sinds 2 dagen geen internetverbinding meer op laptop en windows-service werkt niet

[Mako]

Hoi,

Dat maakt op zich allemaal niet zoveel uit, het zoek.exe logje is het belangrijkste ;-)

Heb je daar een logbestand van verkregen?

• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.

[annet247]

Zoek.exe Version 4.0.0.4 Updated 19-08-2013

Tool run by fam.kuhl on do 22-08-2013 at 22:08:35,59.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode No Internet Access Detected

Launched: C:\Users\fam.kuhl\Desktop\zoek.exe [script inserted]

==== System Restore Info ======================

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044} deleted successfully

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044} deleted successfully

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{AA74D58F-ACD0-450D-A85E-6C04B171C044} deleted successfully

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{503e067f-2914-4edd-8432-2d6c52635e23} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully

==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\GUT225F.tmp" deleted

"C:\Users\fam.kuhl\Downloads\SoftonicDownloader_voor_windows-media-player.exe" deleted

"C:\Windows\SysNative\roboot64.exe" deleted

"C:\Windows\wininit.ini" deleted

"C:\Windows\Syswow64\shoE23.tmp" deleted

"C:\Users\Public\Desktop\eBay.lnk" deleted

"C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrUI.exe" deleted

"C:\Program Files (x86)\Minibar" deleted

"c:\progra~3\Wincert" deleted

"C:\Program Files (x86)\GUM225E.tmp" deleted

"C:\Program Files (x86)\Minibar" deleted

"C:\Program Files (x86)\Search Results Toolbar" not deleted

"C:\Program Files (x86)\iMesh Applications" deleted

"C:\Program Files (x86)\Conduit" deleted

"C:\Users\fam.kuhl\AppData\Roaming\BabSolution" deleted

"C:\Users\fam.kuhl\AppData\Roaming\Babylon" deleted

"C:\Users\fam.kuhl\AppData\Roaming\Systweak" deleted

"C:\ProgramData\BrowserProtect" deleted

"C:\ProgramData\Datamngr" deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\Wincert" deleted

"C:\ProgramData\Babylon" deleted

"C:\Users\fam.kuhl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker" deleted

"C:\Users\fam.kuhl\AppData\Local\CRE" deleted

"C:\Users\fam.kuhl\AppData\Local\Minibar" deleted

"C:\Users\fam.kuhl\AppData\Local\Bundled software uninstaller" deleted

"C:\Users\fam.kuhl\AppData\Local\PackageAware" deleted

"C:\Users\fam.kuhl\AppData\LocalLow\searchresultstb" deleted

"C:\Users\fam.kuhl\AppData\LocalLow\DataMngr" deleted

"C:\Users\fam.kuhl\AppData\LocalLow\Conduit" deleted

"C:\Windows\Syswow64\WNLT" deleted

"C:\Program Files (x86)\Search Results Toolbar\Datamngr" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-08-22 14:06:55 CA2A8AF1DBAD0F31F9B33A2827DFBC16 207 ----a-w- C:\Windows\tweaking.com-regbackup-FAMKUHL-PC-Microsoft-Windows-7-Home-Premium-(64-bits).dat

2013-08-22 09:30:59 E185BDA84E5F03F4E1D8DCA30E209277 1912 ----a-w- C:\Windows\epplauncher.mif

2013-08-22 09:16:51 BBD73CDCC6853464091DAA7AB0C1C499 99 ----a-w- C:\Windows\Reimage.ini

====== C:\Users\FAM~1.KUH\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

2013-08-14 15:08:28 C5EEAA837E52F7B4763D5678CEDB9FF4 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-08-14 15:08:28 9C89AF1C0D74AEB51025F4B7A1A27A6E 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2013-08-14 15:08:27 87246CCD0088A7C7DE9ECAEC346DBB68 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2013-08-14 15:08:26 CA8860800EF5E387D0D4CC27F64E8011 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-08-14 15:08:25 E500CEACB8FA2114C76FE39005F79C2D 231936 ----a-w- C:\Windows\SysWOW64\url.dll

2013-08-14 15:08:25 3711B49D8CF265A24CD82FB3BCFFB1D5 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-08-14 15:08:24 E8B57171FBDC576F4ECBB075179C308B 1104384 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-08-14 15:08:24 6839F14A2507D9273BD13565DD880377 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-08-14 15:08:24 127359736B0A2093249F20B3B0395BBE 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2013-08-14 15:08:23 F3F218BAE79C4C104DFC44D8D530FD7C 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-08-14 15:08:23 E5085AC9642756F6467F0A28B85477E2 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-08-14 15:08:23 079C80C13024923DCF3DCCB4D8357637 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-08-14 15:08:22 C4C06D8FDF02BD36497BD91825BB4C17 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-08-14 15:08:22 0A725B5A547DE3B4C0E7A0F6F6E972A5 65536 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-08-14 15:08:21 7161E761E81356C8EF6383CB1AE41B8D 12334080 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-08-14 15:08:18 22BEE919EE9E20F6DA460F0EB5F37B03 9738752 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-08-14 11:16:02 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll

2013-08-14 11:16:02 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll

2013-08-14 11:16:02 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll

2013-08-14 11:16:02 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll

2013-08-14 11:15:56 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll

2013-08-14 11:15:50 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL

2013-08-14 11:15:49 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll

2013-08-14 11:15:46 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2013-08-14 11:15:46 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2013-08-14 11:15:45 528D298F9914C558EA7A9809BE598E65 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll

2013-08-14 11:15:44 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2013-08-14 11:15:44 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2013-08-14 11:15:44 77F5D2CB80697EB96C45E79A869A6FAC 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll

2013-08-14 11:15:44 4E77948A7BD16BA5724EC79C60176B03 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll

2013-08-14 11:15:44 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-08-21 16:24:28 0C6A95112019901721F97992EE21B122 1668 ----a-w- C:\Windows\Sysnative\ASOROSet.bin

2013-08-14 15:08:28 60109B1F6734770F27446BD7BF056F56 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2013-08-14 15:08:28 137A8EDEA806845F7042BE80A501BEF2 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-08-14 15:08:26 BBD3F2A134249E0752A7FCC815204EE8 248320 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-08-14 15:08:25 7FE0D30B96E5DBE51F285B9AC6028453 237056 ----a-w- C:\Windows\Sysnative\url.dll

2013-08-14 15:08:25 4DC3BA4DAD1737AE700A62CF0D058E4F 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2013-08-14 15:08:24 CCADB1BFF9BD1966496A9C786E9B02C4 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2013-08-14 15:08:24 CA87556BBA37D1B4F67C331186618673 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-08-14 15:08:24 B641368D3216D322EB8C1D6E433CD223 1346560 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-08-14 15:08:24 67F087197309C807412CC8C70BA10766 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-08-14 15:08:23 A2B1F95AD5458E27F002449C76B0C46F 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-08-14 15:08:23 87753A2B2D08E8750C5CC62FCFD515E8 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll

2013-08-14 15:08:23 82D66A2EBCD2F24EAFDE1F2447C09915 86016 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-08-14 15:08:22 57DDFF8D8DDE2F369335C678422BB71A 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-08-14 15:08:22 3D85AC4E844FC488C139DF829AC6270D 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-08-14 15:08:19 7D9371E3C8CF927D0A2A1D9E1161C324 17830400 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-08-14 15:08:18 114BD6A60D8D5BCCDFA826ADEBA48D04 10926080 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-08-14 11:16:02 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll

2013-08-14 11:16:02 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll

2013-08-14 11:16:02 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll

2013-08-14 11:16:02 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll

2013-08-14 11:15:56 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll

2013-08-14 11:15:51 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL

2013-08-14 11:15:50 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll

2013-08-14 11:15:46 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe

2013-08-14 11:15:45 D6180FBBADA79BC28E5FD8187EBE7F64 243712 ----a-w- C:\Windows\Sysnative\wow64.dll

2013-08-14 11:15:45 8E45DD84F8F786B2DB94AD95225B9246 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll

====== C:\Windows\Sysnative\drivers =====

2013-08-14 11:15:43 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

2013-07-27 09:25:50 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys

====== C:\Windows\Tasks ======

2013-07-27 09:26:56 C41A9C9506872E6E4B05C9E2B43B5CEA 2886 ----a-w- C:\Windows\Sysnative\Tasks\RegClean Pro_DEFAULT

2013-07-27 09:26:56 8585209F0FECDCA33C0FD89841E5F5E4 3042 ----a-w- C:\Windows\Sysnative\Tasks\RegClean Pro_UPDATES

2013-07-27 09:26:52 D8113471914AF22112C7EF7C7837A406 3108 ----a-w- C:\Windows\Sysnative\Tasks\RegClean Pro

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-07-27 09:24:58 -------- d-----w- C:\Program Files\WinZip

======= C:\Program Files (x86) =====

2013-08-22 12:58:25 -------- d-----w- C:\Program Files (x86)\Tweaking.com

2013-08-22 10:04:32 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-08-03 13:38:03 -------- d-----w- C:\Program Files (x86)\VideoLAN

2013-07-31 14:31:00 -------- d-----w- C:\Program Files (x86)\Allin1Convert_8h Chrome Extension

2013-07-27 09:25:45 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2013-07-27 09:25:45 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

======= C: =====

2013-08-22 13:05:11 A4B0548089FD64FE254162533AD59720 6576 ------w- C:\bootsqm.dat

2013-08-21 15:54:00 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Recovery.txt

====== C:\Users\fam.kuhl\AppData\Roaming ======

2013-08-10 16:35:50 -------- d-----w- C:\users\fam.kuhl\AppData\Locallow\Minibar

2013-08-03 13:38:25 -------- d-----w- C:\users\fam.kuhl\AppData\Roaming\vlc

2013-08-03 13:37:38 -------- d-----w- C:\users\fam.kuhl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat

2013-08-03 13:37:38 -------- d-----w- C:\users\fam.kuhl\AppData\Local\AppsHat Mobile Apps

2013-08-03 13:37:37 -------- d-----w- C:\users\fam.kuhl\AppData\Local\WebPlayer

2013-08-03 13:37:19 -------- d-----w- C:\users\fam.kuhl\AppData\Local\Programs

2013-08-03 13:37:12 8287D0E6DA60B6E9153D7EDC2C322097 6876 ----a-w- C:\users\fam.kuhl\AppData\Locallow\SkwConfig.bin

2013-08-03 13:36:58 -------- d-----w- C:\users\fam.kuhl\AppData\Local\FilesFrog Update Checker

2013-07-27 09:26:00 -------- d-----w- C:\users\fam.kuhl\AppData\Local\AVG Secure Search

2013-07-27 09:25:53 -------- d-----w- C:\users\fam.kuhl\AppData\Locallow\AVG Secure Search

2013-07-27 09:25:42 -------- d-----w- C:\users\fam.kuhl\AppData\Local\WinZip

====== C:\Users\fam.kuhl ======

2013-08-22 12:58:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com

2013-08-21 16:00:02 -------- d-----w- C:\ProgramData\2283

2013-08-03 13:38:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2013-07-27 09:25:46 -------- d-----w- C:\ProgramData\AVG Secure Search

2013-07-27 09:25:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip

2013-07-27 09:25:00 -------- d-----w- C:\ProgramData\WinZip

2013-07-27 09:20:00 -------- d-----w- C:\ProgramData\TorchCrashHandler

2013-07-26 22:34:32 -------- d-----w- C:\ProgramData\20373

====== C: exe-files ==

2013-08-22 12:58:26 B07A389E24BE77C81A2AAFC2D2EBC4F6 1346048 ----a-w- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\uninstall.exe

2013-08-19 15:51:45 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Windows\Temp\600692E8-AF9C-4C8F-98BF-FAA5EB689E89\DismHost.exe

2013-08-18 21:48:27 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Windows\Temp\8CFD8E3E-F7DE-4204-B115-94DACE2D0FE6\DismHost.exe

=== C: other files ==

2013-08-22 18:39:37 C1D78C07C7BCEFB5994B7A2FB39AE140 6727 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp222.bat

2013-08-22 18:39:32 784175CDFB0B0CA634A5AB5A3CC88941 3707 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp482.bat

2013-08-22 18:39:23 731F182790E0B6A0535C6E5BC08285D3 563 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp957.bat

2013-08-22 18:39:18 BDB6D89DF88A54BC28D20522205C615E 430 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp663.bat

2013-08-22 18:39:14 B41CB5B963C30CBD87BBD110BCA21AFA 440 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp91.bat

2013-08-22 18:39:05 0347E1B0EED6B1984C026B649E91CE79 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp926.bat

2013-08-22 18:39:00 34ADD889257D82DE337B5B4B02566681 440 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp17.bat

2013-08-22 18:38:48 92ABC6E348C89F3BAF61A62A867581E2 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp955.bat

2013-08-22 18:38:41 535A005DE68302C28D9743D943EECB1C 447 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp961.bat

2013-08-22 18:38:37 01F968D63D39D71F0747078F5218D541 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp484.bat

2013-08-22 18:38:32 BB0C83A34B5759131D54FA302FB4D72D 445 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp771.bat

2013-08-22 18:38:27 8789B1629858924EC91B83AD668271BB 447 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp656.bat

2013-08-22 18:38:22 3915B46BAD3D9C9CF8CD1AE2CD6C8239 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp533.bat

2013-08-22 18:38:18 33629DD2ACFA0BA7AB16E16798B2112B 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp508.bat

2013-08-22 18:38:13 D586B19DE48F2F79B2CE2D71656FFC43 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp745.bat

2013-08-22 18:38:06 B5C9086689FC8E08EDA5E562D1696459 666 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp593.bat

2013-08-22 18:37:57 AB7D47863871E6093F003F425EAD76B5 1944 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp202.bat

2013-08-22 18:37:42 45D1E046F3F5B5998C058D02E06934CA 6308 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp936.bat

2013-08-22 18:37:35 A4302F9267DBDFE89390775F3D753D7C 446 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp924.bat

2013-08-22 18:37:28 980E45DD7C3E9C607A349B8BB07D107F 1144 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp380.bat

2013-08-22 18:37:24 4718ABEE86679AA57CAF169746101657 1170 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp726.bat

2013-08-22 18:37:19 E77662A1E64EE7BD5875B0DD1592E41C 456 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp828.bat

2013-08-22 18:37:14 2AAE9A2D36AB995EDAF31EF16863C128 515 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp577.bat

2013-08-22 18:37:05 B36034E14754B5DA926E855D55F1F4B8 21650 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp544.bat

2013-08-22 18:36:56 6555A09A601E5A9F57A1090749F290C6 35820 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp542.bat

2013-08-22 18:36:43 045950B7864576B98C6CF67D38C02725 453 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp636.bat

2013-08-22 18:36:01 151BEDABC777A9131087B118D917B8B6 1510 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp929.bat

2013-08-22 18:35:52 3D9A559D3B3DB996CBB9F50FCA2B9A1E 32608 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp250.bat

2013-08-22 18:35:48 F183588CEB2FA6EECC86B4EADC841023 1685 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp349.bat

2013-08-22 18:35:33 3A4E4615F97FD4BB5B667CB1A913148A 1439 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp278.bat

2013-08-22 14:14:35 574CFFA33A25C86F99CF4059A4B93EA4 6726 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp34.bat

2013-08-22 14:14:29 B06B5617367E5B5E5021B23DC7DC3DC2 3707 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp974.bat

2013-08-22 14:14:20 7B5A3D91663F642E16CF444131B7E542 563 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp149.bat

2013-08-22 14:14:13 E8A8427DFC70E3AD3F268339E0ED1D7B 430 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp540.bat

2013-08-22 14:14:06 A66AF5E451990A943F1DECEEE83498E2 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp832.bat

2013-08-22 14:14:01 5A57F88FF997645F57E0CD020CAB26D2 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp196.bat

2013-08-22 14:13:57 CF85E89742BB8F3C97DF70AD670DD3C4 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp757.bat

2013-08-22 14:13:52 BFCB815342A74B01B91318B58C04EA62 453 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp635.bat

2013-08-22 14:13:45 6D3F43191851DA9C280965E89643E275 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp119.bat

2013-08-22 14:13:40 DF83FB82CD1CF7F61C7CBFC83F66B0C9 447 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp332.bat

2013-08-22 14:13:35 36226E8573F1895B40ADD4D9A21E6DA2 440 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp53.bat

2013-08-22 14:13:31 361AB80CF947DCAC3D110BF83391809B 444 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp63.bat

2013-08-22 14:13:26 5FAB0374D045D44C5D6FD7AFC90775BA 447 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp842.bat

2013-08-22 14:13:21 EBA7C01FD8242926910E034969E8767D 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp965.bat

2013-08-22 14:13:16 A2C770D30D7FC5803D0FA8009803C026 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp794.bat

2013-08-22 14:13:10 4DCCCEAD629926B0FF50F094B6E56307 441 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp712.bat

2013-08-22 14:12:59 EDBF5E0500F49B27684889B898718D0F 666 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp895.bat

2013-08-22 14:12:52 7EE7AC33C49F7D5338954CD461A04F72 1942 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp7.bat

2013-08-22 14:12:32 F3919019FDA5E19E56760E1DDA6A0A19 6308 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp574.bat

2013-08-22 14:12:25 5348F5E98B08A795DB6B7637FCDB5839 446 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp941.bat

2013-08-22 14:12:14 015392C0B09514E204F4F680666D1C67 1144 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp405.bat

2013-08-22 14:12:10 4CCC19BF9DC7875414D1DEE52D8A743E 1170 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp341.bat

2013-08-22 14:12:03 09DDF08BB52935543D21813EBCFD0E73 458 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp893.bat

2013-08-22 14:11:58 EC59F86B958E1CA2BADA1A6A541854CC 515 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp125.bat

2013-08-22 14:11:50 42935775ACAD653F70A0BBE1AF752EE9 21650 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp739.bat

2013-08-22 14:11:32 91B9A481DAADB5543C0AE1D6D9FA4A55 35820 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp654.bat

2013-08-22 14:11:21 0ABFAEB9DA7BB2C47158CCD9D309243D 2839 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp181.bat

2013-08-22 14:10:19 1007383B38FEC7ADB5BCC2C7AE481A5F 1510 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp493.bat

2013-08-22 14:10:01 5D27075DDF751063FE0B8805D476C887 32608 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp732.bat

2013-08-22 14:09:55 9718C75DC736433D55EC0A22C6686016 1685 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp598.bat

2013-08-22 14:09:29 7A945C33B632CD67AB431486CEF42EB1 1439 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\temp275.bat

2013-08-22 12:59:08 30DB0BB1CCB4767F8D2F0AD26B4D64B5 199 ----a-w- C:\Users\fam.kuhl\AppData\Local\Temp\restart.bat

2013-08-22 11:17:18 B6B737FCD9B9CF3E3B8199FA94EF612B 882 ----a-w- C:\Users\fam.kuhl\Desktop\index (1).zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"SDP"="C:\Users\fam.kuhl\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto "

"AppsHat"="C:\Users\fam.kuhl\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"

"SSDMonitor"="C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"

"DATAMNGR"="C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~2.EXE"

"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"SDP"="C:\Users\fam.kuhl\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto "

"AppsHat"="C:\Users\fam.kuhl\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"Power Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:y6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ :C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\RMAutoUpdate.job --a------ C:AC:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe []

C:\Windows\tasks\RMSchedule.job --a------ C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe [11-02-2013 21:30]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

ajabgmkadchiibcnkdghiihchmlfjnmc - C:\Users\fam.kuhl\AppData\Local\CRE\ajabgmkadchiibcnkdghiihchmlfjnmc.crx[]

dhjbpmkagjlnhcmdpmbagjldaknbgnff - C:\Program Files (x86)\Allin1Convert_8h Chrome Extension\bar\Allin1Convert@mindspark.com.gen1[31-07-2013 16:31]

kiplfnciaokpcennlkldkdaeaaomamof - C:\Users\fam.kuhl\AppData\Local\Torch\Plugins\TorchPlugin.crx[20-07-2013 21:20]

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx[02-02-2013 00:18]

ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx[15-08-2013 10:43]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

ajabgmkadchiibcnkdghiihchmlfjnmc - C:\Users\fam.kuhl\AppData\Local\CRE\ajabgmkadchiibcnkdghiihchmlfjnmc.crx[]

WiseConvert 1.4 - fam.kuhl - Default\Extensions\ajabgmkadchiibcnkdghiihchmlfjnmc

Allin1Convert - fam.kuhl - Default\Extensions\dhjbpmkagjlnhcmdpmbagjldaknbgnff

Torch Share - fam.kuhl - Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof

Norton Identity Protection - fam.kuhl - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

AVG Secure Search - fam.kuhl - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

==== Chrome Fix ======================

C:\Users\fam.kuhl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully

C:\Users\fam.kuhl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully

C:\Users\fam.kuhl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage deleted successfully

C:\Users\fam.kuhl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal deleted successfully

C:\Users\fam.kuhl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajabgmkadchiibcnkdghiihchmlfjnmc deleted successfully

C:\Users\fam.kuhl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ajabgmkadchiibcnkdghiihchmlfjnmc_0.localstorage deleted successfully

C:\Users\fam.kuhl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ajabgmkadchiibcnkdghiihchmlfjnmc_0.localstorage-journal deleted successfully

C:\Users\fam.kuhl\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ajabgmkadchiibcnkdghiihchmlfjnmc_0 deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.imesh.net"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.imesh.net"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3352843026-2039328326-802878635-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ajabgmkadchiibcnkdghiihchmlfjnmc deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ajabgmkadchiibcnkdghiihchmlfjnmc deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\fam.kuhl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\fam.kuhl\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\fam.kuhl\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\fam.kuhl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\users\fam.kuhl\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\FAM~1.KUH\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\fam.kuhl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Program Files (x86)\Search Results Toolbar" not found

==== EOF on do 22-08-2013 at 22:18:32,38 ======================

23 augustus 2013 aangepast door Mako
Dubbellog verwijderd

[Mako]

Hoi,

Start Zoek.exe nogmaals met het onderstaande script.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

(hier of hier) kan je lezen hoe je dat doet.

• 
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

   
  C:\users\fam.kuhl\AppData\Locallow\Minibar;fs
  C:\ProgramData\2283;vs
  C:\ProgramData\20373;vs
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
  "DATAMNGR"=-;r
  C:\PROGRA~2\SEARCH~1;fs
  dhjbpmkagjlnhcmdpmbagjldaknbgnff;chr
  C:\Program Files (x86)\Allin1Convert_8h Chrome Extension;fs
  [-HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\dhjbpmkagjlnhcmdpmbagjldaknbgnff];r
  [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhjbpmkagjlnhcmdpmbagjldaknbgnff];r64
  uninstall-list; 
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.

[annet247]

Ik heb zoek nogmaals laten draaien, heeft nog geen positief effect helaas. Bijgaand de log

zoek-results2.txt

[Mako]

Hallo,

1. Start Zoek.exe nogmaals met het onderstaande script.
   Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
   (hier of hier) kan je lezen hoe je dat doet.
   
   • 
     
   • Dubbelklik op Zoek.exe om de tool te starten.
     
   • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
     
   • Kopieer nu onderstaande code en plak die in het grote invulvenster:
     
   • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
     

      
     Search-Results Toolbar;u
     Torch;u
     Torchlight;u
     kiplfnciaokpcennlkldkdaeaaomamof;chr
     C:\Users\fam.kuhl\AppData\Local\Torch\Plugins\TorchPlugin.crx;fs
     

     
     

   • Klik nu op de knop "Run script".
     
   • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
     
   • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
     
   • Post het geopende logje in het volgende bericht als bijlage.

[*]Download AdwCleaner by Xplode naar je bureaublad.

• 
  
• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op Scan.
  
• Klik vervolgens op Clean als er items zijn gevonden.
  
• Klik bij Herstarten Noodzakelijk op OK
  

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.

Post aansluitend de inhoud van dit log in je volgende bericht.

[annet247]

beide stappen uitgevoerd en de logs gepost. Helaas nog geen resultaat.

adwarelog.txt

zoek-results3.txt

[Mako]

Hallo,

Aan het internetprobleem komen we als laatste toe, de malware opschoning is zo stilaan afgerond. Eerst nog even kijken naar de Windows Services ;-).

Download Farbar Service Scanner naar het bureaublad.

• Dubbelklik op FSS.exe om de tool te starten.
  
• Vink vervolgende de onderstaande items aan.
  
  • Internet Services
    
  • Windows Firewall
    
  • System Restore
    
  • Security Center / Action Center
    
  • Windows Update
    
  • Windows Defender
    
  • Other Services

  [*] Klik vervolgens op de knop "Scan".

  [*] Er zal u een logbestand aangemaakt worden (FSS.txt) op dezelfde plaats vanwaar de 'tool' is gestart.

  [*] Plaats de inhoud hiervan in uw volgende bericht als bijlage.

[annet247]

fss uitgevoerd, bijgaand de log

FSS.txt

[Mako]

Hoi,

Open een kladblokbestand.

Kopieer onderstaande code in dit kladblokbestand:

sc start Dhcp
sc start MpsSvc
sc start bfe

Ga naar Bestand - Opslaan als.

Bij "Opslaan in" kies je: Bureaublad

Bij "Bestandsnaam" zet je: Servicefix.bat.

Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).

Klik op de knop Opslaan.

Dubbelklik op Servicefix.bat om uit te voeren.

Windows Vista, 7 en 8 gebruikers dienen Servicefix.bat uit te voeren als administrator.

Plaats nadien een nieuw logje van Farbar Service scanner aub.

[annet247]

uitgevoerd...

FSS1.txt