Firefox-profiel niet aanwezig/ontoegankelijk

Hoi!

Ik heb problemen met mijn Firefox. Als ik deze opstart, krijg ik een foutmelding: "Uw Firefox-profiel kan niet worden geladen. Het is mogelijk niet aanwezig of ontoegankelijk."

Wat kan ik hier aan doen? Ik heb al een aantal keer Firefox verwijderd en opnieuw geinstalleerd, maar nog zonder resultaat.. Heeft dit mogelijk ook iets te maken met awesomehp wat de laatste tijd verschijnt?

Alvast bedankt voor de hulp!

gr Kelly

Heb je die awesomhelp op je PC zitten misschien ? Zo ja, doe even dit:

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

Bekijk ook de instructievideo.

Bedankt voor je snelle reactie. Hierbij de inhoud:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Kelly at 2014-03-14 18:13:02

Microsoft Windows 7 Home Premium

System drive C: has 107 GB (38%) free of 285 GB

Total RAM: 2924 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:13:08, on 14-3-2014

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.17267)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\AsScrPro.exe

C:\Users\Kelly\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\ArcSoft\TotalMedia Backup\uBBMonitor.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files\trend micro\Kelly.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Awesomehp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Awesomehp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Awesomehp

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Kelly\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Kelly\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - Global Startup: TotalMedia Backup Monitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia Backup\uBBMonitor.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: BlackBerry Device Manager (Blackberry Device Manager) - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12607 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Windows\system32\FBAgent.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"

"taskhost.exe"

taskeng.exe {41D5BD12-B1E3-4A99-A9BB-398ED950B60F}

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"

"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"

"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"

"C:\Program Files\P4G\BatteryLife.exe"

"C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\diMaster.dll" /prefetch:1

"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"

"C:\Windows\system32\Dwm.exe"

"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"

"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

C:\Windows\Explorer.EXE

"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"

"C:\Windows\AsScrPro.exe"

"C:\Program Files\Elantech\ETDCtrl.exe"

"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"

"C:\Windows\System32\igfxtray.exe"

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

"C:\Users\Kelly\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"

"C:\Program Files (x86)\ArcSoft\TotalMedia Backup\uBBMonitor.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"

"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"

"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"

"C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files\Elantech\ETDCtrlHelper.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe"

ATKOSD.exe

KBFiltr.exe

WDC.exe

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /c /a /s UserSession

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ede3fb64-46e6-42c9-97e8-8ac55eef9b96 -SystemEventPortName:HostProcess-c7fa5df3-7dff-4e70-abb6-27b4200398c2 -IoCancelEventPortName:HostProcess-9ba7275c-296b-4189-98c1-4a5c303ab8ff -NonStateChangingEventPortName:HostProcess-ecb64ca2-dacf-4e22-98c9-a85e76bc4f5b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b490bffc-6344-4e29-b971-2158765fdbee -DeviceGroupId:WpdFsGroup

"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

"C:\Windows\system32\wuauclt.exe"

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" Awesomehp

"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:4336 CREDAT:14391

"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:4336 CREDAT:145454

taskhost.exe $(Arg0)

C:\Windows\system32\sppsvc.exe

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-29627289-3288461671-3847829436-100112_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-29627289-3288461671-3847829436-100112 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"

"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

"C:\Users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XK969AWZ\RSITx64[1].exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\ykt01fe2.default-1394812008697

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 12.0.0.77 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]

"Description"=Microsoft Lync Plug-in for Firefox

"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]

"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers

"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 12.0.0.77 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

C:\Program Files (x86)\Mozilla Firefox\components\

nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\

npMeetingJoinPluginOC.dll

nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]

Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-11-15 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-09-07 346736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-09-07 318960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2013-09-13 878296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-11-02 2331336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-07 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-09-07 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2013-09-13 705240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-09-07 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2013-11-02 1727176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-09-07 346736]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-07 256112]

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]

"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-05-11 161304]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-05-11 386584]

"Persistence"=C:\Windows\system32\igfxpers.exe [2010-05-11 414744]

"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]

"Setwallpaper"=c:\programdata\SetWallpaper.cmd []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"=C:\Users\Kelly\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-01-16 1171968]

"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background []

"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]

C:\Windows\AsScrPro.exe [2010-09-07 3054136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-06-25 6806144]

"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]

"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-07-02 1597440]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-04-14 421160]

"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2013-01-17 267792]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]

"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

TotalMedia Backup Monitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia Backup\uBBMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2010-04-30 269824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-03-14 18:13:02 ----D---- C:\rsit

2014-03-14 18:13:02 ----D---- C:\Program Files\trend micro

2014-03-14 17:31:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-17 14:03:42 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-03-14 18:13:02 ----RD---- C:\Program Files

2014-03-14 18:12:27 ----D---- C:\Windows\temp

2014-03-14 17:37:47 ----D---- C:\Windows\system32\config

2014-03-14 17:31:47 ----RD---- C:\Program Files (x86)

2014-03-14 17:24:32 ----D---- C:\Users\Kelly\AppData\Roaming\newnext.me

2014-03-14 17:23:59 ----D---- C:\Windows\system32\Tasks

2014-03-14 17:23:47 ----D---- C:\Windows\System32

2014-03-14 17:23:38 ----A---- C:\Windows\SYSWOW64\log.txt

2014-03-14 17:23:00 ----SHD---- C:\System Volume Information

2014-03-14 16:40:26 ----D---- C:\Program Files\Microsoft Silverlight

2014-03-14 16:40:23 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2014-03-14 13:45:45 ----SHD---- C:\Windows\Installer

2014-03-14 13:45:43 ----D---- C:\ProgramData\Microsoft Help

2014-03-14 13:45:43 ----A---- C:\Windows\win.ini

2014-03-14 09:46:51 ----D---- C:\Users\Kelly\AppData\Roaming\uTorrent

2014-03-13 13:12:41 ----D---- C:\Windows\SysWOW64

2014-03-13 13:12:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2014-03-13 08:39:04 ----D---- C:\Users\Kelly\AppData\Roaming\Spotify

2014-03-12 08:18:17 ----D---- C:\Windows\inf

2014-03-12 08:18:17 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-03-04 14:06:04 ----D---- C:\Program Files (x86)\Last.fm

2014-03-03 14:34:37 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-09-07 35384]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]

R0 ***laby;***laby; C:\Windows\system32\DRIVERS\***laby.sys [2009-06-18 15928]

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-09-07 213888]

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS [2013-08-01 493656]

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS [2013-09-27 1147480]

R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2013-12-18 1526488]

R1 ccSet_NIS;NIS Settings Manager; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [2013-09-26 162392]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-13 254528]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-11-21 484952]

R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\IPSDefs\20140313.001\IDSvia64.sys [2014-03-07 524504]

R1 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [2013-09-27 858200]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [2013-07-31 36952]

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [2013-07-31 264280]

R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [2013-09-26 590936]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]

R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]

R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-06-10 130048]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]

R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-04-30 10331840]

R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]

R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]

R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 115312]

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]

R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]

R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20140314.001\ENG64.SYS [2013-10-12 126040]

R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20140314.001\EX64.SYS [2013-10-12 2099288]

R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]

R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]

R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-10-13 177752]

S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []

S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2013-01-03 78336]

S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-09-07 109056]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712]

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]

R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]

R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]

R2 Bonjour Service;Bonjour-service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-10-01 262144]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [2013-10-08 275696]

R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]

R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]

R3 Blackberry Device Manager;BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-01-18 577536]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 934176]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-07 135664]

S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-08-21 516608]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13 257928]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-07 135664]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-09-07 182768]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-13 118896]

S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-11 1255736]

-----------------EOF-----------------

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  mobilegeni daemon;s
 C:\Program Files (x86)\Mobogenie;fs
 NextLive;s
 C:\Users\Kelly\AppData\Roaming\newnext.me;fs
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r64
 "NextLive"=-;r64
 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
 "mobilegeni daemon"=-;r64
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Quick Scan
  
  
• Shortcut Fix
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

Zoek.exe v5.0.0.0 Updated 07-March-2014

Tool run by Kelly on za 15-03-2014 at 10:09:42,74.

Microsoft Windows 7 Home Premium 6.1.7600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CERIC7\zoek[1].exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

15-3-2014 10:32:30 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\BearShare Applications deleted successfully

C:\PROGRA~2\TornTV.com deleted successfully

C:\PROGRA~3\GoBoingo deleted successfully

C:\PROGRA~3\PCSettings deleted successfully

C:\Users\Kelly\AppData\Roaming\Systweak deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-29627289-3288461671-3847829436-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-29627289-3288461671-3847829436-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\w2zicqi6.default

---- FireFox user.js and prefs.js backups ----

user_15-03-2014_1049_.backup

prefs_15-03-2014_1049_.backup

ProfilePath: C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\ykt01fe2.default-1394812008697

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_15-03-2014_1049_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"NextLive"=-

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"mobilegeni daemon"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Mobogenie deleted

C:\Users\Kelly\AppData\Roaming\newnext.me deleted

C:\Users\Kelly\AppData\Local\genienext deleted

C:\Users\Kelly\daemonprocess.txt deleted

C:\Users\Kelly\.android deleted

C:\PROGRA~2\FoxTabMusicConverter deleted

C:\PROGRA~2\Phpnuke Downloader deleted

C:\PROGRA~2\uTorrentBar_NL deleted

C:\PROGRA~2\COMMON~1\337 deleted

C:\PROGRA~2\Desk 365 deleted

C:\PROGRA~2\Conduit deleted

C:\Users\Kelly\AppData\Roaming\Desk 365 deleted

C:\Users\Kelly\AppData\Roaming\OpenCandy deleted

C:\PROGRA~3\Partner deleted

C:\PROGRA~3\OberonGameConsole deleted

C:\PROGRA~3\WPM deleted

C:\PROGRA~3\InstallMate deleted

C:\PROGRA~3\Premium deleted

C:\Users\Kelly\AppData\Local\Ilivid Player deleted

C:\Users\Kelly\AppData\Local\Mobogenie deleted

C:\Users\Kelly\AppData\Local\cache deleted

C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx deleted

C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted

C:\Windows\SysNative\roboot64.exe deleted

C:\Users\Kelly\Downloads\rcpsetup_softonic_englobal.exe deleted

C:\Users\Kelly\Downloads\avg_free_stb_all_2013_3343_cnet.exe deleted

C:\Users\Kelly\Downloads\SoftonicDownloader_for_spss(1).exe deleted

C:\Users\Kelly\AppData\LocalLow\uTorrentBar_NL deleted

C:\Users\Kelly\AppData\LocalLow\PriceGong deleted

C:\Users\Kelly\AppData\LocalLow\Conduit deleted

C:\Users\Kelly\AppData\LocalLow\conduitEngine deleted

C:\windows\SysNative\tasks\Desk 365 RunAsStdUser deleted

C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\w2zicqi6.default\CT2865317 deleted

C:\Users\Kelly\Desktop\Oude Firefox-gegevens\co52dlb2.default-1385463163927\searchplugins\softonic.xml deleted

C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\w2zicqi6.default\conduitCommon deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Kelly\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-03-14 17:13:02 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-03-14 16:31:47 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service

======= C: =====

====== C:\Users\Kelly\AppData\Roaming ======

====== C:\Users\Kelly ======

2014-03-04 13:04:01 2210FF884B45D230D436560ACF9C71EB 14916216 ----a-w- C:\Users\Kelly\Downloads\Last.fm-2.1.36(1).exe

====== C: exe-files ==

2014-03-14 17:13:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Kelly.exe

2014-03-14 16:31:48 FC558F42CA98DAB4465263FDE812A5B2 106212 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe

2014-03-14 16:31:47 338037EFA0E8E8699B2667D57B751574 118896 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

2014-03-14 16:30:29 10EA446EBB0F48D9D4BD1BD2631D7ADF 283064 ----a-w- C:\Users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R3SY10SL\Firefox%20Setup%20Stub%2027.0.1[1].exe

=== C: other files ==

2014-03-14 15:46:57 360F2011299BB827E1D0AE45D4BF31D4 191940 ----a-w- C:\Users\Kelly\Desktop\Oude Firefox-gegevens\co52dlb2.default-1385463163927\extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-29627289-3288461671-3847829436-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"="C:\Users\Kelly\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"

"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"

"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"

"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"RIMBBLaunchAgent.exe"="C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"="C:\Users\Kelly\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ASUS WebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"SmartAudio"="C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t"

"ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"hkey"="HKLM"

"item"="Adobe Reader Speed Launcher"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray]

"command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe"

"hkey"="HKLM"

"item"="ADSMTray"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]

"command"="C:\\Windows\\AsScrPro.exe"

"hkey"="HKLM"

"item"="ASUS Screen Saver Protector"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]

"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""

"hkey"="HKLM"

"item"="CLMLServer"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

==== Startup Folders ======================

2012-07-23 15:15:48 2040 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TotalMedia Backup Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13-03-2014 13:12]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-09-2010 20:01]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-09-2010 20:01]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\ASPG" [C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe]

"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe]

"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]

"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]

"C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe]

"C:\Windows\SysNative\tasks\AutoPico Daily Restart" [C:\Program]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe"]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\IPSFF" [13-10-2013 21:43]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dcmagccbogebndpoodhhhafmofelpffh - C:\Users\Kelly\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx[]

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx[19-01-2014 18:42]

pkndmigholgfjlniaohblojbhgjbkakn - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx[]

Extended Protection - Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml

==== Chrome Fix ======================

C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dcmagccbogebndpoodhhhafmofelpffh_0 deleted successfully

C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkndmigholgfjlniaohblojbhgjbkakn_0.localstorage deleted successfully

C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="Awesomehp"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}"

"Default_Page_URL"="Awesomehp"

"Start Page"="Awesomehp"

"Search Page"="http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}"

"Default_Page_URL"="Awesomehp"

"Start Page"="Awesomehp"

"Search Page"="http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"CustomizeSearch"="http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}"

"SearchAssistant"="http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]

"CustomizeSearch"="http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}"

"SearchAssistant"="http://www.awesomehp.com/web/?type=ds&ts=1392123754&from=adks&uid=WDCXWD3200BEVT-80A0RT0_WD-WXN1A501755417554&q={searchTerms}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="Bing"

"Search Page"="Bing"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="Bing"

"Search Page"="Bing"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]

"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{33BB0A4E-99AF-4226-BDF6-49120163DE86} Unknown Url="Not_Found"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-29627289-3288461671-3847829436-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-29627289-3288461671-3847829436-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

HKEY_USERS\S-1-5-21-29627289-3288461671-3847829436-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\crossriderapp498@crossrider.com deleted successfully

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe

C:\Users\Public\Desktop\Kruidvat fotoservice.lnk - C:\Program Files (x86)\Fotoservice\Kruidvat fotoservice\Kruidvat fotoservice.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Public\Desktop\Norton Internet Security.lnk - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\uistub.exe

C:\Users\Public\Desktop\µTorrent.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe Awesomehp

C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Awesomehp

C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Awesomehp

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Awesomehp

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Awesomehp

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Awesomehp

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\HijackThis - Snelkoppeling.lnk - C:\Users\Kelly\Downloads\HijackThis.exe

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Awesomehp

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk - C:\Program Files (x86)\Spotify\spotify.exe

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== shortcuts After Repair ======================

C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2FFA2071-FDF8-94BE-F284-754F24C290AE} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_NL Toolbar deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Kelly\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Kelly\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CERIC7 will be deleted at reboot

C:\Users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Kelly\AppData\Local\Mozilla\Firefox\Profiles\co52dlb2.default-1385463163927\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1274 folders=226 127354156 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully

C:\Users\Default User\AppData\Local\temp emptied successfully

C:\Users\Kelly\AppData\Local\Temp will be emptied at reboot

C:\Users\Public\AppData\Local\temp emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Kelly\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CERIC7" not found

"C:\Users\Kelly\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SQ2H4HYX\static.muzu.tv" not found

==== EOF on za 15-03-2014 at 11:08:14,48 ======================

-

15 maart 2014 aangepast door kape

Oeps ... hier zaten flink wat ongewenste bestanden de werking van de PC te verstoren

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

Hier weer het nieuwe logbestand

# AdwCleaner v3.022 - Report created 15/03/2014 at 11:53:31

# Updated 13/03/2014 by Xplode

# Operating System : Windows 7 Home Premium (64 bits)

# Username : Kelly - KELLY-PC

# Running from : C:\Users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CPCU405M\adwcleaner[1].exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\w2zicqi6.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.BHO

Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.Sandbox

Key Deleted : HKLM\SOFTWARE\Classes\RewardsArcade.Sandbox.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2865317

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_spss_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_spss_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_cdburnerxp-pro_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_cdburnerxp-pro_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_music-download-center(1)_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_music-download-center(1)_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{460092C2-3C34-4AC3-AEAC-3D3D89275D0E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87775FDB-6972-41F9-AE51-8326E38CB206}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{460092C2-3C34-4AC3-AEAC-3D3D89275D0E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{87775FDB-6972-41F9-AE51-8326E38CB206}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{460092C2-3C34-4AC3-AEAC-3D3D89275D0E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE7563F6-AFB9-446D-8959-7F8893A4E5CB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FC5FF68-2FFE-4445-B5E4-02E437FE387C}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{87775FDB-6972-41F9-AE51-8326E38CB206}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{87775FDB-6972-41F9-AE51-8326E38CB206}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}

Key Deleted : HKCU\Software\1ClickDownload

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Cr_Installer

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar_NL

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Desksvc

Key Deleted : HKLM\Software\hdcode

Key Deleted : HKLM\Software\nationzoomSoftware

Key Deleted : HKLM\Software\supWPM

Key Deleted : HKLM\Software\V9

Key Deleted : HKLM\Software\uTorrentBar_NL

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.17267

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]

-\\ Mozilla Firefox v27.0.1 (nl)

[ File : C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\w2zicqi6.default\prefs.js ]

[ File : C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\ykt01fe2.default-1394812008697\prefs.js ]

-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [7432 octets] - [15/03/2014 11:52:45]

AdwCleaner[s0].txt - [6775 octets] - [15/03/2014 11:53:31]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6835 octets] ##########

Ook weer een flinke opruiming gehouden. Hoe doet je Firefox het nu ?

Deze doet het helaas nog steeds niet... geeft nog hetzelfde probleem

Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• Update MalwareBytes' Anti-Malware
  
• Start MalwareBytes' Anti-Malware
  
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
  

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  
• Ga dan naar "Scanner Instellingen". Onderaan bij "PUP" kies je voor "Weergeven in scan resultaten - selecteren voor verwijdering".
  
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  
• Druk vervolgens op "Scannen" om de scan te starten.
  
• Het scannen kan een tijdje duren, dus wees geduldig.
  
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  
• Herstart de computer indien nodig en post hierna de log in het volgende bericht.