logjes

[manneke]

[ATTACH]28843[/ATTACH]

[ATTACH]28844[/ATTACH]

Hoi Pc-Helpers ,

Dit verschijnt boven in de sites die ik open met I-Net explorer

Tevens verschijnen er ongevraagd linken in forum teksten waar reclame verschijnt waneer de cursor hierop word geplaatst

Ik klik deze vanzefsprekend niet aan

Kunnen jullie de bijgevoegde log txt-jes eens nakijken

P.S. besturing systeem is wind.7

dank bij voorbaat

grts peter

info.txt

log.txt

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
startupall; 
 {D8278076-BC68-4484-9233-6E7F1628B56C};c
 {11111111-1111-1111-1111-110311531136};c
 C:\Program Files (x86)\FreeHDSport TV;fs
 {398C01F1-E584-46AD-A649-4F78B435DCFE};c
 C:\Program Files (x86)\LyricsFinder;fs
 {d40c654d-7c51-4eb3-95b2-1e23905c2a2d};c
 {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007};c
 C:\Program Files (x86)\PricePeep;fs
 C:\Windows\tasks\FreeHDSport TV-codedownloader.job;f
 C:\Windows\tasks\FreeHDSport TV-enabler.job;f
 C:\Windows\tasks\FreeHDSport TV-updater.job;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531136}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{398C01F1-E584-46AD-A649-4F78B435DCFE}];r64
 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}];r64
 C:\Users\peter\AppData\Roaming\Pirrit;fs
 C:\Program Files (x86)\Pirrit;fs
 C:\Program Files (x86)\PricePeep;fs
 PirritUpdater;s
 filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[manneke]

Thx Kape ,

zoals gevraagd volgt hieronder de inhoud van het logje

Zoek.exe Version 4.0.0.5 Updated 05-November-2013

Tool run by peter on vr 08/11/2013 at 16:07:38,22.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\peter\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

8/11/2013 16:10:33 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\log deleted successfully

C:\Users\peter\AppData\Roaming\Windows Live Writer deleted successfully

C:\Users\kristel\AppData\Local\VirtualStore deleted successfully

C:\Users\peter\AppData\Local\MigWiz deleted successfully

C:\Users\peter\AppData\Local\Pirrit Suggestor deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311531136} deleted successfully

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311531136} deleted successfully

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{398C01F1-E584-46AD-A649-4F78B435DCFE} deleted successfully

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{398C01F1-E584-46AD-A649-4F78B435DCFE} deleted successfully

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d} deleted successfully

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d} deleted successfully

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Internet Explorer\SearchScopes\{70CD65DB-D3FB-4ED3-9286-E8EFC5C0CC99} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311531136} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311531136} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531136} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{398C01F1-E584-46AD-A649-4F78B435DCFE} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{398C01F1-E584-46AD-A649-4F78B435DCFE} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40c654d-7c51-4eb3-95b2-1e23905c2a2d} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PirritUpdater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PirritUpdater deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311531136}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{398C01F1-E584-46AD-A649-4F78B435DCFE}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\LyricsFinder not found

C:\Users\peter\AppData\Roaming\Pirrit deleted

C:\PROGRA~2\FirstRowSportApp.com deleted

C:\PROGRA~2\SoftwareUpdater deleted

C:\PROGRA~2\UtilityChest_49EI deleted

C:\PROGRA~2\FreeHDSport.TV deleted

C:\Users\peter\AppData\Roaming\HoolappForAndroid deleted

C:\Users\peter\AppData\Roaming\File Scout deleted

C:\Users\peter\Music\Qtrax Media Library deleted

C:\ProgramData\APN deleted

C:\ProgramData\IBUpdaterService deleted

C:\ProgramData\Tarma Installer deleted

C:\ProgramData\Package Cache deleted

C:\Users\peter\AppData\Local\Software deleted

C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FirstRowSportApp.com deleted

C:\windows\SysNative\Tasks\Hoolapp For Android deleted

C:\windows\SysNative\Tasks\Hoolapp Init deleted

C:\windows\SysNative\Tasks\DealPly deleted

C:\windows\SysNative\Tasks\DealPlyUpdate deleted

C:\Windows\Tasks\FreeHDSport TV-codedownloader.job deleted

C:\Windows\Tasks\FreeHDSport TV-enabler.job deleted

C:\Windows\Tasks\FreeHDSport TV-updater.job deleted

C:\Users\peter\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted

C:\Windows\wininit.ini deleted

C:\windows\SysNative\Tasks\FreeHDSport TV-codedownloader deleted

C:\windows\SysNative\Tasks\FreeHDSport TV-enabler deleted

C:\windows\SysNative\Tasks\FreeHDSport TV-updater deleted

C:\windows\SysNative\Tasks\EPUpdater deleted

C:\windows\SysNative\tasks\QtraxPlayer deleted

C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\eseeky-search.xml deleted

C:\Users\peter\Desktop\FirstRowSportApp.lnk deleted

"C:\Users\peter\AppData\LocalLow\store-pp.jbs" deleted

"C:\Program Files (x86)\Pirrit\AutoUpdater.exe" deleted

"C:\Program Files (x86)\Pirrit\msvcp100.dll" deleted

"C:\Program Files (x86)\Pirrit\msvcr100.dll" not deleted

"C:\Program Files (x86)\Pirrit\QtCore4.dll" deleted

"C:\Program Files (x86)\Pirrit\QtNetwork4.dll" deleted

"C:\Program Files (x86)\FreeHDSport TV" deleted

"C:\Program Files (x86)\PricePeep" deleted

"C:\Program Files (x86)\Pirrit" not deleted

"C:\Program Files (x86)\PricePeep" deleted

"C:\PROGRA~2\FreeHDSport TV" deleted

"C:\PROGRA~2\PricePeep" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\peter\AppData\Local\Temp ====

2013-11-08 08:06:43 22385EE33688B10B61DA1D8CA9549E4B 120192 ----a-w- C:\Users\peter\AppData\Local\Temp\clear.fiClient\cabarc.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2013-10-24 09:21:30 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys

2013-10-24 09:21:30 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys

2013-10-24 09:21:30 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys

2013-10-24 09:21:30 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys

2013-10-24 09:21:30 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys

2013-10-24 09:21:30 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys

2013-10-24 09:21:30 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys

2013-10-10 07:22:51 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys

2013-10-10 07:22:46 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys

2013-10-10 07:22:46 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys

2013-10-10 07:22:35 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys

2013-10-10 07:22:35 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys

2013-10-10 07:22:32 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys

2013-10-10 07:22:20 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-10-10 07:22:20 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys

2013-10-10 07:22:10 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-11-08 12:46:01 -------- d-----w- C:\Program Files\trend micro

2013-11-07 12:57:26 -------- d-----w- C:\Program Files\iPod

2013-11-07 12:57:25 -------- d-----w- C:\Program Files\iTunes

======= C:\PROGRA~2 =====

2013-11-07 12:57:25 -------- d-----w- C:\PROGRA~2\iTunes

2013-11-01 15:06:35 -------- d-----w- C:\PROGRA~2\Pirrit

2013-10-17 12:50:30 -------- d-----w- C:\PROGRA~2\QuickTime

======= C: =====

====== C:\Users\peter\AppData\Roaming ======

2013-11-08 12:42:56 -------- d-----w- C:\Users\peter\AppData\Local\Apps

2013-10-17 12:50:17 -------- d-----w- C:\Users\peter\AppData\Locallow\Apple Computer

====== C:\Users\peter ======

2013-11-08 12:45:21 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\peter\Desktop\RSITx64.exe

2013-11-07 12:58:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2013-11-07 12:57:25 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-17 12:52:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2013-10-17 12:50:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

====== C: exe-files ==

2013-11-08 12:46:01 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\peter.exe

2013-11-08 12:45:21 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\peter\Desktop\RSITx64.exe

2013-11-08 08:06:43 22385EE33688B10B61DA1D8CA9549E4B 120192 ----a-w- C:\Users\peter\AppData\Local\Temp\clear.fiClient\cabarc.exe

2013-11-07 12:52:55 2DA49F579107981542CF920F8B70648A 77136 ----a-w- C:\Users\peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TKLAEYUZ\SetupAdmin[1].exe

2013-11-07 12:52:55 2DA49F579107981542CF920F8B70648A 77136 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.1.3.8\SetupAdmin.exe

2013-11-07 11:08:04 160891BB0FB35295C00F4B94A441406A 11091 ----a-w- C:\Windows\Temp\PirritUpdater.exe

2013-11-01 23:29:46 33B286326BD2B1A7748C43391058FB19 641352 ----a-w- C:\Program Files\iPod\bin\iPodService.exe

2013-11-01 23:29:44 BAF535F843A3E790E04A7613811B55BC 152392 ----a-w- C:\Program Files (x86)\iTunes\iTunesHelper.exe

2013-11-01 23:29:44 598545ADF55264B2967C1C8763F00A23 9789256 ----a-w- C:\Program Files (x86)\iTunes\iTunes.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"

"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"

"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/10/2013 21:11]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3434216092-4095225521-1875918659-1001Core.job --a------ C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [24/05/2013 08:25]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3434216092-4095225521-1875918659-1001UA.job --a------ C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [24/05/2013 08:25]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25/03/2013 19:23]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25/03/2013 19:23]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]

"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3434216092-4095225521-1875918659-1001Core" [C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3434216092-4095225521-1875918659-1001UA" [C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\{C7531E60-0578-4368-B111-2C6D09CE475F}" [C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"lfind@nijadsoft.net"="C:\Program Files (x86)\LyricsFinder\FF" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

- PricePeep - %ProfilePath%\extensions\pricepeep@getpricepeep.com.xpi

- Pirrit Suggestor - %ProfilePath%\extensions\suggestor@pirrit.com.xpi

ExtDir: C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

- FreeHDSport TV 3 - %ExtDir%\fhdp3@freehdsp.tv.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

==== Firefox Plugins ======================

==== Deleted Firefox Extensions ======================

C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\pricepeep@getpricepeep.com.xpi deleted

C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\fhdp3@freehdsp.tv.xpi deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files (x86)\Movdap\WebCakeLayers.crx[]

gnbcopcndefcccgdofjadnafjljgofam - C:\Program Files (x86)\LyricsFinder\Chrome.crx[]

nbdbmopeebalgaeghmjoegpkngglikgn - C:\Program Files (x86)\FreeHDSport.TV\freehdsporttv10.crx[]

Google Docs - peter - Default\Extensions\aohghmighlieiainnegkcijnfilokake

PricePeep - peter - Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

FreeHDSport TV 3 - peter - Default\Extensions\nbdbmopeebalgaeghmjoegpkngglikgn

Chrome In-App Payments service - peter - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

DealPly Shopping - peter - Default\Extensions\ojcgaoafcmbadjkfdippkdddgkeaipbn

==== Chrome Fix ======================

C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdbmopeebalgaeghmjoegpkngglikgn deleted successfully

C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb deleted successfully

C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcgaoafcmbadjkfdippkdddgkeaipbn deleted successfully

C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ojcgaoafcmbadjkfdippkdddgkeaipbn_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer!"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{629D30EC-F3A7-4239-A048-37245CB75283} Google Url="{searchTerms} - Google Search"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{A8105727-97B2-4B68-8BA5-57150A17B1B3} eseeky Url="eseeky | {searchTerms}"

==== Reset Google Chrome ======================

C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\lfind@nijadsoft.net deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Mozilla\Firefox\Extensions\lfind@nijadsoft.net deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\belgiumeid@eid.belgium.be deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gnbcopcndefcccgdofjadnafjljgofam deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nbdbmopeebalgaeghmjoegpkngglikgn deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\kristel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\peter\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\Pirrit\msvcr100.dll" not found

"C:\Program Files (x86)\Pirrit" not found

==== EOF on vr 08/11/2013 at 16:41:52,80 ======================

[manneke]

Hoi Kape,

zo te zien is het probleem nu opgelost

alle rare dingen (verschijningen) gebeuren niet meet

thx peter

[kape]

Toch zijn we er nog niet helemaal ...

• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  C:\Program Files (x86)\LyricsFinder;fs
 [email="lfind@nijadsoft.net;ff"]lfind@nijadsoft.net;ff[/email]
 C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\suggestor@pirrit.com.xpi;f
autoclean;

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

[manneke]

hoi Kape

zoals gevraagd in bijlage hieronder

grts peter

[ATTACH]28867[/ATTACH]

[ATTACH]28868[/ATTACH]

zoek-results.txt

AdwCleaner[S0].txt

[kape]

Dit ziet er prima uit ... krijg je nu nog ongewenste meldingen of pop-ups ?

[manneke]

Hoi kape,

Zoals eerder vermeld heb ik geen last meer van ongewenst gezever op de laptop

De progjes moeten die deleted worden of mogen deze op de laptop blijven

Thx voor de oplossende steun

Voor mij mag het topic gesloten worden

Grts peter

[kape]

Uitstekend ... dan gaan we tooltjes en restjes verwijderen.

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.