my search results

[Brejen]

ik zit met een virus nl my search results: hoe kan ik dat verwijderen vanmijn pc?

[kape]

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[Brejen]

Logfile of random's system information tool 1.09 (written by random/random)

Run by ACER at 2013-11-11 14:33:54

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 390 GB (83%) free of 468 GB

Total RAM: 8174 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:33:58, on 11/11/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16720)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\LaCie\Network Assistant\LaCie Network Assistant.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

C:\Program Files (x86)\AVG\AVG2014\avgui.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe

C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Windows\sysWow64\SearchProtocolHost.exe

C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files\trend micro\ACER.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, enhanced for Bing and MSN

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)

R3 - URLSearchHook: (no name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\ACER\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Search Assistant BHO - {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: Toolbar BHO - {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll

O3 - Toolbar: Allin1Convert - {cd1a63ba-a08c-431b-9a34-f240aadc728d} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Allin1Convert Search Scope Monitor] "C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hsrchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [Allin1Convert_8h Browser Plugin Loader] C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbrmon.exe

O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKCU\..\Run: [LaCie Ethernet Agent Startup] "C:\Program Files (x86)\LaCie\Network Assistant\LaCie Network Assistant.exe"

O4 - HKCU\..\Run: [NTRedirect] C:\Windows\SysWOW64\rundll32.exe "C:\Users\ACER\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Allin1ConvertService (Allin1Convert_8hService) - COMPANYVERS_NAME - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbarsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing)

O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\ACER\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe

O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 14459 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=809dca3e-4435-4b57-b8be-a71eae8e6e2c /coreSdkOptions=4364 /logConfFile="C:\Windows\TEMP\f7865c5a-a958-4a0e-9e62-dd158bdf5371-1e8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

winlogon.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbarsvc.exe

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"

crypserv.exe

"C:\Users\ACER\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe"

C:\Windows\system32\dgdersvc.exe

"C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe" /DisableUI

"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"

"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"

C:\Windows\system32\svchost.exe -k imgsvc

C:\OEM\USBDECTION\USBS3S4Detection.exe

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

WLIDSvcM.exe 3036

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"

taskeng.exe {8ABE5582-D6E1-487C-B286-23C167142110}

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe"

"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe"

"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"

taskeng.exe {C4A69548-99B0-406E-A648-D9FE49681906}

"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"

"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-477f1381-898b-45eb-b52e-375491598cc0 -SystemEventPortName:HostProcess-01cc5eca-f762-41be-99ae-3adf5d0fa580 -IoCancelEventPortName:HostProcess-e45f7d7c-1373-4f8f-9d63-58314a4e107d -NonStateChangingEventPortName:HostProcess-df256bad-b94e-4bd6-a60a-1f514b025ffb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e3af597a-eaeb-4ed9-b034-e69dc122b947 -DeviceGroupId:WpdFsGroup

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Nero\Update\NASvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files\Internet Explorer\iexplore.exe"

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6796 CREDAT:267521 /prefetch:2

C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding

C:\Windows\splwow64.exe 4096

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

winlogon.exe

"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"

C:\Windows\system32\nvvsvc.exe -session

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe"

"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"C:\Program Files (x86)\LaCie\Network Assistant\LaCie Network Assistant.exe"

"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\ACER\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run

"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"

"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbrmon.exe"

"C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE"

"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"

taskeng.exe {865A65F8-EE20-49CD-9977-53376BF1B043}

"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"

"C:\Windows\system32\wuauclt.exe"

"C:\Windows\sysWow64\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-981637665-1960542106-3209509957-100115_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-981637665-1960542106-3209509957-100115 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"

"C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE" -Embedding

"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"

C:\Windows\splwow64.exe 8192

C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=037f4a4a-84bc-4f4a-ab61-260df447c073 /coreSdkOptions=4096 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\a2660139-e3c4-466d-bb05-fe72000b343c-e08-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"

"C:\Program Files\Internet Explorer\iexplore.exe"

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4368 CREDAT:267521 /prefetch:2

C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4368 CREDAT:1578348 /prefetch:2

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4368 CREDAT:1905963 /prefetch:2

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\sppsvc.exe

"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-981637665-1960542106-3209509957-100116_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-981637665-1960542106-3209509957-100116 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"

"C:\Users\ACER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWPRG338\RSITx64.exe"

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

DefaultTab Browser Helper - C:\Users\ACER\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2013-11-11 462968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}]

Search Assistant BHO - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll [2013-11-09 62864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}]

Toolbar BHO - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll [2013-11-09 716360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{cd1a63ba-a08c-431b-9a34-f240aadc728d} - Allin1Convert - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll [2013-11-09 716360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-30 11660904]

"Allin1Convert Home Page Guard 64 bit"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator64.exe [2013-11-09 548936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2010-10-13 3366200]

"LaCie Ethernet Agent Startup"=C:\Program Files (x86)\LaCie\Network Assistant\LaCie Network Assistant.exe [2009-10-16 5722112]

"NTRedirect"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-09-28 340336]

"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-18 407920]

"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-18 201584]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160]

"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-05-13 177448]

"Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2011-01-19 620136]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2013-10-07 4908592]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]

"beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup []

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"Allin1Convert Search Scope Monitor"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hsrchmn.exe [2013-11-09 44784]

"Allin1Convert_8h Browser Plugin Loader"=C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbrmon.exe [2013-11-09 30096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-11 14:33:54 ----D---- C:\rsit

2013-11-11 14:33:54 ----D---- C:\Program Files\trend micro

2013-11-11 11:25:37 ----D---- C:\sh4ldr

2013-11-11 11:25:17 ----D---- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP

2013-11-11 11:07:58 ----D---- C:\Users\ACER\AppData\Roaming\com.prezi.PreziDesktop

2013-11-11 11:07:44 ----D---- C:\Program Files (x86)\DefaultTab

2013-11-11 11:07:40 ----D---- C:\Users\ACER\AppData\Roaming\defaulttab

2013-11-09 12:46:13 ----D---- C:\Program Files (x86)\Allin1Convert_8h

2013-10-31 12:18:39 ----D---- C:\ProgramData\APN

2013-10-31 12:16:34 ----A---- C:\Windows\SYSWOW64\javaws.exe

2013-10-31 12:16:32 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll

2013-10-31 12:16:32 ----A---- C:\Windows\SYSWOW64\javaw.exe

2013-10-31 12:16:32 ----A---- C:\Windows\SYSWOW64\java.exe

2013-10-30 21:45:11 ----D---- C:\Users\ACER\AppData\Roaming\Mozilla

2013-10-30 21:45:08 ----D---- C:\Program Files (x86)\TornTV.com

2013-10-22 17:06:41 ----D---- C:\ProgramData\Oracle

2013-10-20 17:00:59 ----D---- C:\Program Files (x86)\EaseUS

2013-10-20 12:31:02 ----A---- C:\Windows\vx86036.dat

2013-10-20 12:30:52 ----A---- C:\CKINFO.TXT

2013-10-20 12:30:41 ----D---- C:\ProgramData\CrypKey

2013-10-20 12:30:32 ----A---- C:\Windows\Crypkey.ini

2013-10-20 12:30:29 ----RA---- C:\Windows\Setup_ck.exe

2013-10-20 12:30:29 ----A---- C:\Windows\system32\Crypserv.exe

2013-10-20 12:30:29 ----A---- C:\Windows\system32\Ckldrv.sys

2013-10-20 12:30:29 ----A---- C:\Windows\Setup_ck.dll

2013-10-20 12:30:29 ----A---- C:\Windows\Ckrfresh.exe

2013-10-20 12:30:29 ----A---- C:\Windows\Ckconfig.exe

2013-10-20 12:30:27 ----D---- C:\Program Files (x86)\Stellar Phoenix Outlook PST Repair

2013-10-20 12:30:17 ----A---- C:\spopr.exe

======List of files/folders modified in the last 1 month======

2013-11-11 14:33:54 ----RD---- C:\Program Files

2013-11-11 14:31:09 ----D---- C:\Windows\Temp

2013-11-11 14:30:57 ----D---- C:\ProgramData\clear.fi

2013-11-11 14:13:30 ----SHD---- C:\Windows\Installer

2013-11-11 13:37:14 ----D---- C:\Windows\System32

2013-11-11 13:37:14 ----D---- C:\Windows\inf

2013-11-11 13:37:14 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-11-11 13:35:46 ----D---- C:\Windows\Prefetch

2013-11-11 11:47:20 ----A---- C:\Windows\SYSWOW64\log.txt

2013-11-11 11:43:42 ----D---- C:\ProgramData\NVIDIA

2013-11-11 11:36:53 ----D---- C:\Windows\system32\config

2013-11-11 11:30:55 ----D---- C:\Windows\system32\wbem

2013-11-11 11:30:55 ----D---- C:\Windows

2013-11-11 11:29:56 ----D---- C:\ProgramData\MFAData

2013-11-11 11:29:54 ----SD---- C:\Users\ACER\AppData\Roaming\Microsoft

2013-11-11 11:29:54 ----HD---- C:\Windows\system32\GroupPolicy

2013-11-11 11:29:54 ----D---- C:\Windows\Tasks

2013-11-11 11:29:54 ----D---- C:\Windows\SYSWOW64\drivers

2013-11-11 11:29:54 ----D---- C:\Windows\SysWOW64

2013-11-11 11:29:54 ----D---- C:\Windows\system32\DriverStore

2013-11-11 11:29:54 ----D---- C:\Windows\system32\catroot2

2013-11-11 11:29:54 ----D---- C:\Windows\registration

2013-11-11 11:29:54 ----D---- C:\Users\ACER\AppData\Roaming\PowerCinema

2013-11-11 11:27:41 ----SHD---- C:\System Volume Information

2013-11-11 11:12:27 ----RD---- C:\Program Files (x86)

2013-11-11 11:07:41 ----D---- C:\Windows\SYSWOW64\GroupPolicy

2013-11-01 09:11:04 ----D---- C:\Windows\system32\Tasks

2013-10-31 13:09:58 ----D---- C:\Users\ACER\AppData\Roaming\uTorrent

2013-10-31 13:06:22 ----D---- C:\Users\ACER\AppData\Roaming\vlc

2013-10-31 12:43:31 ----HD---- C:\ProgramData

2013-10-31 12:16:38 ----D---- C:\Program Files (x86)\Common Files

2013-10-31 12:16:32 ----D---- C:\Program Files (x86)\Java

2013-10-29 18:16:08 ----D---- C:\Windows\system32\wfp

2013-10-29 18:16:08 ----D---- C:\Windows\system32\drivers\UMDF

2013-10-29 18:16:08 ----D---- C:\Windows\system32\drivers

2013-10-29 18:16:08 ----D---- C:\Windows\system32\CodeIntegrity

2013-10-29 18:16:07 ----D---- C:\Windows\AppCompat

2013-10-29 18:09:53 ----D---- C:\Windows\system32\LogFiles

2013-10-21 15:18:08 ----D---- C:\Windows\system32\NDF

2013-10-20 15:58:00 ----D---- C:\Windows\rescache

2013-10-16 13:38:00 ----AD---- C:\ProgramData\Temp

2013-10-12 07:02:02 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-09-02 192824]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-09-02 294712]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-08-20 123704]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-08 31544]

R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-02-24 25960]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-09-25 148792]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-09-02 241464]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-09-02 212280]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-03-16 22912]

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-03-16 20328]

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-03-16 62584]

R1 NetworkX;NetworkX; C:\Windows\syswow64\ckldrv.sys []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys [2013-08-14 44672]

R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]

R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]

R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]

R3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2010-09-15 20552]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-30 2647528]

R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-11-12 155752]

R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]

R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

S3 AGERESoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-08-20 103576]

S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-03-02 13088]

S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 204568]

S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2013-08-20 204568]

S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2013-08-20 204568]

S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-09-15 16392]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

S3 usbrndis6;USB RNDIS6-adapter; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]

S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Allin1Convert_8hService;Allin1ConvertService; C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbarsvc.exe [2013-11-09 44752]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]

R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\ACER\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-11-11 107520]

R2 dgdersvc;Device Error Recovery Service; C:\Windows\system32\dgdersvc.exe [2010-09-15 119632]

R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]

R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168]

R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]

R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-02-23 1005160]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-23 378472]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]

R2 USBS3S4Detection;USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 DefaultTabSearch;DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-10-07 573952]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-15 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-15 116648]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-08-16 194032]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-16 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
 {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064};c
 {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4};c
 C:\Program Files (x86)\Allin1Convert_8h;fs
 {02478D38-C3F9-4efb-9B51-7695ECA05670};c
 {7F6AFBF1-E065-4627-A2FD-810366367D01};c
 C:\Users\ACER\AppData\Roaming\DefaultTab;fs
 {a4c2fb10-84c3-44eb-9f9e-860fa1d9a797};c
 {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d};c
 {cd1a63ba-a08c-431b-9a34-f240aadc728d};c
 Allin1Convert Search Scope Monitor;s
 Allin1Convert_8h Browser Plugin Loader;s
 Allin1Convert_8hService;s
 DefaultTabSearch;s
 DefaultTabUpdate;s
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar];r64
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "Allin1Convert Home Page Guard 64 bit"=-;r64
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "Allin1Convert Search Scope Monitor"=-;r64
 "Allin1Convert_8h Browser Plugin Loader"=-;r64
 C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP;f
 C:\Users\ACER\AppData\Roaming\com.prezi.PreziDesktop;fs
 C:\Program Files (x86)\DefaultTab;fs
 C:\Users\ACER\AppData\Roaming\defaulttab;fs
 C:\ProgramData\APN;fs
 C:\Program Files (x86)\TornTV.com;fs
  emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[Brejen]

Ik kan met de betroffen pc niet meer op internet. Vandaar een poging met een andere: het logje wat je gevraagd had is:

Zoek.exe Version 4.0.0.5 Updated 09-November-2013

Tool run by ACER on ma 11/11/2013 at 15:15:45,48.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\ACER\Desktop\zoek.com [script inserted] [Checkboxes used]

==== System Restore Info ======================

11/11/2013 15:17:51 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully

C:\PROGRA~2\COMMON~1\PDF Architect deleted successfully

C:\Program Files\Google deleted successfully

C:\Program Files\log deleted successfully

C:\ProgramData\Babylon deleted successfully

C:\ProgramData\Oracle deleted successfully

C:\Users\ACER\AppData\Roaming\TP deleted successfully

C:\Users\Brecht Vanhoof\AppData\Local\VirtualStore deleted successfully

C:\Users\Jens Vanhoof\AppData\Local\VirtualStore deleted successfully

C:\Users\Patricia Corstjens\AppData\Local\{CB6B4106-00B8-4757-8607-6E48851FA2A8} deleted successfully

C:\Users\Patricia Corstjens\AppData\Local\{EB9B2DB5-7900-4D64-A02A-131ADE3B21B9} deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8120C9D0-DC00-4F96-A1A3-73EF9DB57247} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DC223404-805B-4750-9489-02ED0AE02439} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Allin1Convert_8hService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Allin1Convert_8hService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabSearch deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabSearch deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabUpdate deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

---- FireFox user.js and prefs.js backups ----

user_20131111_1526_.backup

prefs_20131111_1526_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"bProtectorDefaultScope"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"bProtectTabs"=-

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Allin1Convert Home Page Guard 64 bit"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Allin1Convert Search Scope Monitor"=-

"Allin1Convert_8h Browser Plugin Loader"=-

[kape]

Dit is niet het hele logje van zoek.exe. Wil je nog eens bekijken of je de volledige versie niet kan vinden op je C-partitie. Ondertussen is er al heel wat rotzooi van de PC gehaald. Mocht je het logje toch niet vinden, laat dan RSIT opnieuw scannen en hang dat nieuwe (liefst volledige) logje in je volgende bericht.

[Brejen]

ik heb nog een ander gevonden . Is het dit wat je zocht?

Zoek.exe Version 4.0.0.5 Updated 09-November-2013

Tool run by ACER on ma 11/11/2013 at 16:59:15,75.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: \\192.168.1.99\OpenShare\zoek.exe [Quick Scan] [Auto Clean]

==== Older Logs ======================

C:\zoek-results2013-11-11-142614.log 8057 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\8hbrmon.exe" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\8hbrstub.dll" deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin\T8RES.DLL" deleted

"C:\Users\ACER\AppData\Roaming\MAGIX" deleted

"C:\PROGRA~2\Allin1Convert_8h" not deleted

"C:\PROGRA~2\Allin1Convert_8h\bar" not deleted

"C:\PROGRA~2\Allin1Convert_8h\bar\1.bin" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-10-20 11:31:02 8837F1B553AFCAD13B91A7413B85572B 4 ----a-w- C:\Windows\vx86036.dat

2013-10-20 11:30:32 D8CF9F451CE67DFC5CE08CA873D49C6D 139 ----a-w- C:\Windows\Crypkey.ini

2013-10-20 11:30:29 D45FA1C1B94487D50DD06AC4628235D3 165888 ----a-w- C:\Windows\Ckconfig.exe

2013-10-20 11:30:29 A8C462F4067732BF7FFBFFF8E02FC70D 11776 ----a-w- C:\Windows\Ckrfresh.exe

2013-10-20 11:30:29 1DC81022E7605CE5FC7BF08ACFE5FD9C 18432 ----a-w- C:\Windows\Setup_ck.dll

2013-10-20 11:30:29 178A4F6A92760DD8927B4B8C51E760DB 27648 ----a-r- C:\Windows\Setup_ck.exe

====== C:\Users\ACER\AppData\Local\Temp ====

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Users\ACER\AppData\Local\Temp\DefaultTabSetup2.exe

2013-11-02 15:37:14 24F6D923EF6956ABD0449C879F36D7C7 27411 ----a-w- C:\Users\Jens Vanhoof\AppData\Local\Temp\i4jdel1.exe

2013-10-31 11:16:38 49F3F96A236521578C6BBEECF05567B9 510928 ----a-w- C:\Users\Patricia Corstjens\AppData\Local\Temp\APNSetup.exe

====== Java Cache =====

2013-10-21 15:58:31 63F42202C0C5DC7CC6DAC90AE29BE41F 2125094 ----a-w- C:\Users\Jens Vanhoof\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\1ba8977c-4d36a62f-0.2.3.2-

2013-10-31 11:17:01 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-7ac0eb93

2013-10-15 11:53:53 59D6149FF64170865F5FD6578D5FA181 158 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\11be110f-29034340

2013-11-04 11:35:52 59D6149FF64170865F5FD6578D5FA181 158 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\11be110f-2d3e6b5c

2013-10-24 16:56:14 59D6149FF64170865F5FD6578D5FA181 158 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\11be110f-47f92da2

2013-10-31 11:27:50 59D6149FF64170865F5FD6578D5FA181 158 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\11be110f-654a3535

2013-10-15 11:52:45 59D6149FF64170865F5FD6578D5FA181 158 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\11be110f-6bb35003

2013-11-01 08:56:26 59D6149FF64170865F5FD6578D5FA181 158 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\11be110f-7606700d

2013-10-31 11:16:57 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-192920bd

2013-10-31 11:16:57 7FDDCA03279DA10B7E288C0A04A3D2E0 86 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap

2013-10-31 11:16:56 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-3149340c

2013-11-04 11:35:39 5CBEB6B3D78E6BFA1B2360EB61837344 378 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\61f481e1-14a57317

2013-10-15 11:53:54 5CBEB6B3D78E6BFA1B2360EB61837344 378 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\61f481e1-31bab002

2013-11-01 08:56:24 5CBEB6B3D78E6BFA1B2360EB61837344 378 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\61f481e1-3319ebf7

2013-10-15 11:52:56 5CBEB6B3D78E6BFA1B2360EB61837344 378 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\61f481e1-353cf843

2013-11-01 08:55:02 5CBEB6B3D78E6BFA1B2360EB61837344 378 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\61f481e1-47a196ae

2013-10-24 16:56:16 5CBEB6B3D78E6BFA1B2360EB61837344 378 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\61f481e1-50c2c3df

2013-10-24 16:55:48 5CBEB6B3D78E6BFA1B2360EB61837344 378 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\61f481e1-5e73ca7c

2013-10-31 11:28:20 5CBEB6B3D78E6BFA1B2360EB61837344 378 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\61f481e1-711da5d5

2013-11-04 11:35:28 5CBEB6B3D78E6BFA1B2360EB61837344 378 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\61f481e1-7e5feea0

2013-10-15 11:52:44 6099DA81049734B49587DA20CD40CCB6 3727 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72290724-28728aa9

2013-11-01 08:56:25 6099DA81049734B49587DA20CD40CCB6 3727 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72290724-4bff58e0

2013-11-04 11:35:31 6099DA81049734B49587DA20CD40CCB6 3727 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72290724-6c13e569

2013-10-24 16:56:14 6099DA81049734B49587DA20CD40CCB6 3727 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72290724-6fbd5d90

2013-10-31 11:27:50 6099DA81049734B49587DA20CD40CCB6 3727 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\72290724-6fdfac76

2013-10-31 11:16:58 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-66cf5832

2013-11-01 08:55:02 D4915520B972D54E8C9F6B077895B6F2 268 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7b08d074-1d388f0d

2013-10-15 11:53:53 D4915520B972D54E8C9F6B077895B6F2 268 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7b08d074-1ed9f2c5

2013-11-04 11:35:31 D4915520B972D54E8C9F6B077895B6F2 268 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7b08d074-46b4a4bd

2013-10-24 16:56:14 D4915520B972D54E8C9F6B077895B6F2 268 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7b08d074-5fbf1837

2013-10-31 11:27:50 D4915520B972D54E8C9F6B077895B6F2 268 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7b08d074-72aa2df5

2013-10-15 11:52:45 D4915520B972D54E8C9F6B077895B6F2 268 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7b08d074-7310b3c9

2013-11-04 11:35:52 D4915520B972D54E8C9F6B077895B6F2 268 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7b08d074-7c992f9e

2013-10-23 11:30:22 D18B4F6BFC49B6CD33201FCBEEA149D5 115 ----a-w- C:\Users\Patricia Corstjens\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\790146f6-6.0.lap

====== C:\Windows\SysWOW64 =====

2013-10-31 11:16:34 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2013-10-31 11:16:32 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2013-10-31 11:16:32 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-10-31 11:16:32 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-11 13:33:54 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2013-11-09 11:46:13 -------- d-----w- C:\PROGRA~2\Allin1Convert_8h

2013-10-31 11:16:38 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

2013-10-20 16:00:59 -------- d-----w- C:\PROGRA~2\EaseUS

2013-10-20 11:30:27 -------- d-----w- C:\PROGRA~2\Stellar Phoenix Outlook PST Repair

======= C: =====

2013-10-20 11:30:52 9AE67BFEAA12ED6BE8642AEBFD722A11 86 ----a-w- C:\CKINFO.TXT

2013-10-20 11:30:17 CFDE73ECDD37449E5120CD2E8D78ECF7 10022936 ----a-w- C:\spopr.exe

====== C:\Users\ACER\AppData\Roaming ======

2013-11-11 10:25:37 -------- d-----w- C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter

2013-10-31 15:35:38 -------- d-----w- C:\Users\Jens Vanhoof\AppData\Locallow\Torntv 2

2013-10-31 11:09:21 -------- d-----w- C:\Users\Patricia Corstjens\AppData\Locallow\Torntv 2

2013-10-30 20:45:11 -------- d-----w- C:\Users\ACER\AppData\Roaming\Mozilla

2013-10-20 13:35:41 -------- d-----w- C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cimaware OfficeFIX 6

2013-10-20 13:35:41 -------- d-----w- C:\Users\ACER\AppData\Local\Cimaware

2013-10-19 12:52:20 -------- d-----w- C:\Users\Brecht Vanhoof\AppData\Roaming\Nero

2013-10-17 06:37:02 -------- d-----w- C:\Users\Patricia Corstjens\AppData\Local\Apple

====== C:\Users\ACER ======

2013-11-11 15:01:09 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\Users\Patricia Corstjens\ntuser.pol

2013-11-11 13:36:49 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\Users\Brecht Vanhoof\ntuser.pol

2013-11-11 10:44:00 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\Users\Jens Vanhoof\ntuser.pol

2013-11-11 10:07:41 !HASH: COULD NOT OPEN FILE !!!!! 262 --sha-r- C:\Users\ACER\ntuser.pol

2013-10-31 11:16:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2013-10-31 11:10:46 76C0E995B2F29E55580B8FD3F78CFB4F 915368 ----a-w- C:\Users\Patricia Corstjens\Downloads\JavaSetup7u45.exe

2013-10-20 11:30:41 -------- d-----w- C:\ProgramData\CrypKey

====== C: exe-files ==

2013-11-11 13:33:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWPRG338\RSITx64.exe

2013-11-11 13:33:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWPRG338\RSITx64.exe

2013-11-11 13:33:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWPRG338\RSITx64.exe

2013-11-11 13:33:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWPRG338\RSITx64.exe

2013-11-11 13:33:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWPRG338\RSITx64.exe

2013-11-11 13:33:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWPRG338\RSITx64.exe

2013-11-11 13:33:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWPRG338\RSITx64.exe

2013-11-11 13:33:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWPRG338\RSITx64.exe

2013-11-11 13:33:46 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\IWPRG338\RSITx64.exe

2013-11-11 10:24:49 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SpyHunter-Installer.exe

2013-11-11 10:24:49 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SpyHunter-Installer.exe

2013-11-11 10:24:49 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SpyHunter-Installer.exe

2013-11-11 10:24:49 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SpyHunter-Installer.exe

2013-11-11 10:24:49 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SpyHunter-Installer.exe

2013-11-11 10:24:49 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SpyHunter-Installer.exe

2013-11-11 10:24:49 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SpyHunter-Installer.exe

2013-11-11 10:24:49 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SpyHunter-Installer.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:44 B0CBDA8817A0CDD858EA8AFB1C2549A5 3090032 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temp\DefaultTabSetup2.exe

2013-11-11 10:03:08 D44D7759C22F25FEFF0AF0BF1AE0B3E0 400736 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SoftonicDownloader_voor_prezi-desktop.exe

2013-11-11 10:03:08 D44D7759C22F25FEFF0AF0BF1AE0B3E0 400736 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SoftonicDownloader_voor_prezi-desktop.exe

2013-11-11 10:03:08 D44D7759C22F25FEFF0AF0BF1AE0B3E0 400736 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SoftonicDownloader_voor_prezi-desktop.exe

2013-11-11 10:03:08 D44D7759C22F25FEFF0AF0BF1AE0B3E0 400736 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SoftonicDownloader_voor_prezi-desktop.exe

2013-11-11 10:03:08 D44D7759C22F25FEFF0AF0BF1AE0B3E0 400736 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SoftonicDownloader_voor_prezi-desktop.exe

2013-11-11 10:03:08 D44D7759C22F25FEFF0AF0BF1AE0B3E0 400736 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SoftonicDownloader_voor_prezi-desktop.exe

2013-11-11 10:03:08 D44D7759C22F25FEFF0AF0BF1AE0B3E0 400736 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\SoftonicDownloader_voor_prezi-desktop.exe

2013-11-09 11:45:51 5F47301F178D522B1FEDCB9EE229CED6 383480 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\Allin1Convert.exe

2013-11-09 11:45:51 5F47301F178D522B1FEDCB9EE229CED6 383480 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\Allin1Convert.exe

2013-11-09 11:45:51 5F47301F178D522B1FEDCB9EE229CED6 383480 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\Allin1Convert.exe

2013-11-09 11:45:51 5F47301F178D522B1FEDCB9EE229CED6 383480 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\Allin1Convert.exe

2013-11-09 11:45:51 5F47301F178D522B1FEDCB9EE229CED6 383480 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\Allin1Convert.exe

2013-11-09 11:45:51 5F47301F178D522B1FEDCB9EE229CED6 383480 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\Allin1Convert.exe

2013-11-09 11:45:51 5F47301F178D522B1FEDCB9EE229CED6 383480 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\Allin1Convert.exe

2013-11-09 11:45:51 5F47301F178D522B1FEDCB9EE229CED6 383480 ----a-w- C:\Documents and Settings\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\3UEQV2TN\Allin1Convert.exe

=== C: other files ==

2013-11-07 10:46:19 CA978A30ADE953AE9B6052A81761F295 8157 ----a-w- C:\Documents and Settings\Patricia Corstjens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SO6XBYX0\infos_enUS[1].zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-981637665-1960542106-3209509957-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"LaCie Ethernet Agent Startup"="C:\Program Files (x86)\LaCie\Network Assistant\LaCie Network Assistant.exe"

"NTRedirect"="C:\Windows\SysWOW64\rundll32.exe C:\Users\ACER\AppData\Roaming\BabSolution\Shared\enhancedNT.dll,Run"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

"Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"Allin1Convert Search Scope Monitor"="C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hsrchmn.exe /m=2 /w /h"

"Allin1Convert_8h Browser Plugin Loader"="C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbrmon.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"LaCie Ethernet Agent Startup"="C:\Program Files (x86)\LaCie\Network Assistant\LaCie Network Assistant.exe"

"NTRedirect"="C:\Windows\SysWOW64\rundll32.exe C:\Users\ACER\AppData\Roaming\BabSolution\Shared\enhancedNT.dll,Run"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\\progra~3\\browse~1\\261519~1.190\\{c16c1~1\\browse~1.dll "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 08:37]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:36C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/08/2013 10:01]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]

"C:\Windows\SysNative\tasks\4464" [wscript.exe C:\Users\ACER\AppData\Local\Temp\launchie.vbs //B]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]

"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\{F218DBF9-BB33-4227-805F-4E18DCDC7A94}" ["C:\Program Files\Internet Explorer\iexplore.exe" ]Download Skype op uw computer ? Mac, Windows, Linux ? Skype

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ExtDir: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

- Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

==== Firefox Plugins ======================

==== Deleted Firefox Extensions ======================

C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files (x86)\TornTV.com\torntv10.crx[]

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\ACER\AppData\Roaming\BabSolution\CR\Delta.crx[]

kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[]

Delta Toolbar - ACER - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

DefaultTab - ACER - Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Google Wallet - ACER - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Google Docs - Brecht Vanhoof - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Brecht Vanhoof - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Brecht Vanhoof - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Brecht Vanhoof - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Chrome In-App Payments service - Brecht Vanhoof - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Brecht Vanhoof - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - Jens Vanhoof - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Jens Vanhoof - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Jens Vanhoof - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Jens Vanhoof - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

DefaultTab - Jens Vanhoof - Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Chrome In-App Payments service - Jens Vanhoof - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Jens Vanhoof - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - Patricia Corstjens - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Patricia Corstjens - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Patricia Corstjens - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Patricia Corstjens - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Web Cake - Patricia Corstjens - Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh

Card number - Patricia Corstjens - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Patricia Corstjens - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage deleted successfully

C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage-journal deleted successfully

C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

C:\Users\Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

C:\Users\Patricia Corstjens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.mysearchresults.com/?c=3525&t=01"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\belgiumeid@eid.belgium.be deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Brecht Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Brecht Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Jens Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Jens Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Patricia Corstjens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Patricia Corstjens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat will be deleted at reboot

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini will be deleted at reboot

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\container.dat will be deleted at reboot

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\desktop.ini will be deleted at reboot

C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Patricia Corstjens\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\ACER\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat" not found

"C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini" not found

"C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\container.dat" not found

"C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\desktop.ini" not found

"C:\Users\ACER\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat" not found

"C:\PROGRA~2\Allin1Convert_8h" not found

==== EOF on ma 11/11/2013 at 17:50:23,90 ======================

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  C:\Users\Jens Vanhoof\AppData\Local\Temp\i4jdel1.exe;f
 C:\Users\ACER\AppData\Local\Temp\DefaultTabSetup2.exe;f
 C:\Users\Jens Vanhoof\AppData\Locallow\Torntv 2;fs
 C:\Users\Patricia Corstjens\AppData\Locallow\Torntv 2;fs
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r64
 "Allin1Convert Search Scope Monitor"=-;r64
 "Allin1Convert_8h Browser Plugin Loader"=-;r64
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r64
 "AppInit_DLLs"=-;r64
 C:\Windows\SysNative\tasks\0;fs
 C:\Windows\SysNative\tasks\4464;fs
 autoclean;
emptyfolderscheck;delete

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Brejen]

Mag/moet ik de pc starten in veilige modus? op de normale manier kan ik niet meer op internet. zowel IE als chrome openen niet.

Een andere optie is zoek.exe op een externe HD downloaden via andere pc en dan overzetten naar de betroffen pc. Ik weet niet of dat mag?

[kape]

Beiden methoden zijn goed: indien het lukt in "veilige modus" is dat de beste optie, maar ook via USB-stick van een niet-geïnfecteerde computer kan het.