Singha

Ik krijg de volgende melding:Combofix is not meant to run in Comatibility Mode. The program shall now exit. ?

De melding is inderdaad verdwenen, geen verdere infecties volgens de virusscanner. Helaas loopt Windows verkenner nog steeds vaak vast, wellicht is dat een ander probleem. In ieder geval ontzettend bedankt!

Pfff lekker dan, bedankt voor je hulp. Je begrijpt vast wel dat ik er niet meer uitkom... # AdwCleaner v3.018 - Report created 07/02/2014 at 15:49:11 # Updated 28/01/2014 by Xplode # Operating System : Windows 8.1 Pro with Media Center (64 bits) # Username : Tim - TIM-PC # Running from : C:\Users\Tim\Downloads\adwcleaner(1).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Tim\AppData\Local\Systweak File Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\18ebcc5d.default-1373919720800\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc Key Deleted : HKLM\SOFTWARE\f08a8bb134e940 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKCU\Software\BabSolution Key Deleted : HKCU\Software\BabylonToolbar Key Deleted : HKCU\Software\BI Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DataMngr [#] Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\ParetoLogic Key Deleted : HKCU\Software\Somoto Key Deleted : HKCU\Software\systweak Key Deleted : HKCU\Software\TutoTag Key Deleted : HKCU\Software\V9 Key Deleted : HKCU\Software\AppDataLow\Software\TubeSaver Key Deleted : HKLM\Software\BabylonToolbar Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\FreeSoftToday Key Deleted : HKLM\Software\ParetoLogic Key Deleted : HKLM\Software\systweak Key Deleted : HKLM\Software\Tutorials Key Deleted : HKLM\Software\Uniblue\DriverScanner ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16384 -\\ Mozilla Firefox v27.0 (nl) [ File : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\18ebcc5d.default-1373919720800\prefs.js ] -\\ Google Chrome v32.0.1700.107 [ File : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2916 octets] - [07/02/2014 15:46:14] AdwCleaner[s0].txt - [2433 octets] - [07/02/2014 15:49:11] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2493 octets] ##########

Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Tim on vr 07-02-2014 at 9:20:42,22. Microsoft Windows 8.1 Pro met Media Center 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tim\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-02-06-192104.log 17667 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\Diego - Dinosaur Rescue ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3378421679-160947958-2246735523-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-3378421679-160947958-2246735523-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\18ebcc5d.default-1373919720800 ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar.admin", false); user_pref("extensions.BabylonToolbar.aflt", "babsst"); user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); user_pref("extensions.BabylonToolbar.autoRvrt", "false"); user_pref("extensions.BabylonToolbar.bbDpng", "25"); user_pref("extensions.BabylonToolbar.cntry", "NL"); user_pref("extensions.BabylonToolbar.dfltLng", "nl"); user_pref("extensions.BabylonToolbar.excTlbr", false); user_pref("extensions.BabylonToolbar.ffxUnstlRst", true); user_pref("extensions.BabylonToolbar.hdrMd5", "F4B9B2448D9F112001DE0D40474456A4"); user_pref("extensions.BabylonToolbar.hpFFXOld", "http://search.babylon.com/?babsrc=HP_ss_wls&mntrId=D6DB06E543DBA51C&affID=123896&tsp=4982"); user_pref("extensions.BabylonToolbar.id", "d6db585100000000000006e543dba51c"); user_pref("extensions.BabylonToolbar.instlDay", "15939"); user_pref("extensions.BabylonToolbar.instlRef", "sst"); user_pref("extensions.BabylonToolbar.kwURLOld", ""); user_pref("extensions.BabylonToolbar.lastB", "http://search.babylon.com/?babsrc=HP_ss_wls&mntrId=D6DB06E543DBA51C&affID=123896&tsp=4982"); user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.24.622:23:04"); user_pref("extensions.BabylonToolbar.newTab", false); user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"72\",\"lastVrsn\":\"72\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"fals user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar.rvrt", "false"); user_pref("extensions.BabylonToolbar.sg", "tzb"); user_pref("extensions.BabylonToolbar.smplGrp", "none"); user_pref("extensions.BabylonToolbar.tlbrId", "base"); user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=d6db585100000000000006e543dba51c&q="); user_pref("extensions.BabylonToolbar.vrsn", "1.8.24.6"); user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.24.622:23:04"); user_pref("extensions.BabylonToolbar.vrsni", "1.8.24.6"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=123896&tsp=4982"); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); ---- Lines BabylonToolbar removed from user.js ---- user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=d6db585100000000000006e543dba51c&q="); user_pref("extensions.BabylonToolbar.id", "d6db585100000000000006e543dba51c"); user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); user_pref("extensions.BabylonToolbar.instlDay", "15939"); user_pref("extensions.BabylonToolbar.vrsn", "1.8.24.6"); user_pref("extensions.BabylonToolbar.vrsni", "1.8.24.6"); user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.24.622:23:04"); user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar.aflt", "babsst"); user_pref("extensions.BabylonToolbar.smplGrp", "none"); user_pref("extensions.BabylonToolbar.tlbrId", "base"); user_pref("extensions.BabylonToolbar.instlRef", "sst"); user_pref("extensions.BabylonToolbar.dfltLng", "nl"); user_pref("extensions.BabylonToolbar.excTlbr", false); user_pref("extensions.BabylonToolbar.ffxUnstlRst", true); user_pref("extensions.BabylonToolbar.admin", false); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=123896&tsp=4982"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); user_pref("extensions.BabylonToolbar.autoRvrt", "false"); user_pref("extensions.BabylonToolbar.rvrt", "false"); user_pref("extensions.BabylonToolbar.newTab", false); ---- FireFox user.js and prefs.js backups ---- user_07-02-2014_0937_.backup prefs_07-02-2014_0937_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NextLive"=- ==== Deleting Files \ Folders ====================== C:\Users\Tim\AppData\Roaming\newnext.me not found "C:\WINDOWS\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job" not found "C:\WINDOWS\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job" not found "C:\WINDOWS\tasks\RegClean Pro_UPDATES.job" not found C:\Users\Tim\daemonprocess.txt deleted C:\Users\Tim\.android deleted C:\PROGRA~2\RegClean Pro deleted C:\PROGRA~2\MyPC Backup deleted C:\PROGRA~2\Systweak deleted C:\Users\Mcx1-TIM-PC\AppData\Roaming\Systweak deleted C:\Users\Tim\AppData\Roaming\nationzoom deleted C:\Users\Tim\AppData\Roaming\iSafe deleted C:\Users\Tim\AppData\Roaming\ParetoLogic deleted C:\Users\Tim\AppData\Roaming\DriverCure deleted C:\Users\Tim\AppData\Roaming\Babylon deleted C:\Users\Tim\AppData\Roaming\Systweak deleted C:\ProgramData\Systweak deleted C:\ProgramData\APN deleted C:\ProgramData\ParetoLogic deleted C:\ProgramData\WPM deleted C:\Users\Tim\AppData\Local\CRE deleted C:\Users\Tim\AppData\Local\fst_nl_11 deleted C:\Users\Tim\AppData\Local\Mobogenie deleted C:\Users\Tim\AppData\Local\cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector deleted C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\windows\SysNative\Tasks\Searchya deleted C:\WINDOWS\SysNative\sasnative64.exe deleted C:\Users\Tim\Downloads\rcpsetupmarm1_marm11079nl_conduit.exe deleted C:\Users\Tim\Downloads\rcpsetupmarm1_marm1226019352nl.exe deleted C:\Users\Tim\Downloads\SoftonicDownloader_voor_regclean-pro.exe deleted C:\windows\SysNative\tasks\Desk 365 RunAsStdUser deleted C:\windows\SysNative\Tasks\Advanced System Protector_startup deleted C:\WINDOWS\Syswow64\RegistryHelperLM.ocx deleted C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\18ebcc5d.default-1373919720800\searchplugins\ask-search.xml deleted C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\18ebcc5d.default-1373919720800\searchplugins\conduit-search.xml deleted C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\18ebcc5d.default-1373919720800\Invalidprefs.js deleted C:\Users\Public\Desktop\Advanced System Protector.lnk deleted C:\Users\Public\Desktop\RegClean Pro.lnk deleted "C:\PROGRA~2\Advanced System Protector\AdvancedSystemProtector.exe" deleted "C:\PROGRA~2\Advanced System Protector\aspsys.dll" deleted "C:\PROGRA~2\Advanced System Protector\Interop.IWshRuntimeLibrary.dll" deleted "C:\PROGRA~2\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL" deleted "C:\PROGRA~2\Advanced System Protector\scandll.dll" deleted "C:\PROGRA~2\Advanced System Protector\System.Data.SQLite.dll" deleted "C:\PROGRA~2\Advanced System Protector\Xceed.Compression.dll" deleted "C:\PROGRA~2\Advanced System Protector\Xceed.FileSystem.dll" deleted "C:\PROGRA~2\Advanced System Protector\Xceed.Zip.dll" deleted "C:\PROGRA~2\Advanced System Protector" not deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Tim\AppData\Local\Temp ==== ====== Java Cache ===== 2014-02-03 09:26:12 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Tim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-5e7a7798 2014-02-03 09:26:07 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Tim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-649019c5 2014-02-03 09:26:06 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Tim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-68f8108c ====== C:\WINDOWS\SysWOW64 ===== 2014-02-03 08:57:31 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\WINDOWS\SysWOW64\javaws.exe 2014-02-03 08:57:26 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\WINDOWS\SysWOW64\javaw.exe 2014-02-03 08:57:26 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-02-03 08:57:26 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\WINDOWS\SysWOW64\java.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-02-06 09:59:19 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Tim\AppData\Roaming ====== 2014-02-04 11:46:16 -------- d-----w- C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum 2014-02-04 11:46:14 -------- d-----w- C:\Users\Tim\AppData\Local\Hema Fotoalbum ====== C:\Users\Tim ====== 2014-02-06 09:58:58 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Tim\Downloads\RSITx64(1).exe 2014-02-06 09:54:48 71458695DA965B07312DCE2822CE5956 22079 ----a-w- C:\Users\Tim\Desktop\RSITx64.exe 2014-02-05 20:15:33 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\DefaultAppPool\ntuser.ini 2014-02-04 11:45:58 81DF17EAE33CB2A422A9183672564FC2 6774448 ----a-w- C:\Users\Tim\Downloads\Hema_NL.exe 2014-02-03 08:57:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-01-27 22:43:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-01-27 22:34:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-01-26 12:32:34 91D5971A920CA13BCBB80652B52B872C 449376 ----a-w- C:\Users\Tim\Downloads\How_to_Train_Your_Dragon_(2010)_DvdRip_XviD_Animatie_.exe 2014-01-15 19:51:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar ====== C: exe-files == 2014-02-07 08:15:08 A7A117CB1104D0829466F48E17BE0A71 118896 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe 2014-02-06 09:59:19 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Tim.exe 2014-02-06 09:58:58 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Tim\Downloads\RSITx64(1).exe 2014-02-06 09:54:48 71458695DA965B07312DCE2822CE5956 22079 ----a-w- C:\Users\Tim\Desktop\RSITx64.exe 2014-02-06 09:09:21 75571C40ECC29BCBFF16B1FC3C3ED170 364880 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000057b6\updatus.17778707_RUNASUSER.exe 2014-02-04 11:46:14 EBF7173F377907539A4D70B021C60A36 5184552 ----a-w- C:\Users\Tim\AppData\Local\Hema Fotoalbum\apc.exe 2014-02-04 11:46:14 30B39F21F1B121DB4B77FC29DA71F661 1184469 ----a-w- C:\Users\Tim\AppData\Local\Hema Fotoalbum\unins000.exe 2014-02-04 11:45:58 81DF17EAE33CB2A422A9183672564FC2 6774448 ----a-w- C:\Users\Tim\Downloads\Hema_NL.exe 2014-02-04 02:33:47 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe 2014-02-03 08:56:36 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Tim\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe 2014-02-01 19:21:35 574B62CAD5B2F34A29C2E2AA1D1A16B1 681984 ----a-w- C:\Users\Tim\Downloads\Dallas Buyers Club (2013) HQ AC3 DD51 (Ingebakken Subs)\InF0-HANNES3\Busca Plugins\Busca Plugins\setup.exe === C: other files == 2014-02-01 19:21:37 559B4BBBAD699005F7559395BDEE9D09 22290 ----a-w- C:\Users\Tim\Downloads\Dallas Buyers Club (2013) HQ AC3 DD51 (Ingebakken Subs)\InF0-HANNES3\Busca Plugins\Busca Plugins\BuscaNzbChrome.crx 2014-02-01 19:21:36 59484751E6DC9C9897D0B44D7A862CCC 14631 ----a-w- C:\Users\Tim\Downloads\Dallas Buyers Club (2013) HQ AC3 DD51 (Ingebakken Subs)\InF0-HANNES3\Busca Plugins\Busca Plugins\BuscaNzbv10.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3378421679-160947958-2246735523-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 7510 series (NET)"="C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe -deviceID CN25L340HF05PX:NW -scfn HP Photosmart 7510 series (NET) -AutoStart 1" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_USERS\S-1-5-21-3378421679-160947958-2246735523-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "ASUSWebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Aimersoft Helper Compact.exe"="C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 7510 series (NET)"="C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe -deviceID CN25L340HF05PX:NW -scfn HP Photosmart 7510 series (NET) -AutoStart 1" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll,C:\\WINDOWS\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ACMON] "command"="C:\\Program Files (x86)\\ASUS\\Splendid\\ACMON.exe" "hkey"="HKLM" "item"="ACMON" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL] "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" "hkey"="HKLM" "item"="RTHDVCPL" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2012-11-05 16:59:09 1948 ----a-w- C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 7510 series (netwerk).lnk 2013-01-10 16:33:04 1037 ----a-w- C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnk 2012-02-24 02:50:52 2062 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk 2013-02-17 19:24:00 1949 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04-02-2014 20:44] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-02-2012 03:28] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-02-2012 03:28] C:\WINDOWS\tasks\HP Photo Creations Messager.job --a-------- C:\ProgramData\HP Photo Creations\MessageCheck.exe [15-02-2011 11:11] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\WINDOWS\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\WINDOWS\SysNative\tasks\ASUS Quick Gesture" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe] "C:\WINDOWS\SysNative\tasks\ASUS Quick Gesture (x64)" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe] "C:\WINDOWS\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe] "C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\WINDOWS\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HP Photo Creations Messager" [C:\ProgramData\HP Photo Creations\MessageCheck.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Photosmart 7510 series" ["C:\Program Files\HP\HP Photosmart 7510 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\hpUrlLauncher.exe_{415EAF62-E41A-4B10-B99E-63D9DD4F400A}" [C:\Program Files\HP\HP Photosmart 7510 series\Bin\utils\hpUrlLauncher.exe] "C:\WINDOWS\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{C6E5D42E-655F-43D7-956A-5C94887FC7DF}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "quickprint@hp.com"="C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension" [26-01-2011 14:27] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\18ebcc5d.default-1373919720800 FD6ACD9D85177259D442A0C4AC15F7B8 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash 7EF7E4C1325D533F5186E7118ABB0E7C - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll - McAfee Security Scanner + 8F0B95B3AC17DAE9E138E7BBE2429B6C - C:\Users\Tim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[] ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Tim\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[] ojcdnngpmbenohhjlickdajclhbcaada - C:\Program Files (x86)\TubeSaver\128.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Tim\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[] BittorrentBar_NL - Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn ==== Chrome Fix ====================== C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndgonipadfipmlmdfofnjnhhlgojnjdn_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.nationzoom.com/web/?type=ds&ts=1388859928&from=slbnew&uid=WDCXWD7500BPVT-80HXZT3_WD-WXK1E32YMPA6YMPA6&q={searchTerms}" "Search Page"="http://www.nationzoom.com/web/?type=ds&ts=1388859928&from=slbnew&uid=WDCXWD7500BPVT-80HXZT3_WD-WXK1E32YMPA6YMPA6&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.nationzoom.com/web/?type=ds&ts=1388859928&from=slbnew&uid=WDCXWD7500BPVT-80HXZT3_WD-WXK1E32YMPA6YMPA6&q={searchTerms}" "Search Page"="http://www.nationzoom.com/web/?type=ds&ts=1388859928&from=slbnew&uid=WDCXWD7500BPVT-80HXZT3_WD-WXK1E32YMPA6YMPA6&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found" {5391D561-1DDF-9C86-6BCB-57B9C08F04D6} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3378421679-160947958-2246735523-1001\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully HKEY_USERS\S-1-5-21-3378421679-160947958-2246735523-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5391D561-1DDF-9C86-6BCB-57B9C08F04D6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ojcdnngpmbenohhjlickdajclhbcaada deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tim\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Tim\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Tim\AppData\Local\Mozilla\Firefox\Profiles\18ebcc5d.default-1373919720800\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1034 folders=180 877303013 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully C:\Users\Mcx1-TIM-PC\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Tim\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Tim\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\Advanced System Protector" not found ==== EOF on vr 07-02-2014 at 9:53:34,50 ======================

Zoek.exe v5.0.0.0 Updated 31-January-2014 Tool run by Tim on do 06-02-2014 at 20:16:01,37. Microsoft Windows 8.1 Pro met Media Center 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tim\Downloads\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 6-2-2014 20:17:39 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\predm deleted successfully C:\PROGRA~2\WinZipper deleted successfully C:\Program Files\Elantech deleted successfully C:\ProgramData\Babylon deleted successfully C:\ProgramData\Oracle deleted successfully C:\Users\Tim\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Tim\AppData\Roaming\WinRAR deleted successfully C:\Users\Mcx1-TIM-PC\AppData\Local\VirtualStore deleted successfully C:\Users\Tim\AppData\Local\Bundled software uninstaller deleted successfully C:\Users\Tim\AppData\Local\FilesFrog Update Checker deleted successfully C:\Users\Tim\AppData\Local\genienext deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NextLive"=- ==== Deleting Files \ Folders ====================== C:\Users\Tim\AppData\Roaming\newnext.me not found "C:\WINDOWS\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job" deleted "C:\WINDOWS\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job" deleted "C:\WINDOWS\tasks\RegClean Pro_UPDATES.job" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Tim\AppData\Local\Temp ==== 2014-02-05 11:58:25 E3A25C80E2375B2D42C3D4729769BDF3 10240 ----a-w- C:\Users\Tim\AppData\Local\Temp\SDIAG_2c4a59fb-a8d6-4fb1-b958-0f740fd49695\NetworkDiagnosticSnapIn.dll ====== Java Cache ===== 2014-02-03 09:26:12 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Tim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-5e7a7798 2014-02-03 09:26:07 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Tim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-649019c5 2014-02-03 09:26:06 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Tim\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-68f8108c ====== C:\WINDOWS\SysWOW64 ===== 2014-02-03 08:57:31 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\WINDOWS\SysWOW64\javaws.exe 2014-02-03 08:57:26 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\WINDOWS\SysWOW64\javaw.exe 2014-02-03 08:57:26 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-02-03 08:57:26 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\WINDOWS\SysWOW64\java.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-02-06 09:59:19 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Tim\AppData\Roaming ====== 2014-02-06 09:12:45 -------- d-----w- C:\Users\Tim\AppData\Roaming\DriverCure 2014-02-04 11:46:16 -------- d-----w- C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum 2014-02-04 11:46:14 -------- d-----w- C:\Users\Tim\AppData\Local\Hema Fotoalbum ====== C:\Users\Tim ====== 2014-02-06 09:58:58 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Tim\Downloads\RSITx64(1).exe 2014-02-06 09:54:48 71458695DA965B07312DCE2822CE5956 22079 ----a-w- C:\Users\Tim\Desktop\RSITx64.exe 2014-02-05 20:15:33 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\DefaultAppPool\ntuser.ini 2014-02-04 11:45:58 81DF17EAE33CB2A422A9183672564FC2 6774448 ----a-w- C:\Users\Tim\Downloads\Hema_NL.exe 2014-02-03 08:57:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-01-27 22:43:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-01-27 22:34:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-01-26 12:32:34 91D5971A920CA13BCBB80652B52B872C 449376 ----a-w- C:\Users\Tim\Downloads\How_to_Train_Your_Dragon_(2010)_DvdRip_XviD_Animatie_.exe 2014-01-15 19:51:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar ====== C: exe-files == 2014-02-06 09:59:19 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Tim.exe 2014-02-06 09:58:58 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Tim\Downloads\RSITx64(1).exe 2014-02-06 09:54:48 71458695DA965B07312DCE2822CE5956 22079 ----a-w- C:\Users\Tim\Desktop\RSITx64.exe 2014-02-06 09:09:21 75571C40ECC29BCBFF16B1FC3C3ED170 364880 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000057b6\updatus.17778707_RUNASUSER.exe 2014-02-04 11:46:14 EBF7173F377907539A4D70B021C60A36 5184552 ----a-w- C:\Users\Tim\AppData\Local\Hema Fotoalbum\apc.exe 2014-02-04 11:46:14 30B39F21F1B121DB4B77FC29DA71F661 1184469 ----a-w- C:\Users\Tim\AppData\Local\Hema Fotoalbum\unins000.exe 2014-02-04 11:45:58 81DF17EAE33CB2A422A9183672564FC2 6774448 ----a-w- C:\Users\Tim\Downloads\Hema_NL.exe 2014-02-04 02:33:47 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe 2014-02-03 08:57:31 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-02-03 08:57:26 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-02-03 08:57:26 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe 2014-02-03 08:56:36 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Tim\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe 2014-02-01 19:21:35 574B62CAD5B2F34A29C2E2AA1D1A16B1 681984 ----a-w- C:\Users\Tim\Downloads\Dallas Buyers Club (2013) HQ AC3 DD51 (Ingebakken Subs)\InF0-HANNES3\Busca Plugins\Busca Plugins\setup.exe === C: other files == 2014-02-06 08:47:40 8034A8F0F1C2A6D4B0553021127196B0 30250 ----a-w- C:\ProgramData\Systweak\Advanced System Protector\updates\1668update.zip 2014-02-05 20:08:28 2428D64A753C593BCDBE759030F2E608 44550 ----a-w- C:\ProgramData\Systweak\Advanced System Protector\updates\1667update.zip 2014-02-05 11:33:50 3F83470E5B4C337A46F8A288732AF454 58459 ----a-w- C:\ProgramData\Systweak\Advanced System Protector\updates\1666update.zip 2014-02-04 12:51:55 CF33F46A41237540C5B5F352AC9C4508 1484 ----a-w- C:\ProgramData\Systweak\Advanced System Protector\updates\1665update.zip 2014-02-04 12:51:55 31FE615E7B1453AE06C470E3D7088851 377892 ----a-w- C:\ProgramData\Systweak\Advanced System Protector\updates\1664update.zip 2014-02-03 16:51:54 C9C9D1F645B04E393A35A3B1A647FB94 55936 ----a-w- C:\ProgramData\Systweak\Advanced System Protector\updates\1663update.zip 2014-02-03 12:51:55 B67DED044C48911962362E38D03647EE 192702 ----a-w- C:\ProgramData\Systweak\Advanced System Protector\updates\1662update.zip 2014-02-01 19:21:37 559B4BBBAD699005F7559395BDEE9D09 22290 ----a-w- C:\Users\Tim\Downloads\Dallas Buyers Club (2013) HQ AC3 DD51 (Ingebakken Subs)\InF0-HANNES3\Busca Plugins\Busca Plugins\BuscaNzbChrome.crx 2014-02-01 19:21:36 59484751E6DC9C9897D0B44D7A862CCC 14631 ----a-w- C:\Users\Tim\Downloads\Dallas Buyers Club (2013) HQ AC3 DD51 (Ingebakken Subs)\InF0-HANNES3\Busca Plugins\Busca Plugins\BuscaNzbv10.xpi 2014-01-31 11:42:51 3B9B90877FD05F5BE15B36877B90C3A1 1313680 ----a-w- C:\ProgramData\Systweak\Advanced System Protector\updates\1661update.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3378421679-160947958-2246735523-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 7510 series (NET)"="C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe -deviceID CN25L340HF05PX:NW -scfn HP Photosmart 7510 series (NET) -AutoStart 1" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_USERS\S-1-5-21-3378421679-160947958-2246735523-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "ASUSWebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Aimersoft Helper Compact.exe"="C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 7510 series (NET)"="C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe -deviceID CN25L340HF05PX:NW -scfn HP Photosmart 7510 series (NET) -AutoStart 1" "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll,C:\\WINDOWS\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ACMON] "command"="C:\\Program Files (x86)\\ASUS\\Splendid\\ACMON.exe" "hkey"="HKLM" "item"="ACMON" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL] "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" "hkey"="HKLM" "item"="RTHDVCPL" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2012-11-05 16:59:09 1948 ----a-w- C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 7510 series (netwerk).lnk 2013-01-10 16:33:04 1037 ----a-w- C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnk 2012-02-24 02:50:52 2062 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk 2013-02-17 19:24:00 1949 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04-02-2014 20:44] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-02-2012 03:28] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-02-2012 03:28] C:\WINDOWS\tasks\HP Photo Creations Messager.job --a-------- C:\ProgramData\HP Photo Creations\MessageCheck.exe [15-02-2011 11:11] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\Advanced System Protector_startup" [C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe] "C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\WINDOWS\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\WINDOWS\SysNative\tasks\ASUS Quick Gesture" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe] "C:\WINDOWS\SysNative\tasks\ASUS Quick Gesture (x64)" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe] "C:\WINDOWS\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe] "C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\WINDOWS\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\Desk 365 RunAsStdUser" [C:\Program Files (x86)\Desk 365\desk365.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HP Photo Creations Messager" [C:\ProgramData\HP Photo Creations\MessageCheck.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Photosmart 7510 series" ["C:\Program Files\HP\HP Photosmart 7510 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\hpUrlLauncher.exe_{415EAF62-E41A-4B10-B99E-63D9DD4F400A}" [C:\Program Files\HP\HP Photosmart 7510 series\Bin\utils\hpUrlLauncher.exe] "C:\WINDOWS\SysNative\tasks\Searchya" [C:\Users\Tim\AppData\Roaming\Searchya\UPDATE~1\UPDATE~1.EXE] "C:\WINDOWS\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{C6E5D42E-655F-43D7-956A-5C94887FC7DF}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "quickprint@hp.com"="C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension" [26-01-2011 14:27] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\18ebcc5d.default-1373919720800 FD6ACD9D85177259D442A0C4AC15F7B8 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash 7EF7E4C1325D533F5186E7118ABB0E7C - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll - McAfee Security Scanner + 8F0B95B3AC17DAE9E138E7BBE2429B6C - C:\Users\Tim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4 folders=0 2391 bytes) ==== EOF on do 06-02-2014 at 20:21:04,66 ======================

Graag jullie hulp bij bovenstaande foutmelding. Het logje heb ik ingesloten. Alvast hartelijk dank![ATTACH]30186[/ATTACH] log.txt