better surf virus

[Brejen]

Ik blijf nog steeds eigenaardige boodschappen krijgen: popup venster met boodschap 'message important'. met reclame in van Carrefour. wanneer ik dit wegklik opent weer een nieuw venster enz.

er is dus duidelijk nog iets mis.

- - - Updated - - -

Misschien nog belangrijk om te melden. deze popups verschijnen zowel in de internet explorer als in google chrome;

[kape]

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

[Brejen]

ziehier het logje na het runnen van adwcleaner

# AdwCleaner v3.018 - Report created 31/01/2014 at 16:32:10

# Updated 28/01/2014 by Xplode

# Operating System : Windows 7 Professional (32 bits)

# Username : Erik - ACER

# Running from : C:\Users\Erik\AppData\Local\Temp\dlmA5A1.tmp\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\MyPC Backup

Folder Deleted : C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

File Deleted : C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

File Deleted : C:\Users\Erik\Desktop\MyPC Backup.lnk

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16800

-\\ Mozilla Firefox v

[ File : C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\Erik\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Patricia Corstjens\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [9363 octets] - [29/01/2014 18:22:27]

AdwCleaner[R1].txt - [3682 octets] - [31/01/2014 16:15:26]

AdwCleaner[R2].txt - [2054 octets] - [31/01/2014 16:26:53]

AdwCleaner[s0].txt - [9660 octets] - [29/01/2014 18:27:15]

AdwCleaner[s2].txt - [1862 octets] - [31/01/2014 16:32:10]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1922 octets] ##########

[kape]

Download de Junkware Removal Tool by Thisisu naar je bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met JRT

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

• Dubbelklik op JRT.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• De tool zal vervolgens het systeem scannen.
  
• De scan kan afhankelijk van je systeemspecificaties soms vrij lang duren, wacht geduldig af.
  
• Als de scan gereed is zal er een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch worden geopend.
  
• Post de inhoud van deze log in je volgende bericht als bijlage.
  

[Brejen]

bettersurf lijkt weg te zijn maar ik krijg in mijn internet explorer en google chrome nog steeds hatelijke popups (Ad options staat er onder).

Ook openen er regelmatig nieuwe vensters.

het probleem lijkt dus niet helemaal weg te zijn.

[Brejen]

Sorry, ik had JRT nog niet laten lopen.

Zie in bijlage het gevraagde logje.

JRT.txt

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

emptyfolderscheck;delete 
autoclean;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Deep Scan
  
  
• Shortcut Fix
  
• IE Defaults
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Brejen]

Zoek.exe v5.0.0.0 Updated 31-January-2014

Tool run by Erik on za 01/02/2014 at 14:28:49,59.

Microsoft Windows 7 Professional 6.1.7600 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Erik\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-01-30-182259.log 11930 bytes

==== Running Processes ======================

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Program Files\Fingerprint Sensor\AtService.exe

C:\Program Files\Acer Bio Protection\CompPtcVUI.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2014\avgidsagent.exe

C:\Program Files\AVG\AVG2014\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe

C:\Windows\system32\FsUsbExService.Exe

C:\Program Files\Acer\Registration\GregHSRW.exe

C:\Program Files\Acer Bio Protection\BASVC.exe

C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\GrabRez\updateGrabRez.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Program Files\GrabRez\bin\utilGrabRez.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\Launch Manager\LManager.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\AVG\AVG2014\avgnsx.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

C:\Windows\PLFSetI.exe

C:\Program Files\AVG\AVG2014\avgemcx.exe

C:\Program Files\Acer Bio Protection\PdtWzd.exe

C:\Program Files\AVG\AVG2014\avgrsx.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Belgium Identity Card\beid35gui.exe

C:\Users\Erik\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Program Files\AVG\AVG2014\avgcsrvx.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wuauclt.exe

C:\Users\Erik\Desktop\zoek.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

==== System Specs ======================

Windows: Windows 7 Professional Edition (Build 7600)

Memory (RAM): 3001 MB

CPU Info: Intel® Core2 Duo CPU T6570 @ 2.10GHz

CPU Speed: 2079.2 MHz

Sound Card: Speakers (Realtek High Definiti |

Luidsprekers (Bluetooth AV Audi |

Luidsprekers (Bluetooth SCO Aud |

Display Adapters: Mobile Intel® 4 Series Express Chipset Family | Mobile Intel® 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Generic PnP Monitor |

Screen Resolution: 1440 X 900 - 32 bit

Network: Network Present

Network Adapters: Bluetooth PAN Network Adapter | Microsoft Virtual WiFi Miniport Adapter | Intel® WiFi Link 1000 BGN | Broadcom NetXtreme Gigabit Ethernet

CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GT30N

Ports: COM19 | COM20 | COM21 | COM22 | COM23 | COM24 | COM25 | COM26 | COM27 | COM3 LPT Port NOT Present.

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C: 150.0GB | D: 125.0GB

Hard Disks - Free: C: 96.0GB | D: 113.7GB

Manufacturer *: Phoenix

BIOS Info: AT/AT COMPATIBLE | 10/27/09 | ACRSYS - 6040000

Time Zone: Romance (standaardtijd)

Motherboard *: Acer Monserrat

Country: Belgi‰

Language: NLB

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)

Internet Explorer version: 8.0.7600.16385

Google Chrome version: 32.0.1700.102

Adobe Reader version: 11.0.06.70

Sun Java version: 1.6.0_30 (32-bit)

Flash Player version: 11.9.900.170

Shockwave Player version: 11.6.3r633

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Erik\AppData\Local\Temp ====

2014-02-01 07:46:25 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

2014-01-31 15:15:09 047B5AF68447F3BA140DE1AAAC4E8A51 10363208 ----a-w- C:\Users\Erik\AppData\Local\Temp\BackupSetup.exe

2014-01-30 19:26:49 ACCF09B6587E31C57E575D6FEE5ADA28 904272 ----a-w- C:\Users\Erik\AppData\Local\Temp\utt5397.tmp.exe

2014-01-30 18:37:05 5FC1DF7FF1E2A4D3C521E6C8B783BF51 19212504 ----a-w- C:\Users\Erik\AppData\Local\Temp\setupA9_.exe

2014-01-30 18:36:06 FF01A15A4F4C0A7D260041F478CC4992 5960608 ----a-w- C:\Users\Erik\AppData\Local\Temp\nsj2B18\SpSetup.exe

2014-01-30 18:35:46 E9D0C26F1A7E8A0818DC305CFC990CB6 331776 ----a-w- C:\Users\Erik\AppData\Local\Temp\setup__270.exe

2014-01-30 18:26:33 B2994EC6452DBD04E57828EEFEDFB93C 204800 ----a-w- C:\Users\Erik\AppData\Local\Temp\RtkBtMnt.exe

2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Erik\AppData\Local\Temp\nszB754.exe

2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Erik\AppData\Local\Temp\nsz6A3B.exe

2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Erik\AppData\Local\Temp\nsx4119.exe

2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Erik\AppData\Local\Temp\nsuB2A2.exe

2014-01-29 07:59:48 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Erik\AppData\Local\Temp\nst6E60.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2014-01-29 18:00:29 0A9115A5FE3D646F897CEFA7508B217C 3792 ----a-w- C:\Windows\System32\.crusader

====== C:\Windows\system32\drivers =====

2014-01-30 11:15:28 CE77439BAF613019D6B7658292D1E4A6 30976 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-30 18:37:24 -------- d-----w- C:\Program Files\Mobogenie

2014-01-30 18:35:32 -------- d-----w- C:\Program Files\GrabRez

2014-01-29 17:36:33 -------- d-----w- C:\Program Files\Enigma Software Group

2014-01-29 15:39:44 -------- d-----w- C:\Program Files\MediaPlayerV1

======= C: =====

2014-01-30 12:02:03 572DD569F3B1A19A224AF20F2876BCBE 1516 ----a-w- C:\AdwCleaner[s2].txt

====== C:\Users\Erik\AppData\Roaming ======

2014-01-31 15:15:28 -------- d-----w- C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense

2014-01-30 18:37:55 -------- d-----w- C:\Users\Erik\AppData\Local\cache

2014-01-30 18:37:52 -------- d-----w- C:\Users\Erik\AppData\Roaming\newnext.me

2014-01-30 18:37:51 -------- d-----w- C:\Users\Erik\AppData\Local\genienext

2014-01-30 18:37:50 -------- d-----w- C:\Users\Erik\AppData\Local\Mobogenie

2014-01-30 18:22:59 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp

2014-01-30 18:22:59 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2014-01-30 18:22:59 -------- d-----w- C:\Users\Patricia Corstjens\AppData\Local\Temp

2014-01-30 18:22:57 -------- d-----w- C:\Users\Jens Vanhoof\AppData\Local\Temp

2014-01-30 18:22:56 -------- d-----w- C:\Users\Default\AppData\Local\Temp

2014-01-30 18:22:56 -------- d-----w- C:\Users\Default User\AppData\Local\Temp

2014-01-30 18:22:56 -------- d-----w- C:\Users\Brecht Vanhoof\AppData\Local\Temp

2014-01-30 18:22:55 -------- d-----w- C:\Users\Erik\AppData\Local\Temp

2014-01-26 10:47:28 -------- d-----w- C:\Users\Jens Vanhoof\AppData\Roaming\vlc

2014-01-12 19:27:24 -------- d-----w- C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup

2014-01-12 19:27:20 -------- d-----w- C:\Users\Patricia Corstjens\AppData\Local\Programs

====== C:\Users\Erik ======

2014-01-30 18:37:59 -------- d-----w- C:\Users\Erik\.android

2014-01-30 18:37:50 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Erik\daemonprocess.txt

2014-01-30 15:19:27 -------- d-----r- C:\Users\Erik\Documents

2014-01-30 11:32:34 C09E8D90AE0B1D0B3751E02A60EC0B37 4721144 ----a-w- C:\Users\Erik\Downloads\ccsetup410pro.exe

2014-01-30 11:24:24 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Erik\Downloads\RSIT.exe

2014-01-29 17:37:02 -------- d-----w- C:\ProgramData\HitmanPro

2014-01-29 17:22:14 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Erik\Downloads\adwcleaner (1).exe

2014-01-29 17:20:22 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Erik\Downloads\adwcleaner.exe

2014-01-29 15:39:54 C54D87D5197F04000EE0206C5BC1306C 610 --sha-r- C:\ProgramData\ntuser.pol

====== C: exe-files ==

2014-01-31 15:07:00 8C0B58BC1379E9D9CCD3FC6E408ABF68 42264 ----a-w- C:\Program Files\GrabRez\bin\GrabRezBrowserFilter.exe

2014-01-30 19:38:48 518ABEE84A85C0CF2F74D760AFBB8EC3 103192 ----a-w- C:\Program Files\GrabRez\bin\utilGrabRez.exe

2014-01-30 18:35:44 385E57325710AD0CD12AC2194598EC91 241195 ----a-w- C:\Program Files\GrabRez\GrabRezUninstall.exe

2014-01-29 23:28:04 518ABEE84A85C0CF2F74D760AFBB8EC3 103192 ----a-w- C:\Program Files\GrabRez\updateGrabRez.exe

2014-01-29 15:39:46 581AF36CE34CCE05A23246B157BA52B0 453321 ----a-w- C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\uninstall.exe

2014-01-29 12:47:50 BD556495B9E1E00A2A55D4E6131C2EA0 981160 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_32.0.1700.76_chrome_updater.exe

=== C: other files ==

2014-02-01 07:46:24 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\modules.bat

2014-02-01 07:46:24 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\chrome.bat

2014-02-01 07:46:24 BAD6C67C870CC81C48DBA53089929884 153331 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\firefox.bat

2014-02-01 07:46:24 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\FWPolicy.bat

2014-02-01 07:46:24 B7D46D5BC21F69EFEEFFC15060E423AC 154167 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\misc.bat

2014-02-01 07:46:24 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\ask.bat

2014-02-01 07:46:24 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\ev_clear.bat

2014-02-01 07:46:24 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\iexplore.bat

2014-02-01 07:46:24 7178963AEE641F3E47E1CE22416F8A3A 9295 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\runvalues.bat

2014-02-01 07:46:24 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\delorphans.bat

2014-02-01 07:46:24 5AE8F4442CA6D69FE9A6738E8DB411F2 10261 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\JRT.bat

2014-02-01 07:46:24 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\prelim.bat

2014-02-01 07:46:24 55D97CE5B1A61AD51F887E46550029F6 16063 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\get.bat

2014-02-01 07:46:24 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\searchlnk.bat

2014-02-01 07:46:24 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\TDL4.bat

2014-02-01 07:46:24 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\medfos.bat

2014-02-01 07:46:24 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\Erik\AppData\Local\Temp\jrt\delfolders.bat

2014-01-30 19:26:58 C3133F7E225E3CBBF87AD1B46EF32A97 94 ----a-w- C:\Users\Erik\AppData\Local\Temp\utt7438.tmp.bat

2014-01-30 15:41:48 94D604C463AB446869591F441A277F2E 30695 ----a-w- C:\Users\Erik\Downloads\berichten.zip

2014-01-28 16:52:30 62B81AE897DEFB1DBD4F592AF424E1F4 38266 ----a-w- C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\ch\MediaPlayerV1alpha771.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"ecSetupX.exe"="E:\ecSetupX.exe E: 3"

"Netdrive"="C:\Program Files\NetDrive\netdrive.exe -tray"

"NextLive"="C:\Windows\system32\rundll32.exe C:\Users\Erik\AppData\Roaming\newnext.me\nengine.dll,EntryPoint -m l"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"LManager"="C:\Program Files\Launch Manager\LManager.EXE"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe"

"ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe"

"PLFSetI"="C:\Windows\PLFSetI.exe"

"VitaKeyPdtWzd"="C:\Program Files\Acer Bio Protection\PdtWzd.exe"

"NeroCheck"="C:\Windows\system32\NeroCheck.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"

"AdobeVersionCue"="C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe"

"beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup"

"ROUTE66Sync"="C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe -runinbackground"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"mobilegeni daemon"="C:\Program Files\Mobogenie\DaemonProcess.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"ecSetupX.exe"="E:\ecSetupX.exe E: 3"

"Netdrive"="C:\Program Files\NetDrive\netdrive.exe -tray"

"NextLive"="C:\Windows\system32\rundll32.exe C:\Users\Erik\AppData\Roaming\newnext.me\nengine.dll,EntryPoint -m l"

==== Startup Folders ======================

2013-09-21 07:05:39 1118 ----a-w- C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk

2013-09-21 07:06:41 1274 ----a-w- C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

2013-05-10 06:32:18 1105 ----a-w- C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

2012-11-03 19:54:31 1274 ----a-w- C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

2013-11-06 15:20:49 2016 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/12/2013 13:48]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/08/2010 08:55]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [14/08/2010 08:55]

C:\Windows\tasks\ROC_REG_JAN_DELETE.job --a------ C:\ProgramData\AVG January 2013 Campaign\ROC.exe [17/01/2013 22:16]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\ROC_REG_JAN_DELETE" [C:\ProgramData\AVG January 2013 Campaign\ROC.exe]

"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\system32\tasks\{00E7A93D-6B2F-4512-A114-C826A9818220}" [C:\Program Files\Skype\Phone\Skype.exe]

"C:\Windows\system32\tasks\{5B7CD2D7-8410-4E34-B763-CA99E9F49709}" [C:\Program Files\Skype\Phone\Skype.exe]

"C:\Windows\system32\tasks\{9480DC58-7F82-4234-AA58-7DCA75943ADC}" [C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe]

"C:\Windows\system32\tasks\{FB61D383-FDB4-4020-B889-7BC02D0B800C}" [C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe]

"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"ext@MediaPlayerV1alpha771.net"="C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\ff" [29/01/2014 17:01]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid.xpi

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Erik\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[28/09/2012 16:13]

YouTube - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Video Player - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiddpoijcamhiallemgaimemaggnjapi

Skype Click to Call - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Google Wallet - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Media Player - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clnhokdinhddhbaccmfpnhjobljnnbnk

Skype Click to Call - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

DvdVideoSoft Free Youtube Download - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

Google Wallet - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Google Docs - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Skype Click to Call - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Google Wallet - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="{searchTerms} - Google Search"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== shortcuts on Users Desktops ======================

C:\Users\Brecht Vanhoof\Desktop\CDex.lnk - C:\Program Files\CDex_150\CDex.exe

C:\Users\Brecht Vanhoof\Desktop\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe

C:\Users\Brecht Vanhoof\Desktop\DVD Shrink 3.2.lnk - C:\Program Files\dvd shrink\DVD Shrink 3.2.exe

C:\Users\Brecht Vanhoof\Desktop\HijackThis.lnk - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Users\Brecht Vanhoof\Desktop\LimeWire 5.4.6.lnk - C:\Program Files\LimeWire\LimeWire.exe

C:\Users\Brecht Vanhoof\Desktop\Microsoft Access 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe

C:\Users\Brecht Vanhoof\Desktop\Microsoft InfoPath Designer 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe /design

C:\Users\Brecht Vanhoof\Desktop\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe

C:\Users\Brecht Vanhoof\Desktop\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe

C:\Users\Brecht Vanhoof\Desktop\Microsoft Publisher 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe

C:\Users\Brecht Vanhoof\Desktop\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe

C:\Users\Brecht Vanhoof\Desktop\Microsoft Word 2010.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

C:\Users\Brecht Vanhoof\Desktop\Minecraft.lnk - E:\.minecraft\Minecraft.exe

C:\Users\Erik\Desktop\Acer Crystal Eye Webcam.lnk - C:\Windows\Acer Crystal Eye Webcam.exe

C:\Users\Erik\Desktop\Adobe Photoshop CS.lnk - C:\Program Files\Adobe\Adobe Photoshop CS\Photoshop.exe

C:\Users\Erik\Desktop\Adobe Reader 9.lnk - C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico

C:\Users\Erik\Desktop\CDex.lnk - C:\Program Files\CDex_150\CDex.exe

C:\Users\Erik\Desktop\Computer.lnk -

C:\Users\Erik\Desktop\DATA D.lnk - D:\

C:\Users\Erik\Desktop\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe

C:\Users\Erik\Desktop\DVD Shrink 3.2.lnk - C:\Program Files\dvd shrink\DVD Shrink 3.2.exe

C:\Users\Erik\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files\Common Files\DVDVideoSoft\FreeStudioManager.exe

C:\Users\Erik\Desktop\Evernote.lnk - C:\Program Files\Evernote\Evernote\Evernote.exe

C:\Users\Erik\Desktop\Free YouTube Download.lnk - C:\Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe

C:\Users\Erik\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Erik\Desktop\Mazoutverbruik.lnk - \\NETWERKSCHIJF\MyShare\Mijn Documenten\Excel\Mazout opvolging levering en prijs.xls

C:\Users\Erik\Desktop\Microsoft Picture It Photo Standard 9.lnk -

C:\Users\Erik\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Erik\Desktop\NTI Media Maker 8.lnk - C:\Program Files\NewTech Infosystems\NTI Media Maker 8\DiscLaunchPad.exe

C:\Users\Erik\Desktop\OpenOffice3.1 Installeren.lnk - C:\OpenOffice.org 3.1 (nl) Installation Files\setup.exe

C:\Users\Jens Vanhoof\Desktop\HijackThis.lnk - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Users\Jens Vanhoof\Desktop\Minecraft - Snelkoppeling.lnk - E:\.minecraft\Minecraft.exe

C:\Users\Jens Vanhoof\Desktop\WINWORD - Snelkoppeling.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

C:\Users\Patricia Corstjens\Desktop\CDex.lnk - C:\Program Files\CDex_150\CDex.exe

C:\Users\Patricia Corstjens\Desktop\Documenten.lnk - C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms

C:\Users\Patricia Corstjens\Desktop\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe

C:\Users\Patricia Corstjens\Desktop\DVD Shrink 3.2.lnk - C:\Program Files\dvd shrink\DVD Shrink 3.2.exe

C:\Users\Patricia Corstjens\Desktop\HijackThis.lnk - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Users\Patricia Corstjens\Desktop\LimeWire 5.4.6.lnk - C:\Program Files\LimeWire\LimeWire.exe

C:\Users\Patricia Corstjens\Desktop\Microsoft Excel 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe

C:\Users\Patricia Corstjens\Desktop\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe

C:\Users\Patricia Corstjens\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Patricia Corstjens\Desktop\Mijn afbeeldingen.lnk - C:\Users\Erik\Pictures

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\4Media MP4 to MP3 Converter 6.lnk - C:\Program Files\4Media\MP4 to MP3 Converter 6\vcloader.exe

C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk - C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\AVG 2013.lnk - C:\Program Files\AVG\AVG2013\avgui.exe

C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files\AVG\AVG2014\avgui.exe

C:\Users\Public\Desktop\BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Users\Public\Desktop\eID-Viewer.lnk - C:\Program Files\Belgium Identity Card\beid35gui.exe

C:\Users\Public\Desktop\Foto's op TV 3 op cd-dvd.lnk - C:\Program Files\Easy Computing\Foto's op TV 3 op cd-dvd\PhotoTV2.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe

C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe

C:\Users\Public\Desktop\LaCie Network Assistant.lnk - C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe

C:\Users\Public\Desktop\MAGIX Foto's op CD & DVD 9 deluxe.lnk - C:\Program Files\MAGIX\Fotos_op_CD_DVD_9_deluxe\Fotos_dlx.exe

C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe SecurityScanner.dll

C:\Users\Public\Desktop\Mufin MusicFinder Base.lnk - C:\Program Files\MAGIX\Mufin MusicFinder\Sonos.exe

C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe

C:\Users\Public\Desktop\PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe

C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe

C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe

C:\Users\Public\Desktop\ROUTE 66 Sync.lnk - C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe

C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe

C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files\WinZip\WINZIP32.EXE

C:\Users\Public\Desktop\µTorrent.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transposia\Miel Monteur - Huis Op Stelten - Help.lnk -

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transposia\Miel Monteur - Huis Op Stelten - Spelen.lnk -

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transposia\Miel Monteur - Huis Op Stelten - Verwijderen.lnk -

C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense\Uninstall SaveSense.lnk - C:\Program Files\SaveSense\uninst.exe

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Google+ Auto Backup.lnk - C:\Users\Patricia Corstjens\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup\Uninstall Google+ Auto Backup.lnk - C:\Windows\System32\msiexec.exe /x {A50DE037-B5C0-4C8A-8049-B0C576B313D1}

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Installatie ongedaan maken.lnk - C:\Program Files\Google\Picasa3\Uninstall.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa-fotoviewer configureren.lnk - C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe /reconfig

==== shortcuts in Quick Launch ======================

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk - C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Access 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft InfoPath Designer 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe /design

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Publisher 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft SharePoint Workspace 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk - C:\Windows\system32\mspaint.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WINWORD - Snelkoppeling.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

C:\Users\Brecht Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Wordpad.lnk - C:\Program Files\Windows NT\Accessories\wordpad.exe

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\4Media MP4 to MP3 Converter 6.lnk - C:\Program Files\4Media\MP4 to MP3 Converter 6\vcloader.exe

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Acer Crystal Eye Webcam.lnk - C:\Windows\Acer Crystal Eye Webcam.exe

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\SyncBack.lnk - C:\Program Files\2BrightSparks\SyncBack\SyncBack.exe

C:\Users\Erik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk - C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AVG 2014.lnk - C:\Program Files\AVG\AVG2014\avgui.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Jens Vanhoof\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WINWORD - Snelkoppeling.lnk - C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk - C:\Program Files\DVD Decrypter\DVDDecrypter.exe

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk - C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\LaCie Network Assistant.lnk - C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Patricia Corstjens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

==== HijackThis Entries ======================

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: GrabRez - {e1420d09-acc8-4efd-9965-e7ae3c5b977c} - C:\Program Files\GrabRez\GrabRezbho.dll

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.EXE

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

O4 - HKLM\..\Run: [VitaKeyPdtWzd] "C:\Program Files\Acer Bio Protection\PdtWzd.exe"

O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe

O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [ROUTE66Sync] C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe -runinbackground

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ecSetupX.exe] E:\ecSetupX.exe E: 3

O4 - HKCU\..\Run: [Netdrive] C:\Program Files\NetDrive\netdrive.exe -tray

O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\Erik\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Erik\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3

O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0

O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html

O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1

O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html

O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O15 - Trusted Zone: *.dexia.be

O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://www.extrafilm.be/ImageUploader5.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files\Acer\Registration\GregHSRW.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Program Files\Acer Bio Protection\BASVC.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Update GrabRez - Unknown owner - C:\Program Files\GrabRez\updateGrabRez.exe

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

O23 - Service: Util GrabRez - Unknown owner - C:\Program Files\GrabRez\bin\utilGrabRez.exe

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1249 folders=206 106137352 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\Erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Users\Jens Vanhoof\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2BPSE5E8\neave.com" not found

==== EOF on za 01/02/2014 at 14:46:17,95 ======================

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• 
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  C:\Program Files\Mobogenie;fs
 C:\Program Files\GrabRez;fs
 C:\AdwCleaner[s2].txt;f
 C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense;fs
 C:\Users\Erik\AppData\Roaming\newnext.me;fs
 C:\Users\Erik\AppData\Local\genienext;fs
 C:\Users\Erik\AppData\Local\Mobogenie;fs
 C:\Users\Erik\daemonprocess.txt;f
 [HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Run];r
 "NextLive"=-;r
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
 "mobilegeni daemon"=-;r
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
 "NextLive"=-;r
 Nikpibnbobmbdbheedjfogjlikpgpnhp;chr
 C:\Users\Erik\AppData\Roaming\DVDVideoSoft;fs
 NextLive;s
 mobilegeni daemon;s
 {F274614C-63F8-47D5-A4D1-FBDDE494F8D1};c
 Update GrabRez;s
 Util GrabRez;s
 autoclean;

• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Brejen]

ziehier het gevraagde logje:

Zoek.exe v5.0.0.0 Updated 31-January-2014

Tool run by Erik on za 01/02/2014 at 17:45:08,38.

Microsoft Windows 7 Professional 6.1.7600 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Erik\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-01-30-182259.log 11930 bytes

C:\zoek-results2014-02-01-134617.log 56579 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update GrabRez deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update GrabRez deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update GrabRez deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update GrabRez deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util GrabRez deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util GrabRez deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util GrabRez deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util GrabRez deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"NextLive"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"mobilegeni daemon"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"NextLive"=-

==== Deleting Files \ Folders ======================

C:\Program Files\Mobogenie deleted

C:\Users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense deleted

C:\Users\Erik\AppData\Roaming\newnext.me deleted

C:\Users\Erik\AppData\Local\genienext deleted

C:\Users\Erik\AppData\Local\Mobogenie deleted

C:\Users\Erik\AppData\Roaming\DVDVideoSoft deleted

C:\Users\Erik\daemonprocess.txt deleted

C:\Users\Erik\.android deleted

C:\Program Files\MediaPlayerV1 deleted

C:\Users\Erik\AppData\Local\cache deleted

"C:\Program Files\GrabRez\updateGrabRez.exe" deleted

"C:\Program Files\GrabRez\updateGrabRez.exe" deleted

"C:\Program Files\GrabRez\bin\utilGrabRez.exe" deleted

"C:\Program Files\GrabRez\bin\utilGrabRez.exe" deleted

"C:\Program Files\GrabRez" not deleted

"C:\Program Files\GrabRez" not deleted

"C:\Program Files\GrabRez\bin" not deleted

"C:\Program Files\GrabRez\bin" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"ext@MediaPlayerV1alpha771.net"="C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha771\ff" []

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid.xpi

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Erik\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[]

YouTube - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Video Player - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiddpoijcamhiallemgaimemaggnjapi

Skype Click to Call - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Google Wallet - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Media Player - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\clnhokdinhddhbaccmfpnhjobljnnbnk

Skype Click to Call - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

DvdVideoSoft Free Youtube Download - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

Google Wallet - Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Google Docs - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Skype Click to Call - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Google Wallet - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Erik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="{searchTerms} - Google Search"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e1420d09-acc8-4efd-9965-e7ae3c5b977c} deleted successfully

HKEY_USERS\S-1-5-21-2774006475-2745618473-1495315895-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e1420d09-acc8-4efd-9965-e7ae3c5b977c} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{e1420d09-acc8-4efd-9965-e7ae3c5b977c} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e1420d09-acc8-4efd-9965-e7ae3c5b977c} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha771.net deleted successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\Nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully

==== Empty IE Cache ======================

C:\Users\Brecht Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Brecht Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Erik\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Jens Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Jens Vanhoof\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Patricia Corstjens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Patricia Corstjens\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Brecht Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Erik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Jens Vanhoof\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Patricia Corstjens\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1463 folders=278 122256372 bytes)

==== Empty Temp Folders ======================

C:\Users\Brecht Vanhoof\AppData\Local\Temp emptied successfully

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Jens Vanhoof\AppData\Local\Temp emptied successfully

C:\Users\Patricia Corstjens\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Erik\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Erik\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Erik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Program Files\GrabRez" not found

"C:\Program Files\GrabRez" not found

==== EOF on za 01/02/2014 at 18:23:57,95 ======================