens op Zoek.exe om de tool te starten.
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
• Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

  Code: Selecteer alles

  emptyfolderscheck;delete
  firefoxlook; 
  Chromelook; 
  CHRdefaults;
  autoclean; 
  iedefaults; 
  
  

• Klik nu op de knop "Run script".
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
• Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe v5.0.0.1 Updated 22-November-2015
Tool run by gebruiker on wo 25-11-2015 at 19:41:21,72.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\gebruiker\Downloads\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 19:42:54,84 =====

--- Create Environment Variables 19:42:55,88
--- Create System Restore Point 19:43:01,87
--- Checking Input 19:43:35,25
--- AU AppData Check 19:44:11,57
--- Remove From Windows Installer 19:44:16,52

Sorry maar dit is maar een klein deel van het logje.

Zoek.exe v5.0.0.1 Updated 22-November-2015

Hallo,

Heeft u mijn laatste bericht volledig ontvangen.

Zeker, u had (is deleted) een browser hijacker, WdsManPro


Aub zoek.exe nogmaals starten en gebruik dan onderstaande code aub.
Plaats aub de uitslag en vertel gelijk even hoe het nu gaat.\

Zoek.exe v5.0.0.1 Updated 22-November-2015
Tool run by gebruiker on do 26-11-2015 at 14:35:51,09.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\gebruiker\Downloads\zoek(4).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-11-25-190258.log 23074 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\cptsz0fy.default-1421271873270

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_26-11-2015_1448_.backup

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\jj5byeg2.default-1422799799236

user.js not found
---- Lines webssearch removed from prefs.js ----
user_pref("browser.search.defaultenginename", "webssearches");
user_pref("browser.search.selectedEngine", "webssearches");
---- FireFox user.js and prefs.js backups ----

prefs_26-11-2015_1448_.backup

==== Deleting Files \ Folders ======================

C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\jj5byeg2.default-1422799799236\jetpack deleted

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"DSE"="true" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\cptsz0fy.default-1421271873270
- Undetermined - %ProfilePath%\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\jj5byeg2.default-1422799799236
- FoxyProxy Basic - C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\jj5byeg2.default-1422799799236\extensions\foxyproxy@eric.h.jung
- FoxyProxy Basic - %ProfilePath%\extensions\foxyproxy@eric.h.jung
- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
- Element Hiding Helper for Adblock Plus - %ProfilePath%\extensions\elemhidehelper@adblockplus.org.xpi
- ZenMate VPN: Gvenlik Gizlilik amp; zgrlk - %ProfilePath%\extensions\firefox@zenmate.com.xpi
- Strict Pop-up Blocker - %ProfilePath%\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi
- Pin It button - %ProfilePath%\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
- Adblock Edge - %ProfilePath%\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\jj5byeg2.default-1422799799236
F114FBA6246530B89DD1E04351E0EAC5 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll - Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12-10-2015 08:31]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bmkckgpgekmanipelfidlhmkfcjicion - No path found[]

RealDownloader - gebruiker\AppData\Local\Chromium\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype for Chromium - gebruiker\AppData\Local\Chromium\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
AdBlock - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
SilveOS.com - Silverlight operating system. - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiogjlcjaamelgfnpmhffhgphjdcabcb
SimilarWeb - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp
Skype Click to Call - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.nu.nl/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.nu.nl/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\gebruiker\Desktop\10042010002.jpg - Snelkoppeling.lnk - C:\Users\gebruiker\Documents\Bureaublad\ovide feest\10042010002.jpg
C:\Users\gebruiker\Desktop\Adobe Photoshop Elements 9.lnk - C:\Program Files (x86)\Adobe\Elements 9 Organizer\Photoshop Elements 9.0.exe
C:\Users\gebruiker\Desktop\Ariana Grande - Problem (feat. Iggy Azalea) [Karaoke _ Instrumental].mp3 - Snelkoppeling.lnk - C:\Users\gebruiker\Music\Ariana Grande - Problem (feat. Iggy Azalea) [Karaoke _ Instrumental].mp3
C:\Users\gebruiker\Desktop\Ariana Grande - Problem ft. Iggy Azalea.mp3 - Snelkoppeling.lnk - C:\Users\gebruiker\Music\Ariana Grande - Problem ft. Iggy Azalea.mp3
C:\Users\gebruiker\Desktop\HTTrack Website Copier.lnk - C:\Program Files (x86)\WinHTTrack\WinHTTrack.exe
C:\Users\gebruiker\Desktop\IDEEEN BADMUTS.lnk - C:\Users\gebruiker\Desktop\IDEEEN BADMUTS
C:\Users\gebruiker\Desktop\Katy Perry - This Is How We Do (Official).mp3 - Snelkoppeling.lnk - C:\Users\gebruiker\Music\Katy Perry - This Is How We Do (Official).mp3
C:\Users\gebruiker\Desktop\MP3 WAV WMA OGG Converter.lnk - C:\Program Files (x86)\ACE-HIGH MP3 WAV WMA OGG Converter\converter.exe
C:\Users\gebruiker\Desktop\Reggae Instrumental - _Unity_.mp3 - Snelkoppeling.lnk - C:\Users\gebruiker\Music\Reggae Instrumental - _Unity_.mp3
C:\Users\gebruiker\Desktop\VRIJ 28 AUG 2015 Burleson On KheperaRadio.mp3 - Snelkoppeling.lnk - C:\Users\gebruiker\AppData\Roaming\Skype\My Skype Received Files\VRIJ 28 AUG 2015 Burleson On KheperaRadio.mp3
C:\Users\gebruiker\Desktop\µTorrent.lnk -
C:\Users\gebruiker\Desktop\Tor Browser\Start Tor Browser.lnk - C:\Users\gebruiker\Desktop\Tor Browser\Browser\firefox.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Adobe Photoshop Elements 9.lnk - C:\Program Files (x86)\Adobe\Elements 9 Organizer\Photoshop Elements 9.0.exe
C:\Users\Public\Desktop\Apowersoft Gratis Audiorecorder.lnk - C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
C:\Users\Public\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe
C:\Users\Public\Desktop\Best Safe Browser.lnk - C:\Program Files (x86)\DVDVideoSoft\Best Safe Browser\BestSafeBrowser.exe
C:\Users\Public\Desktop\Canon My Printer.lnk - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE /dt
C:\Users\Public\Desktop\Canon Solution Menu.lnk - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\DeepBurner.lnk - C:\Program Files (x86)\DeepBurner\DeepBurner.exe
C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe
C:\Users\Public\Desktop\Free Audio Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Audio Converter\FreeAudioConverter.exe
C:\Users\Public\Desktop\Free DVD Video Burner.lnk - C:\Program Files (x86)\DVDVideoSoft\Free DVD Video Burner\FreeDVDVideoBurner.exe
C:\Users\Public\Desktop\Free Video to DVD Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Video to DVD Converter\FreeVideoToDVDConverter.exe
C:\Users\Public\Desktop\Free Video to MP3 Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Video to MP3 Converter\FreeVideoToMP3Converter.exe
C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
C:\Users\Public\Desktop\Glary Utilities 5.lnk - C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\ImageBrowser EX.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\ImageBrowserEX.exe
C:\Users\Public\Desktop\IncrediMail.lnk - C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Registry Repair.lnk - C:\Program Files (x86)\Glarysoft\Registry Repair 5\RegistryCleaner.exe

==== shortcuts in Users Start Menu ======================

C:\Users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\ImageBrowser EX\ImageBrowser EX Uninstall.lnk - C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\ImageBrowser EX\uninstall.xml"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\ImageBrowser EX\ImageBrowser EX.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\ImageBrowserEX.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\ImageBrowser EX\Readme\ImageBrowser EX Readme.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\Readme(ImageBrowser EX).rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\ImageBrowser EX\Readme\MovieEdit Task Readme.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\ReadMeMET.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\copying.lnk - C:\Windows\notepad.exe C:\Program Files (x86)\WinHTTrack\copying
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\Documentation.lnk - C:\Program Files (x86)\WinHTTrack\httrack-doc.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\greetings.txt.lnk - C:\Windows\notepad.exe C:\Program Files (x86)\WinHTTrack\greetings.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\history.txt.lnk - C:\Windows\notepad.exe C:\Program Files (x86)\WinHTTrack\history.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\license.txt.lnk - C:\Windows\notepad.exe C:\Program Files (x86)\WinHTTrack\license.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\readme.lnk - C:\Windows\notepad.exe C:\Program Files (x86)\WinHTTrack\readme
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack\WinHTTrack Website Copier.lnk - C:\Program Files (x86)\WinHTTrack\WinHTTrack.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk - C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk - C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Registry Repair.lnk - C:\Program Files (x86)\Glarysoft\Registry Repair 5\RegistryCleaner.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\KPN Installatie Assistent.lnk - C:\Program Files (x86)\KPN\KPN Installatie Assistent\KPN_IA.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop Elements 9.lnk - C:\Program Files (x86)\Adobe\Elements 9 Organizer\Photoshop Elements 9.0.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HD VDeck.lnk - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IncrediMail.lnk - C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<local>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\60723POZ will be deleted at reboot
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6GT4VTZR will be deleted at reboot
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MQJS9OEI will be deleted at reboot
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RNMTL9TH will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\gebruiker\AppData\Local\Mozilla\Firefox\Profiles\jj5byeg2.default-1422799799236\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\gebruiker\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=206 folders=52 230204150 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\gebruiker\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\60723POZ" not found
"C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\6GT4VTZR" not found
"C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MQJS9OEI" not found
"C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RNMTL9TH" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on do 26-11-2015 at 15:35:37,68 ======================

Vertel even of u nog problemen heeft.

Ik denk niet dat ik nu nog een probleem heb alleen bij het opnieuw opstarten kreeg ik het beginscherm: resource://firefox-at-zenmate-dot-com/zenmate/data/page.html" onclick="window.open(this.href);return false;

Verder zie ik geen problemen meer.

Ken ik niet, ik kom daar vanavond even op terug.

Dank je wel voor het oplossen.

Groet,
Nancy

ZenMate zit als extension in je Firefox, die kan je zelf verwijderen daar.

Hartelijk dank.

Download Delfix by Xplode naar het bureaublad, deze zal de gebruikte tools en logbestanden weer verwijderen.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
• Create registry backup
• Purge System Restore

Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt, echter hoeft u deze niet te plaatsen.

Bescherming tegen ongewenste software.

Unchecky voorkomt installatie van ongewenste software

Dubbelklik op het installatiebestand unchecky_setup.exe om de installatie te starten.
In het scherm wat nu verschijnt kunt u voor meer opties kiezen, op deze manier kunt u zelf de locatie instellen waar Unchecky geïnstalleerd dien te worden.
Klik vervolgens op de knop Install om Unchecky te installeren.
Wanneer de installatie van Unchecky gereed is klikt u op Finish.
Start na de installatie wel even de computer opnieuw op, dit om de wijzigingen in het hostsbestand van Windows door te voeren.



Misschien ook beter om Hitmanproalert te installeren. Alert
Uitleg hieronder.
Uitleg