Ga naar inhoud

didierbank1

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    58

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door didierbank1

  1. didierbank1
    Als ik programma's wil downloaden lukt dat niet (exe bestanden pakt ie niet) Malwarebite anti malware geeft bij het openen nog steeds error code 339 andere programma's kunnen ook niet geopend worden bijv. norman malware cleaner. Nog even een vraagje dat ik de xp cd op mijn harde schijf (c schijf heb opgeslagen) heeft dat denk je een verbeter punt opgeleverd, en zo ja wat nu te doen ? ook krijg ik niet voor elkaar om de flashplayer te downloaden. D. Bank
  2. didierbank1
    Ik heb de xp cd gekopiërd naar de c schijf, dat is gelukt. Misschien dat er nu iets aan het probleem gedaan kan worden. Als ik sfc /scannow bij uitvoeren intik krijg ik een melding dat er snelkoppelingen ontbreken en dat in het configuratiescherm mapopties aangepast moeten worden, ik heb alleen geen idee hoe ik dat moet doen. - - - Updated - - - p.s. Heb je nog naar mijn logje gekeken heb je daar iets aan of niet ?
  3. didierbank1
    Dat heb ik gedaan d. bank
  4. didierbank1
    goedeavond, Kan helemaal geen exe bestanden meer openen ik heb hier nog een logje, misschien dat je het probleem daar in kunt vinden. Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe] @="exefile" "Content Type"="application/x-msdownload" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe\PersistentHandler] @="{098f2470-bae0-11cd-b579-08002b30bfeb}" Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile] @="Application" "EditFlags"=hex:38,07,00,00 "TileInfo"="prop:FileDescription;Company;FileVersion" "InfoTip"="prop:FileDescription;Company;FileVersion;Create;Size" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\DefaultIcon] @="%1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open] "EditFlags"=hex:00,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command] @="\"%1\" %*" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\runas\command] @="\"%1\" %*" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\ContextMenuHandlers] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\DropHandler] @="{86C86720-42A0-1069-A2E8-08002B30309D}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\PropertySheetHandlers] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\PropertySheetHandlers\PEAnalyser] @="{09A63660-16F9-11d0-B1DF-004F56001CA7}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\PropertySheetHandlers\PifProps] @="{86F19A00-42A0-1069-A2E9-08002B30309D}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page] @="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shellex\PropertySheetHandlers\{B41DB860-8EE4-11D2-9906-E49FADC173CA}] @="" Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk] @="lnkfile" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{000214EE-0000-0000-C000-000000000046}] @="{00021401-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{000214F9-0000-0000-C000-000000000046}] @="{00021401-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{00021500-0000-0000-C000-000000000046}] @="{00021401-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellEx\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}] @="{00021401-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.lnk\ShellNew] "Command"="rundll32.exe appwiz.cpl,NewLinkHere %1" Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile] @="Snelkoppeling" "EditFlags"=dword:00000001 "IsShortcut"="" "NeverShowExt"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\CLSID] @="{00021401-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Offline Files] @="{750fdf0e-2a26-11d1-a3ea-080036587f03}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\{00021401-0000-0000-C000-000000000046}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\DropHandler] @="{00021401-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\IconHandler] @="{00021401-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\PropertySheetHandlers] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\PropertySheetHandlers\ShimLayer Property Page] @="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Classes\exefile] "TileInfo"="prop:FileDescription;Company;FileVersion" "InfoTip"="prop:FileDescription;Company;FileVersion;Create;Size" @="Application" "EditFlags"=hex:38,07,00,00 [HKEY_CURRENT_USER\Software\Classes\exefile\shell] @="Empty" [HKEY_CURRENT_USER\Software\Classes\exefile\shell\open] "EditFlags"=hex:00,00,00,00 Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithList] "a"="AcroRd32.exe" "MRUList"="az" "z"="LaunchOpenAs.pcmmexe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids] "exefile"=hex(0): Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithList] "a"="taskmgr.exe" "MRUList"="ba" "b"="FileASSASSIN.exe" ! End of log !
  5. didierbank1
    Goedemiddag en de beste wensen voor 2014 Bij start uitvoeren sfc /scannow als ik dit invoer en op ok druk krijg ik de melding erkent sfc exe niet. Als ik de windown xp cd erin stop draait de schijf eventjes en vervolgens gebeurt er niets. De d schijf is wel actief maar er gebeurt niets. Mvg, D. Bank
  6. didierbank1
    Goedeavond, Mijn broer heeft een windows xp cd, die ga ik morgen ophalen, dan ga ik het op 1 januari nog een keer proberen. Heeft het misschien nog zin om een herstel punt te maken van een week terug, ik weet niet of dat nog uit zal maken. Mvg, D. Bank
  7. didierbank1
    Goedemiddag, kan er misschien nog gereageerd worden op mijn vorige mail, ik begin een beetje moedeloos van mijn computer te worden.
  8. didierbank1
    Goedemorgen, Ik heb bij start, uitvoeren sfc/scannow ingetoets, daarna krijg ik een venster met de volgende melding: Bovenin het scherm krijg ik de melding Windows Bestandsbeveiliging Bestanden die voor een goede werking van windows nodig zijn, moeten worden gekopieerd naar de map DLL Cache. Plaats nu Cd-rom windows xp professional. Het probleem is alleen dat ik geen cd rom heb van windows xp Gr, D. Bank
  9. didierbank1
    Goede morgen, ik heb nog exact dezelfde problemen met malmare bytes en norman malware cleaner. Malware bite verwijst steeds naar error 339 en norman malware cleaner verwijst naar een toepassingsfout op het exe bestand, de lees of schrijfbewerking op het geheugen is mislukt. Ook kan ik in youtube geen filmpjes meer bekijken, krijg steeds de melding dat ik een flashplayer moet installeren, dit probleem krijg ik alleen in fire fox, met google chrome gaat het wel goed. in fire fox heb ik al diverse malen geprobeerd de flashplayer te downloaden maar dat lukt steeds niet. gr, D. Bank
  10. didierbank1
    Goedeavond, Hier is het 5e logje (combofix) ComboFix 13-12-26.01 - Barbie 27-12-2013 21:10:21.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1015.611 [GMT 1:00] Gestart vanuit: c:\documents and settings\Barbie\Mijn documenten\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Barbie\Bureaublad\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . FILE :: "c:\windows\system32\drivers\jdbkjbbn.sys" "c:\windows\system32\drivers\onaoq.sys" "c:\windows\Tasks\Start Registry Reviver for HP-DD4A2B89C61D@Barbie(logon).job" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\YTD Video Downloader c:\documents and settings\All Users\Application Data\YTD Video Downloader\savedItems.ysi c:\documents and settings\All Users\Application Data\YTD Video Downloader\scripts0.yds . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_jdbkjbbn -------\Service_lyxooctl . . (((((((((((((((((((( Bestanden Gemaakt van 2013-11-27 to 2013-12-27 )))))))))))))))))))))))))))))) . . 2013-12-27 17:31 . 2013-12-27 17:31 -------- d-----w- c:\program files\GreenTree Applications 2013-12-27 17:11 . 2013-12-27 20:06 -------- d--h--r- c:\documents and settings\Barbie\Onlangs geopend 2013-12-26 22:23 . 2013-12-26 22:23 -------- d-----w- c:\documents and settings\Barbie\Application Data\Sammsoft 2013-12-26 22:23 . 2013-12-26 22:23 -------- d-----w- c:\program files\ARO 2013 2013-12-26 21:46 . 2013-12-26 21:46 -------- d-----w- c:\documents and settings\Barbie\SyncFolder 2013-12-26 21:41 . 2013-12-26 22:15 -------- d-----w- c:\documents and settings\Barbie\Application Data\Uniblue 2013-12-26 21:41 . 2013-12-26 22:15 -------- d-----w- c:\program files\Uniblue 2013-12-24 16:49 . 2013-12-24 16:49 -------- d-----w- C:\SUPERDelete 2013-12-24 16:45 . 2013-12-24 16:45 -------- d-----w- c:\documents and settings\Barbie\Application Data\SUPERAntiSpyware.com 2013-12-24 16:45 . 2013-12-24 16:45 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-12-24 16:45 . 2013-12-24 16:45 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2013-12-23 17:23 . 2013-12-23 17:23 -------- d-----w- c:\program files\ESET 2013-12-22 09:31 . 2013-12-23 23:54 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Unleashed Online 2013-12-20 22:53 . 2013-04-23 14:09 12928 ----a-w- c:\windows\system32\drivers\filedisk.sys 2013-12-20 22:45 . 2013-12-23 23:40 -------- d-----w- c:\documents and settings\Barbie\Application Data\Nico Mak Computing 2013-12-19 19:23 . 2013-12-23 23:05 -------- d-----w- C:\zoek_backup 2013-12-19 17:09 . 2013-12-19 17:10 -------- d-----w- C:\rsit 2013-12-19 17:09 . 2013-12-19 17:10 -------- d-----w- c:\program files\trend micro 2013-12-18 16:11 . 2013-12-26 22:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-12-18 16:11 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-12-18 16:02 . 2013-12-26 22:15 -------- d-----w- C:\AdwCleaner 2013-12-18 13:54 . 2013-12-18 13:54 -------- d-----w- c:\documents and settings\Barbie\Application Data\JAM Software 2013-12-18 13:54 . 2013-12-18 13:54 -------- d-----w- c:\program files\JAM Software 2013-12-17 23:27 . 2013-12-17 23:27 -------- d-----w- c:\program files\Defraggler 2013-12-17 21:47 . 2013-12-17 21:47 -------- d-----w- c:\documents and settings\Barbie\Application Data\Malwarebytes 2013-12-17 18:50 . 2013-12-26 22:10 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2013-12-17 18:50 . 2013-12-17 18:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2013-12-17 17:24 . 2013-12-27 20:03 -------- d-----w- c:\windows\system32\wbem\Logs 2013-12-17 17:19 . 2013-12-17 17:19 -------- d-----w- c:\windows\system32\wbem\mof\good 2013-12-17 17:19 . 2013-12-17 17:19 -------- d-----w- c:\windows\system32\wbem\mof\bad 2013-12-11 18:24 . 2013-12-11 19:24 9272200 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2013-11-28 17:20 . 2013-11-28 17:20 -------- d-----w- c:\documents and settings\Barbie\Application Data\AVG2013 2013-11-28 17:20 . 2013-11-28 17:20 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013 2013-11-28 17:16 . 2013-11-29 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2013 2013-11-28 17:14 . 2013-11-28 17:14 -------- d-----w- c:\program files\AVG 2013-11-28 17:11 . 2013-11-29 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2013-11-28 17:11 . 2013-11-28 18:04 -------- d-----w- c:\documents and settings\Barbie\Local Settings\Application Data\Avg2013 2013-11-28 17:11 . 2013-11-28 17:11 -------- d-----w- c:\documents and settings\Barbie\Local Settings\Application Data\MFAData . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-12-17 19:06 . 2013-06-21 18:48 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-12-17 19:06 . 2013-06-21 18:48 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-12-17 19:06 . 2013-06-21 18:48 410528 ----a-w- c:\windows\system32\drivers\aswsp.sys 2013-12-17 19:06 . 2013-06-21 18:48 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2013-12-17 19:06 . 2013-06-21 18:48 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-12-17 19:06 . 2013-06-21 18:48 43152 ----a-w- c:\windows\avastSS.scr 2013-12-17 19:06 . 2013-06-14 20:57 270240 ----a-w- c:\windows\system32\aswBoot.exe 2013-12-11 19:25 . 2012-11-01 19:51 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-12-11 19:24 . 2012-11-01 19:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-11-20 02:19 . 2013-11-20 02:19 247192 ----a-w- c:\windows\system32\drivers\aswndis2.sys 2013-11-14 21:09 . 2013-11-14 21:09 715038 ----a-w- c:\windows\unins000.exe 2013-11-13 03:00 . 2004-08-03 23:03 150528 ------w- c:\windows\system32\imagehlp.dll 2013-11-07 05:38 . 2004-08-03 23:03 591360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-11-06 01:36 . 2008-05-05 05:25 7680 ----a-w- c:\windows\system32\xpsp4res.dll 2013-10-30 22:45 . 2013-06-21 18:48 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-10-30 02:51 . 2004-08-03 22:56 1879168 ------w- c:\windows\system32\win32k.sys 2013-10-29 07:45 . 2004-08-03 23:03 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-10-29 07:45 . 2004-08-03 23:03 920064 ----a-w- c:\windows\system32\wininet.dll 2013-10-29 07:45 . 2004-08-03 23:03 43520 ------w- c:\windows\system32\licmgr10.dll 2013-10-29 07:45 . 2004-08-03 23:03 18944 ------w- c:\windows\system32\corpol.dll 2013-10-29 00:48 . 2004-08-03 22:55 385024 ------w- c:\windows\system32\html.iec 2013-10-23 23:45 . 2008-05-09 10:56 172032 ----a-w- c:\windows\system32\scrrun.dll 2013-10-17 16:22 . 2013-10-17 16:23 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-10-17 16:22 . 2013-10-17 16:23 145408 ----a-w- c:\windows\system32\javacpl.cpl 2013-10-14 18:41 . 2013-06-21 18:48 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-10-14 18:41 . 2013-10-30 22:37 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys 2013-10-12 15:57 . 2004-08-03 23:03 279040 ----a-w- c:\windows\system32\oakley.dll 2013-10-09 13:13 . 2004-08-03 23:03 287744 ----a-w- c:\windows\system32\gdi32.dll 2013-10-07 11:00 . 2004-08-03 23:03 606720 ----a-w- c:\windows\system32\crypt32.dll 2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 13:30 216064 --sh--r- c:\windows\system32\nbDX.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-12-17 19:06 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1AMPCBOK] @="{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}" [HKEY_CLASSES_ROOT\CLSID\{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}] 2010-03-18 09:09 297808 ----a-w- c:\windows\system32\mscoree.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2003-03-09 188416] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-17 3764024] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ ICIDU 11n USB Wireless LAN Utility.lnk - c:\program files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe /H [2012-9-22 1015808] Wireless Configuration Utility.lnk - c:\program files\Thomson\TG122n\WlanCU.exe [2010-12-7 380928] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^Barbie^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk] path=c:\documents and settings\Barbie\Menu Start\Programma's\Opstarten\LimeWire On Startup.lnk backup=c:\windows\pss\LimeWire On Startup.lnkStartup . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" -s "uTorrent"="e:\muziek en programma's\uTorrent\uTorrent.exe" /MINIMIZED "AROReminder"=c:\program files\ARO 2013\ARO.exe -rem "ccleaner"="c:\program files\CCleaner\ccleaner.exe" /AUTO . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\msiexec.exe"= "c:\\Program Files\\DownloadManager\\jre\\bin\\javaw.exe"= "c:\\Program Files\\ICIDU\\ICIDU 11n USB Wireless LAN\\RtWLan.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "f:\\Muziek en programma's\\VLC\\vlc.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Documents and Settings\\Barbie\\Application Data\\uTorrent\\uTorrent.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "50005:TCP"= 50005:TCP:utorrent 3.0 "50005:UDP"= 50005:UDP:utorrent 3.0 "1542:TCP"= 1542:TCP:Realtek WPS TCP Prot "1542:UDP"= 1542:UDP:Realtek WPS UDP Prot "53:UDP"= 53:UDP:Realtek AP UDP Prot "2987:TCP"= 2987:TCP:Connectify File Sharing "16765:TCP"= 16765:TCP:BitComet 16765 TCP "16765:UDP"= 16765:UDP:BitComet 16765 UDP . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [21-6-2013 19:48 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [21-6-2013 19:48 180248] R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [28-2-2013 21:24 13560] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [21-6-2013 19:48 775952] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [21-6-2013 19:48 410528] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22-7-2011 17:27 12880] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [12-7-2011 22:55 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [10-10-2013 23:54 120088] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [21-6-2013 19:48 67824] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [23-1-2012 5:43 92592] R2 WLNdis50;Wireless Lan NDIS Protocol I/O Control;c:\windows\system32\drivers\WLNdis50.sys [7-12-2010 18:27 20480] S2 aswFsBlk;aswFsBlk;\??\c:\windows\system32\drivers\aswFsBlk.sys --> c:\windows\system32\drivers\aswFsBlk.sys [?] S2 WLSVC;WLSVC;c:\program files\Thomson\TG122n\WLSVC.exe [7-12-2010 18:27 167936] S3 cnnctfy2MP;cnnctfy2MP;c:\windows\system32\DRIVERS\cnnctfy2.sys --> c:\windows\system32\DRIVERS\cnnctfy2.sys [?] S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [6-5-2011 14:57 13904] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [17-12-2013 19:50 40776] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [7-12-2010 18:27 588032] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-12-06 17:46 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-12-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-01 19:25] . 2013-12-27 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-06-21 19:06] . 2013-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-13 20:59] . 2013-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-13 20:59] . 2013-12-27 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . 2013-12-27 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 3f720467-c120-440a-8a6b-9e60b96573e4.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08] . 2013-12-25 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 664a0bb6-1703-49a7-96e6-e3122cb51513.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08] . 2013-12-27 c:\windows\Tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://mozilla firefox/ mStart Page = about:blank Trusted Zone: pc-helpforum.be TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\documents and settings\Barbie\Application Data\Mozilla\Firefox\Profiles\k34p2zue.default-1388092157578\ FF - prefs.js: browser.startup.homepage - Google . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-12-27 21:23 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(4012) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files\Java\jre7\bin\jqs.exe c:\windows\system32\wscntfy.exe c:\program files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe . ************************************************************************** . Voltooingstijd: 2013-12-27 21:28:57 - machine werd herstart ComboFix-quarantined-files.txt 2013-12-27 20:28 ComboFix2.txt 2013-12-26 23:50 . Pre-Run: 16.766.922.752 bytes beschikbaar Post-Run: 16.825.106.432 bytes beschikbaar . - - End Of File - - 9E3EA91347723054973259B9B2E04CD4 3051207086651214E435112E51817DC5 Mvg, D. Bank
  11. didierbank1
    Goedeavond, Hierbij stuur ik jou het 4e logje van (combofix) ComboFix 13-12-26.01 - Barbie 27-12-2013 0:30.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1015.626 [GMT 1:00] Gestart vanuit: c:\documents and settings\Barbie\Mijn documenten\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP C:\install.exe c:\windows\system32\X86 . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_BROWSERDEFENDERT . . (((((((((((((((((((( Bestanden Gemaakt van 2013-11-26 to 2013-12-26 )))))))))))))))))))))))))))))) . . 2013-12-26 22:23 . 2013-12-26 22:23 -------- d-----w- c:\documents and settings\Barbie\Application Data\Sammsoft 2013-12-26 22:23 . 2013-12-26 22:23 -------- d-----w- c:\program files\ARO 2013 2013-12-26 21:46 . 2013-12-26 21:46 -------- d-----w- c:\documents and settings\Barbie\SyncFolder 2013-12-26 21:41 . 2013-12-26 22:15 -------- d-----w- c:\documents and settings\Barbie\Application Data\Uniblue 2013-12-26 21:41 . 2013-12-26 22:15 -------- d-----w- c:\program files\Uniblue 2013-12-26 21:32 . 2013-12-26 22:19 -------- d-----w- c:\documents and settings\All Users\Application Data\RegistryReviver.exe 2013-12-26 21:28 . 2013-12-26 21:28 -------- d-----w- c:\program files\ReviverSoft 2013-12-26 20:56 . 2013-12-26 20:56 -------- d--h--r- c:\documents and settings\Barbie\Onlangs geopend 2013-12-24 16:49 . 2013-12-24 16:49 -------- d-----w- C:\SUPERDelete 2013-12-24 16:45 . 2013-12-24 16:45 -------- d-----w- c:\documents and settings\Barbie\Application Data\SUPERAntiSpyware.com 2013-12-24 16:45 . 2013-12-24 16:45 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-12-24 16:45 . 2013-12-24 16:45 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2013-12-24 16:12 . 2013-12-26 13:33 -------- d-----w- c:\documents and settings\All Users\Application Data\YTD Video Downloader 2013-12-23 17:23 . 2013-12-23 17:23 -------- d-----w- c:\program files\ESET 2013-12-22 09:31 . 2013-12-23 23:54 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Unleashed Online 2013-12-20 22:53 . 2013-04-23 14:09 12928 ----a-w- c:\windows\system32\drivers\filedisk.sys 2013-12-20 22:45 . 2013-12-23 23:40 -------- d-----w- c:\documents and settings\Barbie\Application Data\Nico Mak Computing 2013-12-19 19:23 . 2013-12-23 23:05 -------- d-----w- C:\zoek_backup 2013-12-19 17:09 . 2013-12-19 17:10 -------- d-----w- C:\rsit 2013-12-19 17:09 . 2013-12-19 17:10 -------- d-----w- c:\program files\trend micro 2013-12-18 16:11 . 2013-12-26 22:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-12-18 16:11 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-12-18 16:02 . 2013-12-26 22:15 -------- d-----w- C:\AdwCleaner 2013-12-18 13:54 . 2013-12-18 13:54 -------- d-----w- c:\documents and settings\Barbie\Application Data\JAM Software 2013-12-18 13:54 . 2013-12-18 13:54 -------- d-----w- c:\program files\JAM Software 2013-12-17 23:27 . 2013-12-17 23:27 -------- d-----w- c:\program files\Defraggler 2013-12-17 21:47 . 2013-12-17 21:47 -------- d-----w- c:\documents and settings\Barbie\Application Data\Malwarebytes 2013-12-17 18:50 . 2013-12-26 22:10 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2013-12-17 18:50 . 2013-12-17 18:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2013-12-17 17:24 . 2013-12-26 21:43 -------- d-----w- c:\windows\system32\wbem\Logs 2013-12-17 17:19 . 2013-12-17 17:19 -------- d-----w- c:\windows\system32\wbem\mof\good 2013-12-17 17:19 . 2013-12-17 17:19 -------- d-----w- c:\windows\system32\wbem\mof\bad 2013-12-11 18:24 . 2013-12-11 19:24 9272200 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2013-11-28 17:20 . 2013-11-28 17:20 -------- d-----w- c:\documents and settings\Barbie\Application Data\AVG2013 2013-11-28 17:20 . 2013-11-28 17:20 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013 2013-11-28 17:16 . 2013-11-29 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2013 2013-11-28 17:14 . 2013-11-28 17:14 -------- d-----w- c:\program files\AVG 2013-11-28 17:11 . 2013-11-29 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2013-11-28 17:11 . 2013-11-28 18:04 -------- d-----w- c:\documents and settings\Barbie\Local Settings\Application Data\Avg2013 2013-11-28 17:11 . 2013-11-28 17:11 -------- d-----w- c:\documents and settings\Barbie\Local Settings\Application Data\MFAData . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-12-17 19:06 . 2013-06-21 18:48 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-12-17 19:06 . 2013-06-21 18:48 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-12-17 19:06 . 2013-06-21 18:48 410528 ----a-w- c:\windows\system32\drivers\aswsp.sys 2013-12-17 19:06 . 2013-06-21 18:48 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2013-12-17 19:06 . 2013-06-21 18:48 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-12-17 19:06 . 2013-06-21 18:48 43152 ----a-w- c:\windows\avastSS.scr 2013-12-17 19:06 . 2013-06-14 20:57 270240 ----a-w- c:\windows\system32\aswBoot.exe 2013-12-11 19:25 . 2012-11-01 19:51 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-12-11 19:24 . 2012-11-01 19:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-11-20 02:19 . 2013-11-20 02:19 247192 ----a-w- c:\windows\system32\drivers\aswndis2.sys 2013-11-14 21:09 . 2013-11-14 21:09 715038 ----a-w- c:\windows\unins000.exe 2013-11-13 03:00 . 2004-08-03 23:03 150528 ------w- c:\windows\system32\imagehlp.dll 2013-11-07 05:38 . 2004-08-03 23:03 591360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-11-06 01:36 . 2008-05-05 05:25 7680 ----a-w- c:\windows\system32\xpsp4res.dll 2013-10-30 22:45 . 2013-06-21 18:48 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-10-30 02:51 . 2004-08-03 22:56 1879168 ------w- c:\windows\system32\win32k.sys 2013-10-29 07:45 . 2004-08-03 23:03 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-10-29 07:45 . 2004-08-03 23:03 920064 ----a-w- c:\windows\system32\wininet.dll 2013-10-29 07:45 . 2004-08-03 23:03 43520 ------w- c:\windows\system32\licmgr10.dll 2013-10-29 07:45 . 2004-08-03 23:03 18944 ------w- c:\windows\system32\corpol.dll 2013-10-29 00:48 . 2004-08-03 22:55 385024 ------w- c:\windows\system32\html.iec 2013-10-23 23:45 . 2008-05-09 10:56 172032 ----a-w- c:\windows\system32\scrrun.dll 2013-10-17 16:22 . 2013-10-17 16:23 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-10-17 16:22 . 2013-10-17 16:23 145408 ----a-w- c:\windows\system32\javacpl.cpl 2013-10-14 18:41 . 2013-06-21 18:48 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2013-10-14 18:41 . 2013-10-30 22:37 104752 ----a-w- c:\windows\system32\drivers\aswFW.sys 2013-10-12 15:57 . 2004-08-03 23:03 279040 ----a-w- c:\windows\system32\oakley.dll 2013-10-09 13:13 . 2004-08-03 23:03 287744 ----a-w- c:\windows\system32\gdi32.dll 2013-10-07 11:00 . 2004-08-03 23:03 606720 ----a-w- c:\windows\system32\crypt32.dll 2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 13:30 216064 --sh--r- c:\windows\system32\nbDX.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2013-12-17 19:06 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1AMPCBOK] @="{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}" [HKEY_CLASSES_ROOT\CLSID\{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}] 2010-03-18 09:09 297808 ----a-w- c:\windows\system32\mscoree.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-12-19 5625624] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2003-03-09 188416] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-17 3764024] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ ICIDU 11n USB Wireless LAN Utility.lnk - c:\program files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe /H [2012-9-22 1015808] Wireless Configuration Utility.lnk - c:\program files\Thomson\TG122n\WlanCU.exe [2010-12-7 380928] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^Barbie^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk] path=c:\documents and settings\Barbie\Menu Start\Programma's\Opstarten\LimeWire On Startup.lnk backup=c:\windows\pss\LimeWire On Startup.lnkStartup . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" -s "uTorrent"="e:\muziek en programma's\uTorrent\uTorrent.exe" /MINIMIZED "AROReminder"=c:\program files\ARO 2013\ARO.exe -rem "ccleaner"="c:\program files\CCleaner\ccleaner.exe" /AUTO . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\msiexec.exe"= "c:\\Program Files\\DownloadManager\\jre\\bin\\javaw.exe"= "c:\\Program Files\\ICIDU\\ICIDU 11n USB Wireless LAN\\RtWLan.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "f:\\Muziek en programma's\\VLC\\vlc.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Documents and Settings\\Barbie\\Application Data\\uTorrent\\uTorrent.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "50005:TCP"= 50005:TCP:utorrent 3.0 "50005:UDP"= 50005:UDP:utorrent 3.0 "1542:TCP"= 1542:TCP:Realtek WPS TCP Prot "1542:UDP"= 1542:UDP:Realtek WPS UDP Prot "53:UDP"= 53:UDP:Realtek AP UDP Prot "2987:TCP"= 2987:TCP:Connectify File Sharing "16765:TCP"= 16765:TCP:BitComet 16765 TCP "16765:UDP"= 16765:UDP:BitComet 16765 UDP . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [21-6-2013 19:48 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [21-6-2013 19:48 180248] R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [28-2-2013 21:24 13560] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [21-6-2013 19:48 775952] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [21-6-2013 19:48 410528] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22-7-2011 17:27 12880] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [12-7-2011 22:55 67664] R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [10-10-2013 23:54 120088] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [21-6-2013 19:48 67824] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [23-1-2012 5:43 92592] R2 WLNdis50;Wireless Lan NDIS Protocol I/O Control;c:\windows\system32\drivers\WLNdis50.sys [7-12-2010 18:27 20480] S0 lyxooctl;lyxooctl;c:\windows\system32\drivers\onaoq.sys --> c:\windows\system32\drivers\onaoq.sys [?] S1 jdbkjbbn;jdbkjbbn;\??\c:\windows\system32\drivers\jdbkjbbn.sys --> c:\windows\system32\drivers\jdbkjbbn.sys [?] S2 aswFsBlk;aswFsBlk;\??\c:\windows\system32\drivers\aswFsBlk.sys --> c:\windows\system32\drivers\aswFsBlk.sys [?] S2 WLSVC;WLSVC;c:\program files\Thomson\TG122n\WLSVC.exe [7-12-2010 18:27 167936] S3 cnnctfy2MP;cnnctfy2MP;c:\windows\system32\DRIVERS\cnnctfy2.sys --> c:\windows\system32\DRIVERS\cnnctfy2.sys [?] S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [6-5-2011 14:57 13904] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [17-12-2013 19:50 40776] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [7-12-2010 18:27 588032] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-12-06 17:46 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-12-26 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-01 19:25] . 2013-12-26 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-06-21 19:06] . 2013-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-13 20:59] . 2013-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-13 20:59] . 2013-12-26 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07] . 2013-12-26 c:\windows\Tasks\Start Registry Reviver for HP-DD4A2B89C61D@Barbie(logon).job - c:\program files\ReviverSoft\Registry Reviver\RegistryReviver.exe [2013-11-12 11:25] . 2013-12-26 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 3f720467-c120-440a-8a6b-9e60b96573e4.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08] . 2013-12-25 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 664a0bb6-1703-49a7-96e6-e3122cb51513.job - c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08] . 2013-12-26 c:\windows\Tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://mozilla firefox/ mStart Page = about:blank Trusted Zone: pc-helpforum.be TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\documents and settings\Barbie\Application Data\Mozilla\Firefox\Profiles\k34p2zue.default-1388092157578\ FF - prefs.js: browser.startup.homepage - Google . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) ShellIconOverlayIdentifiers-{4d87b7a7-23f1-470c-aa45-96b25b9bd138} - (no file) AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files\GreenTree Applications\YTD Video Downloader\uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-12-27 00:41 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . . C:\avast! sandbox . Scan succesvol afgerond verborgen bestanden: 1 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(3184) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files\Java\jre7\bin\jqs.exe c:\windows\system32\wscntfy.exe c:\program files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe . ************************************************************************** . Voltooingstijd: 2013-12-27 00:50:33 - machine werd herstart ComboFix-quarantined-files.txt 2013-12-26 23:50 . Pre-Run: 17.210.912.768 bytes beschikbaar Post-Run: 17.296.568.320 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut . - - End Of File - - E576B59BA2CD9AAED696576089FBD5F9 3051207086651214E435112E51817DC5 Mvg, D. Bank
  12. didierbank1
    Goedemiddag, Het programma ccleaner had ik al, die gebruik ik dagelijks. Na het schoonmaken van ccleaner had ik nog steeds exact dezelfde problemen, zie 1e mail. Mvg, D. Bank
  13. didierbank1
    Goedemiddag, Er is inderdaad een hoop rotzooi verwijderd denk ik. Ik heb een paar dagen achter elkaar bij het opstarten van mijn computer de foutcode gekregen: 0x00000000 heeft met het geheugen temaken geloof ik. Nu krijg ik die code niet meer gelukkig. Wel heb ik nog steeds het probleem met het openen van mail ware bites anti mailware code 339 zie 1 e mailtje van mij en norman malware cleaner kan ook nog steeds niet opgestart worden zelfde foutcode ook in 1e mail. Kan het iets met een geheugen of register probleem te maken hebben. Ik hoor graag van je. Mvg, D. Bank
  14. didierbank1
    Hier komt het 3e logje zoals gevraagd: ESETSmartInstaller@High as downloader log: Can not read file from internet.ESETSmartInstaller@High as downloader log: Can not read file from internet.Can not open internetESETSmartInstaller@High as downloader log: Can not open internetCan not open internetESETSmartInstaller@High as downloader log: Can not read file from internet.ESETSmartInstaller@High as downloader log: Can not read file from internet.Can not open internetESETSmartInstaller@High as downloader log: Can not open internetCan not read file from internet.ESETSmartInstaller@High as downloader log: Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log: Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log: Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log: Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log: Can not read file from internet.# version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=e5e8db09532b8748a386751b7de50227 # engine=16376 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-12-23 11:29:18 # local_time=2013-12-24 12:29:18 (+0100, West-Europa (standaardtijd)) # country="Netherlands" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=774 16777213 85 71 528102 6065297 0 0 # scanned=316510 # found=40 # cleaned=40 # scan_time=17610 sh=426D858B6F2720746B1F8642956D9FCB39518ECD ft=1 fh=ce4ca38e6f58ee13 vn="a variant of Win32/InstallCore.CH application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Alcohol120_trial_2.0.2.4713.exe" sh=01E0B8C801CAE264F38EAAB97E68BF9963BDF895 ft=1 fh=c674dd3f2298afdb vn="a variant of Win32/ToolkitOffers.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\AresCatcher_ST.exe" sh=51D8F3AEE11DBDF06F47E970A1971E087EE7D631 ft=1 fh=7781c2a6b2ae6b57 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\avc-free.exe" sh=8FED8B0A2D646AECA2C5EF60FD7A98901AA9CAC3 ft=1 fh=531c0e216047db7b vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\dfsetup216.exe" sh=EE9D265E3F740D10795D374CFAAF8DDCD7F2D4E1 ft=1 fh=55b5500b9f3dce66 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\FreeStudio(1).exe" sh=F6A973A570422C0C1C79DC5AD9DC11B78EA3A1EE ft=1 fh=bb2dba8137f42e39 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\FreeYouTubeDownload(2).exe" sh=52A0B3BE7359CBF91825C42998F7D010EAED3273 ft=1 fh=4acb1de59817921c vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\FreeYouTubeToMP3Converter.exe" sh=7328A3573257E4C5F921920A8FC4DD552232BDCC ft=1 fh=ec23792525d0a121 vn="Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\jZipSetup.exe" sh=929A68B6AA0BAF093E38105D6F36538AEE660D63 ft=1 fh=637873bc96a6ce35 vn="Win32/Toolbar.Babylon.T application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\ReimageRepair(2).exe" sh=A981E3D6F03D3BD57D1472F33A4093A01533F8A8 ft=1 fh=7aaf7b3d0491af48 vn="a variant of MSIL/AdvancedSystemProtector.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\wzmp_8.exe" sh=929A68B6AA0BAF093E38105D6F36538AEE660D63 ft=1 fh=637873bc96a6ce35 vn="Win32/Toolbar.Babylon.T application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe" sh=6F3A3B433459E6773C9FBE8CFB154DB6534EFA86 ft=1 fh=60bff0ff01dbe663 vn="a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\VideoConverter\VideoConverter.exe" sh=929A68B6AA0BAF093E38105D6F36538AEE660D63 ft=1 fh=637873bc96a6ce35 vn="Win32/Toolbar.Babylon.T application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{527BF03A-D801-49A5-BE59-B026ACE9447A}\RP1210\A0363801.exe" sh=45BB20CBB2D8A3A5768CB0E26C2649D6EADD5B24 ft=1 fh=de380bf3bdc3ccf2 vn="a variant of Win32/FirseriaInstaller.A application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{527BF03A-D801-49A5-BE59-B026ACE9447A}\RP1212\A0364160.exe" sh=929A68B6AA0BAF093E38105D6F36538AEE660D63 ft=1 fh=637873bc96a6ce35 vn="Win32/Toolbar.Babylon.T application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{527BF03A-D801-49A5-BE59-B026ACE9447A}\RP1212\A0364199.exe" sh=245EE219F65DAEA82C4F24EF5B24592085F185CA ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_0_extensions_firefox@secretsauce.biz.xpi.vir" sh=1EC16107D1491E1B0614ADCA6CEECDC54114DBA3 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_0_extensions_firefox@springsmart.net.xpi.vir" sh=245EE219F65DAEA82C4F24EF5B24592085F185CA ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_cyn6v1jy.default-1361706640046_extensions_firefox@secretsauce.biz.xpi.vir" sh=1EC16107D1491E1B0614ADCA6CEECDC54114DBA3 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_cyn6v1jy.default-1361706640046_extensions_firefox@springsmart.net.xpi.vir" sh=245EE219F65DAEA82C4F24EF5B24592085F185CA ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_extensions_extensions_firefox@secretsauce.biz.xpi.vir" sh=1EC16107D1491E1B0614ADCA6CEECDC54114DBA3 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_extensions_extensions_firefox@springsmart.net.xpi.vir" sh=245EE219F65DAEA82C4F24EF5B24592085F185CA ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_wapo6j95.default-1369758160968_extensions_firefox@secretsauce.biz.xpi.vir" sh=1EC16107D1491E1B0614ADCA6CEECDC54114DBA3 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_wapo6j95.default-1369758160968_extensions_firefox@springsmart.net.xpi.vir" sh=4DE674DF0EB65EDD389ACE226BECC1AB929A22BE ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Local Settings_Application Data_Google_Chrome_User Data_Default_Extensions_dbpebffoameokfhnaaedmefjncfboino\1.0.0_0\background.js" sh=9DE91EC13C9A68B60F5E28A50D15C77D2613F21A ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Local Settings_Application Data_Google_Chrome_User Data_Default_Extensions_dbpebffoameokfhnaaedmefjncfboino\1.0.0_0\content.js" sh=31E02459E4D3C8F6C9C7CBD9FEF432F6A6AAAA66 ft=1 fh=837711c08946fd34 vn="a variant of Win32/Bundled.Toolbar.Ask.A application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\Downloads\software\dfx9Setup-RealPlayer.exe" sh=40162FBAAF914B42C31B0BC79BC28E06E47F684D ft=1 fh=e487529da8e046a1 vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\Downloads\software\isoHunt.exe" sh=B667276229356713C982E464C737C26BD62B328A ft=1 fh=0f9044be930a20ab vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\Kopie van programma's en mappen van laptop\isoHunt\tbiso0.dll" sh=DB1C8E852F46071B2163E77F88966B7951A2CE59 ft=1 fh=fcd24e9a58665dd2 vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\Kopie van programma's en mappen van laptop\isoHunt\tbiso1.dll" sh=297834C3BA7DDC4ED4662C56468655B25C7B0D62 ft=1 fh=c7091104e653332e vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\Kopie van programma's en mappen van laptop\isoHunt\tbisoH.dll" sh=B667276229356713C982E464C737C26BD62B328A ft=1 fh=0f9044be930a20ab vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\programma's en mappen van laptop\isoHunt\tbiso0.dll" sh=DB1C8E852F46071B2163E77F88966B7951A2CE59 ft=1 fh=fcd24e9a58665dd2 vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\programma's en mappen van laptop\isoHunt\tbiso1.dll" sh=297834C3BA7DDC4ED4662C56468655B25C7B0D62 ft=1 fh=c7091104e653332e vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\programma's en mappen van laptop\isoHunt\tbisoH.dll" sh=259145F5DA9C404C5CC16214CD008A4E772C7F7C ft=1 fh=4356b2e9e386f2d4 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\avc5-beta.exe" sh=EE9D265E3F740D10795D374CFAAF8DDCD7F2D4E1 ft=1 fh=55b5500b9f3dce66 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\FreeStudio(1).exe" sh=F09BFAAA7F1EAF092781DD61A62476BECA51AABA ft=1 fh=0a689d192f2cbfb3 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\FreeYouTubeConverter.exe" sh=33F37B9CE815EE2CB4EEA7D5C6188C714646523F ft=1 fh=d6b29b6b8776dad0 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\FreeYouTubeToDVDConverter (1).exe" sh=33F37B9CE815EE2CB4EEA7D5C6188C714646523F ft=1 fh=d6b29b6b8776dad0 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\FreeYouTubeToDVDConverter.exe" sh=52A0B3BE7359CBF91825C42998F7D010EAED3273 ft=1 fh=4acb1de59817921c vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\FreeYouTubeToMP3Converter.exe" sh=3B9D8B381EA4546E8E117387D0925F96328F0F47 ft=1 fh=bf9133a686d8a750 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\Quick media converter\QuickMediaConverter\AskInstallChecker.exe" Mvg, D. Bank
  15. didierbank1
    goede avond, Ik heb nog steeds exact dezelfde problemen Een ander programma die ik gebruik is norman malware cleaner. die heb ik eraf gegooid en opnieuw gedownload, maar kan niet geopend worden. Krijg volgende melding : Norman malware cleaner.exe toepassingsfout de instructie op 0x0044f31b verwijst naar geheugen op 0x00000000. De lees - of schijfbewerking ("Read") op het geheugen is mislukt. Dus er is nog niets opgelost. Je zij dat er veel rotzooi verwijderd is wat voor rotzooi is dat eigenlijk. Ik hoor graag verder van je hoe we dit nu verder moeten oplossen. Ik hoop dat het niets ernstigs is. Ook heb ik het idee dat ik een aantal essentiele plugins of ad ons mis die belangrijk zijn voor de werking van een aantal programma's Mvg, D. Bank
  16. didierbank1
    Hier is het 2e logje: Zoek.exe v5.0.0.0 Updated 18-December-2013 Tool run by Barbie on do 19-12-2013 at 20:23:57,98. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Barbie\Bureaublad\zoek\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 19-12-2013 20:27:19 Zoek.exe System Restore Point Created Succesfully. ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Empty Folders Check ====================== C:\Program Files\7-Zip deleted successfully C:\Program Files\Notificatoin deleted successfully C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite deleted successfully C:\Documents and Settings\All Users\Application Data\TuneUp360 deleted successfully C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted successfully C:\Documents and Settings\All Users\Application Data\{BECCA440-C137-43CD-BA7B-AE580F9F6D17} deleted successfully C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully C:\Documents and Settings\Barbie\Application Data\CheckPoint deleted successfully C:\Documents and Settings\Barbie\Application Data\Media Player Classic deleted successfully C:\Documents and Settings\Barbie\Application Data\MyHeritage deleted successfully C:\Documents and Settings\Barbie\Application Data\Nico Mak Computing deleted successfully C:\Documents and Settings\Barbie\Application Data\Opera deleted successfully C:\Documents and Settings\Barbie\Application Data\Opera Software deleted successfully C:\Documents and Settings\Barbie\Application Data\ProjectWhois deleted successfully C:\Documents and Settings\Barbie\Application Data\Solvusoft deleted successfully C:\Documents and Settings\Barbie\Application Data\WinRAR deleted successfully C:\Documents and Settings\LocalService\Application Data\Apple Computer deleted successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\7-Zip Uninstaller deleted successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\Downloaded Installations deleted successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\Opera deleted successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\Opera Software deleted successfully C:\Documents and Settings\LocalService\Local Settings\Application Data\Google deleted successfully C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe C:\Program Files\Thomson\TG122n\WlanCU.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Barbie\Bureaublad\zoek\zoek.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k imgsvc ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeKrnl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\iSafeKrnl deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeNetFilter deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\iSafeNetFilter deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_19-12-2013_2042_.backup ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\9i26fnay.default-1387215526984 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_19-12-2013_2042_.backup ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046 user.js not found ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- prefs_19-12-2013_2042_.backup ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_19-12-2013_2042_.backup ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_06-06-2013_1911_.backup prefs_19-12-2013_2042_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] ==== Deleting Files \ Folders ====================== C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936} not found C:\Documents and Settings\All Users\Application Data\{BECCA440-C137-43CD-BA7B-AE580F9F6D17} not found C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found C:\Documents and Settings\All Users\Application Data\YTD Video Downloader deleted C:\WINDOWS\searchplugins deleted C:\Documents and Settings\Barbie\AppData\LocalLow\{90BA7902-D332-33D8-38F8-A1F5CEDF96CF} deleted C:\Program Files\ARO 2013 deleted C:\Program Files\Common Files\DVDVideoSoft\bin deleted C:\Program Files\Chrome deleted C:\extensions deleted C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\YAC.lnk deleted C:\Documents and Settings\Barbie\Application Data\SecureSearch deleted C:\Documents and Settings\Barbie\Application Data\eCyber deleted C:\Documents and Settings\Barbie\Application Data\Sammsoft deleted C:\Documents and Settings\Barbie\Mijn documenten\Mijn muziek\Qtrax Media Library deleted C:\Documents and Settings\All Users\Application Data\lpm.dat deleted C:\Documents and Settings\All Users\Application Data\InstallMate deleted C:\Documents and Settings\All Users\Menu Start\Programma's\ARO 2013 deleted C:\Documents and Settings\All Users\Menu Start\Programma's\YTD Video Downloader deleted C:\Documents and Settings\All Users\Menu Start\Programma's\YAC deleted C:\WINDOWS\tasks\At1.job deleted C:\WINDOWS\tasks\At2.job deleted C:\WINDOWS\system32\sasnative32.exe deleted C:\WINDOWS\System32\InstallUtil.InstallLog deleted C:\WINDOWS\system32\RegistryHelperLM.ocx deleted C:\WINDOWS\system32\SafeAppRichList.ocx deleted C:\WINDOWS\system32\CUUpdateComponent.ocx deleted C:\WINDOWS\system32\ComputerUpdaterLM.ocx deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\firefox@secretsauce.biz.xpi deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\firefox@springsmart.net.xpi deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\staged deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046\extensions\firefox@secretsauce.biz.xpi deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046\extensions\firefox@springsmart.net.xpi deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046\extensions\staged deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions\extensions\firefox@secretsauce.biz.xpi deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions\extensions\firefox@springsmart.net.xpi deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions\extensions\staged deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968\extensions\firefox@secretsauce.biz.xpi deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968\extensions\firefox@springsmart.net.xpi deleted C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968\extensions\staged deleted "C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm" deleted "C:\Documents and Settings\All Users\Application Data\88a231b3c222c722\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted "C:\Documents and Settings\All Users\Application Data\88a231b3c222c722\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted "C:\Documents and Settings\All Users\Application Data\88a231b3c222c722\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}.old" deleted "C:\Documents and Settings\All Users\Application Data\88a231b3c222c722" deleted ==== System Specs ====================== Windows: Windows XP Professional Service Pack 3 (Build 2600) Memory (RAM): 1016 MB CPU Info: Intel® Pentium® 4 CPU 2.80GHz CPU Speed: 2749,6 MHz Sound Card: HD Audio-opbouw | Display Adapters: Intel® 82945G Express Chipset Family | NetMeeting driver | RDPDD Chained DD Monitors: 1x; Plug en Play-monitor | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Broadcom NetXtreme Gigabit Ethernet - Pakketplanner-minipoort CD / DVD Drives: 1x (D: | ) D: ASUS DRW-2014S1 Ports: COM1 LPT1 Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 37,3GB | F: 1863,0GB Hard Disks - Free: C: 18,5GB | F: 51,6GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 05/18/05 | COMPAQ - 20050518 Time Zone: West-Europa (standaardtijd) Motherboard *: Hewlett-Packard 09F8h Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Updated) Default Browser: Firefox 26.0 Internet Explorer version: 8.0.6001.18702 Mozilla Firefox version: 26.0 (x86 en-US) Google Chrome version: 31.0.1650.63 Adobe Reader version: 11.0.04.63 Sun Java version: 1.7.0_45 (32-bit) Shockwave Player version: 12.0.5r146 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\WINDOWS\TEMP ==== 2013-12-19 17:03:50 EEC6C1C92BF3E8B3127108A039E70B82 204800 ----atw- C:\Documents and Settings\Barbie\Local Settings\Temp\n4936\ins4936.exe 2013-12-18 19:21:56 91ADC0E26FAEA06BB588AC7C215452CA 17838984 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\fp_pl_pfs_installer.exe 2013-12-17 21:00:28 EF57B3A411E343488B3349106FA22C9B 8988208 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\ReimagePackage.exe ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2013-12-11 18:24:22 FBF7382E267457A20BFE784DA2F2BF2F 9272200 ----a-w- C:\WINDOWS\System32\FlashPlayerInstaller.exe ====== C:\WINDOWS\system32\drivers ===== 2013-12-18 16:11:07 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys 2013-12-17 18:50:48 0DB7527DB188C7D967A37BB51BBF3963 40776 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys 2013-11-20 02:19:04 C7D4AC5D4A6A42A2D1476AD3D508FC2B 247192 ----a-w- C:\WINDOWS\System32\drivers\aswndis2.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2013-12-19 17:09:33 -------- d-----w- C:\Program Files\trend micro 2013-12-18 18:19:03 -------- d-----w- C:\Program Files\Reimage 2013-12-18 13:54:06 -------- d-----w- C:\Program Files\JAM Software 2013-12-17 23:27:47 -------- d-----w- C:\Program Files\Defraggler 2013-12-12 02:20:27 -------- d-----w- C:\Program Files\Common Files\ODBC 2013-11-28 17:14:14 -------- d-----w- C:\Program Files\AVG ======= C: ===== ====== C:\Documents and Settings\Barbie\Application Data ====== 2013-12-18 14:14:16 A0FE65B74D13A870E3006977C04D81AB 119 ----a-w- C:\Documents and Settings\Barbie\Application Data\mbam.context.scan 2013-12-18 13:54:19 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\JAM Software 2013-11-28 17:20:53 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\AVG2013 2013-11-28 17:20:06 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Application Data\AVG2013 2013-11-28 17:14:17 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013 2013-11-28 17:11:16 -------- d-----w- C:\Documents and Settings\Barbie\Local Settings\Application Data\Avg2013 2013-11-25 20:03:32 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\licenses 2013-11-25 20:03:29 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\PCMM2009 2013-11-25 20:03:18 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\PCMM2013 ====== C:\Documents and Settings\Barbie ====== 2013-12-19 17:08:35 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\RSIT.exe 2013-12-19 17:03:43 D7FE5BEA19602156BD9688A259BC5304 194920 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\Norman%20Malware%20Cleaner.exe 2013-12-19 17:00:53 -------- d--h--r- C:\Documents and Settings\Barbie\Onlangs geopend 2013-12-15 12:47:25 FFA683DC592D4E91F76714D9BA2272D1 1226750 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\adwcleaner.exe 2013-11-25 19:40:41 -------- d-----w- C:\ProgramData\Microsoft ====== C: exe-files == 2013-12-19 18:20:23 27A9730A7AE1E6283CCFCE09E6F34F09 68384 ----a-w- C:\WINDOWS\Temp\1c90a8ba-5c03-467d-bea0-2ae10fd9b621\ProtectorUpdater.exe 2013-12-19 18:20:02 6088CAD441E67E41A0B651B22872E927 7333392 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\UJNBAZB9\ProtectorPackage1013[1].exe 2013-12-19 17:09:36 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Barbie.exe 2013-12-19 17:08:35 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\RSIT.exe 2013-12-19 17:07:56 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\RSIT.exe 2013-12-19 17:03:50 EEC6C1C92BF3E8B3127108A039E70B82 204800 ----atw- C:\Documents and Settings\Barbie\Local Settings\Temp\n4936\ins4936.exe 2013-12-19 17:03:43 D7FE5BEA19602156BD9688A259BC5304 194920 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\Norman%20Malware%20Cleaner.exe 2013-12-19 17:03:18 D7FE5BEA19602156BD9688A259BC5304 194920 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Norman%20Malware%20Cleaner.exe 2013-12-19 08:05:08 474B0BA3E5FB3A5A9D85C82C45DB420B 317496 ----a-w- C:\Program Files\Reimage\Reimage Repair\ProtectorUpdater.exe 2013-12-19 08:05:06 CFA3018F22821237B714A5BAF18D6C56 5759832 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReiScanner.exe 2013-12-19 08:04:36 7AEDF316DAC452EF8F76FDE897BDCA4B 4023656 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe 2013-12-19 08:02:48 98A021A4C022978F90FFB6DBBB3A6C59 3466592 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe 2013-12-19 08:02:34 DCC5AEC4BBFF6C4B9231CA8572FB1DA3 483072 ----a-w- C:\Program Files\Reimage\Reimage Repair\CDB.exe 2013-12-18 19:21:56 91ADC0E26FAEA06BB588AC7C215452CA 17838984 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\fp_pl_pfs_installer.exe 2013-12-18 18:41:29 E5530C24F95262CD148A06A047B82802 24805592 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Windows-KB890830-V5.7.exe 2013-12-18 18:25:59 93674CF1054782C57042E30A9621218B 714960 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\ReimageRepair(1).exe 2013-12-18 18:19:05 93674CF1054782C57042E30A9621218B 714960 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe 2013-12-18 18:18:06 93674CF1054782C57042E30A9621218B 714960 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\ReimageRepair.exe 2013-12-18 16:25:45 3B008CBE517B1C53C3F632E5047D4663 1734736 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\PCMightyMax2013_704_18746543.exe 2013-12-18 16:12:34 826737D84E84E4AA6423DBE46801D3C8 1937144 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\rkill.exe 2013-12-18 16:09:34 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\RECYCLER\S-1-5-21-1060284298-1677128483-725345543-1003\Dc1.exe 2013-12-18 16:08:42 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\svhost.exe 2013-12-18 15:58:37 326BD5EE356ED04A7326E52EAC637DE5 4554384 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\ARO2013.exe 2013-12-18 15:39:42 3C2A9F3195CDDD8943971DC8A677EF25 294912 ----a-w- C:\WINDOWS\Temp\bcdedit.exe 2013-12-18 14:14:36 F8924781B47BC29FD9D84E051A284DB1 79190 ----a-w- C:\WINDOWS\Prefetch\svchost.exe 2013-12-18 13:54:07 767A479307768F593716123982007D01 2519432 ----a-w- C:\Program Files\JAM Software\TreeSize Free\TreeSizeFree.exe 2013-12-18 13:54:06 A2F23A968A536C320EC28D16EBDEFB4E 1235336 ----a-w- C:\Program Files\JAM Software\TreeSize Free\unins000.exe 2013-12-18 13:53:17 7668B845A29E5529D50F27DA78F3C288 3350608 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\TreeSizeFreeSetup.exe 2013-12-18 13:49:52 74FEDDA2161CE57AA7CC65A184B6110A 6202120 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\WindowsMedia-KB891122-x86-ENU.exe 2013-12-18 12:52:18 0DD3C1181CA04EA6714A421C273A3A0E 1141328 ----a-w- C:\Documents and Settings\Barbie\Application Data\uTorrent\updates\3.3.2_30171.exe 2013-12-18 12:29:44 B91FE1536AB4D680DDD77469EA3FD4BF 24097311 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\vlc-2.1.2-win32.exe 2013-12-17 23:26:52 D98979ABFF32EB76C5AB7527F714FFF8 4208656 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\dfsetup216.exe 2013-12-17 21:00:28 EF57B3A411E343488B3349106FA22C9B 8988208 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\ReimagePackage.exe 2013-12-17 18:35:08 DEDB5F9E28EE2C9363E83A2A94BA83B9 139264 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\SystemLook.exe 2013-12-16 22:22:55 3B16B1BBFA9411532C73F62FC219EBC3 916928 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\Downloads\RegHunter_Web_Setup.exe.exe 2013-12-15 12:47:25 FFA683DC592D4E91F76714D9BA2272D1 1226750 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\adwcleaner.exe === C: other files == 2013-12-18 16:11:07 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys 2013-12-17 18:50:48 0DB7527DB188C7D967A37BB51BBF3963 40776 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ContentTransferWMDetector.exe"="C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe" "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" "DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\4389e9f1-ae57-4fc7-8ff0-52821b0e76a2.exe /check" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Barbie^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk] "path"="C:\\Documents and Settings\\Barbie\\Menu Start\\Programma's\\Opstarten\\LimeWire On Startup.lnk" "backup"="C:\\WINDOWS\\pss\\LimeWire On Startup.lnkStartup" "command"="F:\\programma mappen\\Program Files\\LimeWire\\LimeWire.exe -startup" "item"="LimeWire On Startup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\" -s" "uTorrent"="\"E:\\Muziek en programma's\\uTorrent\\uTorrent.exe\" /MINIMIZED" "AROReminder"="C:\\Program Files\\ARO 2013\\ARO.exe -rem" "ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "DivXUpdate"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2013 20:25] C:\WINDOWS\tasks\avast\Undetermined Task.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-02-2013 21:59] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-02-2013 21:59] C:\WINDOWS\tasks\OGALogon.job --a------ C:\WINDOWS\system32\OGAEXEC.exe [03-08-2009 14:07] C:\WINDOWS\tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 03:31] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [15-06-2011 14:04] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046 - Undetermined - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack AppDir: C:\Program Files\Mozilla Firefox - Undetermined - %AppDir%\extensions\staged - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\9i26fnay.default-1387215526984 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dbpebffoameokfhnaaedmefjncfboino - C:\Program Files\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx[] fgeapihpgbepllencafcpkfbjlkogfan - C:\Program Files\Spring Smart\fgeapihpgbepllencafcpkfbjlkogfan.crx[] fplhdcjmbpfkejbhngmlngaecbjmoimd - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx[25-02-2013 10:09] pkmpcdbgnfjfeelcpebpkflcmbkclfho - C:\Documents and Settings\Barbie\Local Settings\Application Data\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[25-11-2013 17:38] pkmpcdbgnfjfeelcpebpkflcmbkclfho - C:\Documents and Settings\Barbie\Local Settings\Application Data\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx[] Instant Savings App - Barbie - Default\Extensions\achhmapmjlcjlomcbmbicbgkihghgnie Google Docs - Barbie - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Barbie - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Barbie - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Barbie - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SecretSauce - Barbie - Default\Extensions\dbpebffoameokfhnaaedmefjncfboino Google Wallet - Barbie - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Barbie - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dbpebffoameokfhnaaedmefjncfboino deleted successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dbpebffoameokfhnaaedmefjncfboino_0.localstorage deleted successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\dbpebffoameokfhnaaedmefjncfboino deleted successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fgeapihpgbepllencafcpkfbjlkogfan_0.localstorage deleted successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\fgeapihpgbepllencafcpkfbjlkogfan deleted successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\achhmapmjlcjlomcbmbicbgkihghgnie deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://mozilla firefox/" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://mozilla" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}" {0191A6B0-1154-4C22-9182-23A95BBE92D9} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dbpebffoameokfhnaaedmefjncfboino deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fgeapihpgbepllencafcpkfbjlkogfan deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite deleted successfully ==== HijackThis Entries ====================== O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\4389e9f1-ae57-4fc7-8ff0-52821b0e76a2.exe /check O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe O24 - Desktop Component AutorunsDisabled: (no name) - (no file) ==== Empty IE Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\8gjesupv.default-1362239606375\Cache emptied successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9i26fnay.default-1387215526984\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== Empty Temp Folders ====================== C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully C:\Documents and Settings\Barbie\Local Settings\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\WINDOWS\TEMP successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on do 19-12-2013 at 20:53:31,29 ======================
  17. didierbank1
    Hier is mijn logje zoals je gevraagd had Logfile of random's system information tool 1.09 (written by random/random) Run by Barbie at 2013-12-19 18:09:33 Microsoft Windows XP Professional Service Pack 3 System drive C: has 19 GB (50%) free of 38 GB Total RAM: 1015 MB (46% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:10:30, on 19-12-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe C:\Program Files\Thomson\TG122n\WlanCU.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Barbie\Bureaublad\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\Barbie.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = PC Helpforum - Gratis hulp bij computer problemen firefox/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: 127\Device\HarddiskVolume1\Program Files\Java\jre7\bin\javaw.exe127.0.0.1 ferreari.it O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\4389e9f1-ae57-4fc7-8ff0-52821b0e76a2.exe /check O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe O24 - Desktop Component AutorunsDisabled: (no name) - (no file) -- End of file - 6006 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\At1.job C:\WINDOWS\tasks\At2.job C:\WINDOWS\tasks\avast! Emergency Update.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\OGALogon.job C:\WINDOWS\tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\9i26fnay.default-1387215526984 prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "https://www.google.nl/" "{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] "Description"=DivX VOD Helper Plug-in "Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0] "Description"=DivX Web Player "Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5] "Description"=VLC Multimedia Plugin "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6] "Description"=VLC Multimedia Plugin "Path"=F:\Muziek en programma's\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0] "Description"=VLC Multimedia Plugin "Path"=F:\Muziek en programma's\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1] "Description"=VLC Multimedia Plugin "Path"=F:\Muziek en programma's\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2] "Description"=VLC Multimedia Plugin "Path"=F:\Muziek en programma's\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ staged C:\Program Files\Mozilla Firefox\components\ nsIBitCometAgent.xpt C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\9i26fnay.default-1387215526984\searchplugins\ Google.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ContentTransferWMDetector.exe"=C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [2009-11-19 583016] "HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [2003-03-09 188416] "DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-08-29 1861968] "AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-17 3764024] "20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\4389e9f1-ae57-4fc7-8ff0-52821b0e76a2.exe [2013-11-23 180184] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Barbie^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk] F:\programma mappen\Program Files\LimeWire\LimeWire.exe -startup [] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten ICIDU 11n USB Wireless LAN Utility.lnk - C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe Wireless Configuration Utility.lnk - C:\Program Files\Thomson\TG122n\WlanCU.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2007-08-24 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=221 "NoDriveAutoRun"=67108863 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup" "C:\Program Files\DownloadManager\jre\bin\javaw.exe"="C:\Program Files\DownloadManager\jre\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe"="C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe:*:Enabled:RtWlan" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox" "F:\Muziek en programma's\VLC\vlc.exe"="F:\Muziek en programma's\VLC\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "F:\Muziek en programma's\BTSync.exe"="F:\Muziek en programma's\BTSync.exe:*:Enabled:BitTorrent Sync" "C:\Documents and Settings\Barbie\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Barbie\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Installer voor AVG" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=l3codecp.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.WMV3"=wmv9vcm.dll "VIDC.FFDS"=ff_vfw.dll "msacm.avis"=ff_acm.acm "vidc.DIVX"=DivX.dll "vidc.yv12"=DivX.dll "VIDC.LAGS"=lagarith.dll "vidc.XVID"=xvidvfw.dll ======List of files/folders created in the last 1 month====== 2013-12-19 18:09:33 ----D---- C:\rsit 2013-12-19 18:09:33 ----D---- C:\Program Files\trend micro 2013-12-18 19:19:03 ----D---- C:\Program Files\Reimage 2013-12-18 19:18:58 ----D---- C:\rei 2013-12-18 17:11:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2013-12-18 17:11:07 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2013-12-18 17:02:03 ----D---- C:\AdwCleaner 2013-12-18 17:00:45 ----D---- C:\Documents and Settings\Barbie\Application Data\Sammsoft 2013-12-18 14:54:19 ----D---- C:\Documents and Settings\Barbie\Application Data\JAM Software 2013-12-18 14:54:06 ----D---- C:\Program Files\JAM Software 2013-12-18 00:27:47 ----D---- C:\Program Files\Defraggler 2013-12-17 22:47:17 ----D---- C:\Documents and Settings\Barbie\Application Data\Malwarebytes 2013-12-17 19:50:48 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2013-12-17 19:50:32 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2013-12-17 18:14:35 ----D---- C:\Documents and Settings\Barbie\Application Data\eCyber 2013-12-12 19:41:54 ----D---- C:\Program Files\Mozilla Firefox 2013-12-12 03:20:27 ----D---- C:\Program Files\Common Files\ODBC 2013-12-11 19:24:22 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe 2013-11-28 18:20:53 ----D---- C:\Documents and Settings\Barbie\Application Data\AVG2013 2013-11-28 18:16:43 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2013 2013-11-28 18:14:14 ----D---- C:\Program Files\AVG 2013-11-28 18:11:16 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData 2013-11-26 17:56:27 ----D---- C:\Avenger 2013-11-25 21:03:32 ----D---- C:\Documents and Settings\Barbie\Application Data\licenses 2013-11-25 21:03:29 ----D---- C:\Documents and Settings\Barbie\Application Data\PCMM2009 2013-11-25 21:03:18 ----D---- C:\Documents and Settings\Barbie\Application Data\PCMM2013 2013-11-25 20:40:45 ----D---- C:\Program Files\Notificatoin 2013-11-25 20:40:41 ----D---- C:\ProgramData 2013-11-21 19:26:54 ----D---- C:\Documents and Settings\Barbie\Application Data\Opera Software 2013-11-20 03:19:04 ----A---- C:\WINDOWS\system32\drivers\aswndis2.sys ======List of files/folders modified in the last 1 month====== 2013-12-19 18:10:13 ----D---- C:\WINDOWS\system32\drivers\etc 2013-12-19 18:09:33 ----RD---- C:\Program Files 2013-12-19 18:09:15 ----D---- C:\WINDOWS\Prefetch 2013-12-19 18:07:07 ----D---- C:\WINDOWS\Temp 2013-12-19 18:00:41 ----D---- C:\Documents and Settings\Barbie\Application Data\uTorrent 2013-12-19 18:00:05 ----D---- C:\WINDOWS 2013-12-18 22:34:19 ----N---- C:\WINDOWS\SchedLgU.Txt 2013-12-18 22:34:15 ----D---- C:\WINDOWS\system32\CatRoot2 2013-12-18 20:32:52 ----D---- C:\WINDOWS\Debug 2013-12-18 20:00:04 ----A---- C:\WINDOWS\reimage.ini 2013-12-18 19:17:28 ----D---- C:\WINDOWS\system32 2013-12-18 17:30:18 ----D---- C:\WINDOWS\system32\drivers 2013-12-18 17:00:29 ----D---- C:\Program Files\ARO 2013 2013-12-18 16:48:40 ----D---- C:\Documents and Settings\Barbie\Application Data\DriverTurbo 2013-12-18 16:42:39 ----SHD---- C:\WINDOWS\Installer 2013-12-18 16:42:36 ----D---- C:\WINDOWS\WinSxS 2013-12-18 16:30:02 ----D---- C:\Documents and Settings\All Users\Application Data\Common Toolkit Suite 2013-12-18 16:28:02 ----D---- C:\Program Files\Common Files 2013-12-18 16:23:50 ----RD---- C:\WINDOWS\Offline Web Pages 2013-12-18 13:15:16 ----RSHDC---- C:\WINDOWS\system32\dllcache 2013-12-17 23:00:18 ----D---- C:\Documents and Settings\Barbie\Application Data\Opera 2013-12-17 20:06:50 ----SD---- C:\WINDOWS\Tasks 2013-12-17 20:06:34 ----A---- C:\WINDOWS\system32\aswBoot.exe 2013-12-17 19:27:35 ----D---- C:\WINDOWS\SoftwareDistribution 2013-12-17 18:24:15 ----D---- C:\WINDOWS\system32\wbem 2013-12-17 18:19:27 ----D---- C:\WINDOWS\system32\LogFiles 2013-12-17 18:19:26 ----SD---- C:\WINDOWS\Downloaded Program Files 2013-12-17 18:13:56 ----RSD---- C:\WINDOWS\Fonts 2013-12-15 20:30:47 ----D---- C:\Documents and Settings\Barbie\Application Data\vlc 2013-12-15 14:05:07 ----D---- C:\WINDOWS\system32\config 2013-12-12 20:57:25 ----D---- C:\Program Files\Mozilla Maintenance Service 2013-12-12 07:01:25 ----HD---- C:\WINDOWS\inf 2013-12-12 07:01:14 ----D---- C:\Program Files\Internet Explorer 2013-12-12 07:01:01 ----D---- C:\WINDOWS\ie8updates 2013-12-11 20:25:00 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2013-12-11 13:24:42 ----D---- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader 2013-12-07 19:47:47 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip 2013-12-06 21:43:44 ----D---- C:\Program Files\Common Files\DVDVideoSoft 2013-12-06 21:43:08 ----RSD---- C:\WINDOWS\assembly 2013-12-06 21:43:05 ----D---- C:\Documents and Settings\Barbie\Application Data\DVDVideoSoft 2013-12-01 14:42:48 ----A---- C:\WINDOWS\system32\MRT.exe 2013-11-27 18:04:18 ----D---- C:\Downloads 2013-11-21 22:31:09 ----D---- C:\WINDOWS\searchplugins 2013-11-20 14:27:13 ----D---- C:\Documents and Settings\All Users\Application Data\Norton ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-10-30 49944] R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-12-17 180248] R0 gfibto;gfibto; C:\WINDOWS\system32\drivers\gfibto.sys [2013-06-20 13560] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2013-09-10 466008] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2010-10-18 82380] R1 AswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys [] R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys [] R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-10-14 56080] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-07 12032] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-12-07 21361] R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys [] R2 WLNdis50;Wireless Lan NDIS Protocol I/O Control; C:\WINDOWS\system32\DRIVERS\wlndis50.sys [2008-02-27 20480] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-07-25 176640] R3 HdAudAddService;Microsoft UAA-functiestuurprogramma voor High Definition Audio-service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920] R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-24 5776928] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-07 12288] R3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S0 lyxooctl;lyxooctl; C:\WINDOWS\System32\drivers\onaoq.sys [] S1 iSafeNetFilter;iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys [] S1 jdbkjbbn;jdbkjbbn; \??\C:\WINDOWS\system32\drivers\jdbkjbbn.sys [] S1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S2 aswFsBlk;aswFsBlk; \??\C:\WINDOWS\system32\drivers\aswFsBlk.sys [] S3 catchme;catchme; \??\C:\DOCUME~1\Barbie\LOCALS~1\Temp\catchme.sys [] S3 cnnctfy2MP;cnnctfy2MP; C:\WINDOWS\system32\DRIVERS\cnnctfy2.sys [] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456] S3 iSafeKrnl;iSafeKrnl; \??\C:\Program Files\iSafe\iSafeKrnl.sys [] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176] S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192su.sys [2009-08-05 588032] S3 SONYPVU1;Sony USB-filterstuurrapparaat (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168] S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-17 50344] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-17 182696] R2 ReimageRealTimeProtection;Reimage Real Time Protection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [2013-11-07 4019560] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 WLSVC;WLSVC; C:\Program Files\Thomson\TG122n\WLSVC.exe [2009-02-11 167936] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416] S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-13 116648] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-13 116648] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-12 119408] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 917504] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------
  18. didierbank1
    Goedeavond, IK heb al een tijdje last van het volgende: 1 - Mijn programma Malware bytes anti malware versie 1.75.0.1300 kan niet geopend worden. De volgende boodschap verschijnt: "Run-time error '339': Component 'ieframe.dll' or one of it's dependencies not correctly registered: a fil is missing or invalid. 2 - Mijn programma Reimage repair wordt niet geopend. De volgende melding krijg ik. "Reimage - windows problem relief. Failed to create empty document. 3 - Het programma Aro 2013 wordt helemaal niet geopend 4 - Als ik films download via de pirate bay worden er opeens andere advertentie sites opgestart. Ik heb malware bytes, aro 2013 en reimage repair eraf gegooid en opnieuw gedownload, maar de problemen blijven hetzelfde. Ook heb ik een scan gedaan met spy hunter die heeft wel wat gevonden, maar de problemen blijven. Ik heb mijn c schijf gecontroleerd die was bijna vol nogmaar 2 gigabite geheugen, veel verwijderd nu ongeveer 17 gigabite over. Kunt u mij alstublieft helpen, ik ben hier al dagen mee bezig maar ik kom er niet uit. Met vriendelijke groet, D. Bank
  19. didierbank1
    Goedemiddag, Zo te zien heb ik nu geen problemen meer. In iedergeval hartelijk dank. D. Bank
  20. didierbank1
    Goedeavond, Dit is het 2e logje van zoek exe, het heeft even geduurd voor het logje tevoorschijn kwam. Ik moet nog even uitzoeken hoe het nu gaat met die advertenties die in het scherm verschijnen. Ik heb nog een scan met spyhunter gedaan, die heeft 20 popups gevonden met de naam pup.optimizer pro. Ook heb ik nog een scan gedaan met avast die had 10 virussen gevonden, die heb ik vervolgens verwijderd. Zoek.exe Version 4.0.0.4 Updated 19-08-2013 Tool run by Barbie on wo 21-08-2013 at 23:06:17,34. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results06-06-2013-1902.log 288 bytes C:\zoek-results06-06-2013-2123.log 47779 bytes C:\zoek-results21-08-2013-1419.log 9633 bytes C:\zoek-results21-08-2013-2254.log 4919 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2013-07-22 22:29:16 0695A61E6DFBD19DD51260FFD345E21B 31962 ------w- C:\WINDOWS\SchedLgU.Txt ====== C:\DOCUME~1\Barbie\LOCALS~1\Temp ==== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C: ===== 2013-08-19 16:32:53 5B6482827F5701245504B7793F1DC6A0 4015 ----a-w- C:\AdwCleaner[s21].txt 2013-08-19 16:32:05 55042AE6B64790DFDC6B3C0559CA1DA1 3947 ----a-w- C:\AdwCleaner[R40].txt 2013-08-17 16:01:00 BDBE6B5CC4BB347A95ACA948D6B9A3A6 3891 ----a-w- C:\AdwCleaner[s20].txt 2013-08-17 16:00:29 A15F256E46503A879C6BC00A0CD46FE2 3823 ----a-w- C:\AdwCleaner[R39].txt 2013-07-25 13:32:03 F8E7B2D3E0BB2BAB37C938763DF6AEF2 3769 ----a-w- C:\AdwCleaner[s19].txt 2013-07-25 13:31:28 3B2776C929A5EF2E1483AB5609721A9B 3701 ----a-w- C:\AdwCleaner[R38].txt 2013-07-22 22:27:36 AE60EB4AE945842E62A5D742FC027063 7626 ----a-w- C:\AdwCleaner[s18].txt 2013-07-22 22:25:43 BDE0C80566F2FB6ABC292AB9EA8ED173 6843 ----a-w- C:\AdwCleaner[R37].txt ====== C:\Documents and Settings\Barbie\Application Data ====== ====== C:\Documents and Settings\Barbie ====== 2013-08-21 21:09:02 -------- d--h--r- C:\Documents and Settings\Barbie\Onlangs geopend 2013-08-17 16:16:13 6E091D5203BF903753BA8F97808AD41D 265642960 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\Norman_Malware_Cleaner(3).exe 2013-08-16 21:42:20 -------- d-sh--w- C:\Documents and Settings\Default User\Cookies ====== C: exe-files == 2013-08-21 18:51:42 40DEF02230A41816EE1C185D608BC0F8 6655320 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LFH0PIW7\ProtectorPackage1008[1].exe 2013-08-21 12:39:30 027AEA2BA97E11D8A3891A1944228867 316696 ----a-w- C:\Program Files\Reimage\Reimage Repair\ProtectorUpdater.exe 2013-08-21 12:39:28 2918AB3B509B3F850409C73DB7FC1ECB 5701976 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReiScanner.exe 2013-08-21 12:39:10 2CA40CF9B6BCF46A8CF93C584374DDA6 3494760 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe 2013-08-21 12:36:46 9F596AB062CD2DA58C6BCB1FDF31C4D3 3419488 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe 2013-08-21 12:36:24 5DB100CAF205E6171ECD520470FD9145 479704 ----a-w- C:\Program Files\Reimage\Reimage Repair\CDB.exe 2013-08-20 17:41:41 987ACB0AFD858F43FE837A7D4FBA1A89 711232 ----a-w- C:\Program Files\Smart File Advisor\unins000.exe 2013-08-20 16:28:21 864892D1791A33E066F1D6A61D0A3FED 7876512 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Shockwave_Installer_Slim(4).exe 2013-08-20 16:27:28 864892D1791A33E066F1D6A61D0A3FED 7876512 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Shockwave_Installer_Slim(3).exe 2013-08-17 16:16:13 6E091D5203BF903753BA8F97808AD41D 265642960 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\Norman_Malware_Cleaner(3).exe 2013-08-16 22:03:39 2BF1A08F7CB7752AF697EE228514497F 234872 -c----w- C:\WINDOWS\ie8updates\KB2862772-IE8\spuninst\spuninst.exe 2013-08-16 22:03:32 D9981DC283F5AFC2D3E9C323257A7828 174592 -c----w- C:\WINDOWS\ie8updates\KB2862772-IE8\ie4uinit.exe 2013-08-16 12:51:13 EB43F540338470C8FE4AAE8378780CAA 784224 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\28.0.1500.95\28.0.1500.95_28.0.1500.72_chrome_updater.exe === C: other files == 2013-08-21 18:54:34 AC136B36AA92CE0FAA6D79E6ABBA1F4B 324 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\6452nsh92\FF.bat 2013-08-21 18:54:07 44CFA7B56F77EDE1AE27CC77F15A229E 324 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\7788nse8D\FF.bat 2013-08-21 18:53:37 1D751EC8AAB1B8287A14C5D799CCC659 324 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\6768nsi88\FF.bat 2013-08-21 18:52:45 588E1CC8EAD36CE4F0C2F062C1C39248 324 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\5712nsd83\FF.bat ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046 - Undetermined - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500 - Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension - DivX Plus Web Player HTML5 lt;videogt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 - MyShhOpper - %ProfilePath%\extensions\ui3c6qqp@ubnybast.edu.xpi AppDir: C:\Program Files\Mozilla Firefox - Undetermined - %AppDir%\extensions\staged - avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500 0C8597DBC74AAF5179471BA013E3C6B4 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update AE7B288233C212C62CD544BF768C45E6 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll - Shockwave for Director / Shockwave for Director ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25 D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 F045DF7AF127DC4BCC53421850114E15 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In 3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows® 7D28153B7D586330678AD522B71D89CB - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968 55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25 B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM ==== Deleting Files \ Folders ====================== "C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500\extensions\ui3c6qqp@ubnybast.edu.xpi" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fplhdcjmbpfkejbhngmlngaecbjmoimd - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx[25-02-2013 11:09] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[06-05-2013 10:12] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://mozilla firefox/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://mozilla" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Documents and Settings\Barbie\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\8gjesupv.default-1362239606375\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Barbie\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on wo 21-08-2013 at 23:25:15,28 ====================== Met vriendelijke groet, D. Bank
  21. didierbank1
    Hier is het logje van zoek.exe: Zoek.exe Version 4.0.0.4 Updated 19-08-2013 Tool run by Barbie on wo 21-08-2013 at 13:53:10,46. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe [script inserted] ==== Older Logs ====================== C:\zoek-results06-06-2013-1902.log 288 bytes C:\zoek-results06-06-2013-2123.log 47779 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\WINDOWS\wininit.ini" deleted "C:\WINDOWS\system32\sasnative32.exe" deleted "C:\Documents and Settings\All Users\Bureaublad\YTD Video Downloader.lnk" deleted "C:\Documents and Settings\Barbie\Application Data\Systweak" deleted "C:\Documents and Settings\All Users\Application Data\Systweak" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046 - Undetermined - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500 - Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension - DivX Plus Web Player HTML5 lt;videogt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 - MyShhOpper - %ProfilePath%\extensions\ui3c6qqp@ubnybast.edu.xpi AppDir: C:\Program Files\Mozilla Firefox - Undetermined - %AppDir%\extensions\staged - avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500 0C8597DBC74AAF5179471BA013E3C6B4 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update AE7B288233C212C62CD544BF768C45E6 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll - Shockwave for Director / Shockwave for Director ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25 D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 F045DF7AF127DC4BCC53421850114E15 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In 3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows® 7D28153B7D586330678AD522B71D89CB - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968 55F213A61B82B6174B02881562FE20A0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Plus Web Player ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25 B938C1AE3ADCE166190895685B0BEB0D - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fplhdcjmbpfkejbhngmlngaecbjmoimd - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx[25-02-2013 11:09] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[06-05-2013 10:12] oejkcgajlodefenbbjdnaiahmbnnoole - C:\Program Files\adawaretb\chrome-newtab-search.crx[] phegaokedjdajgnfphbnpkcfdgjbidko - C:\Documents and Settings\All Users\Application Data\adawaretb\toolbar\chrome\toolbar.crx[] avast Ad Blocker - Barbie - Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd DivX Plus Web Player HTML5 \u003Cvideo\u003E - Barbie - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm ==== Chrome Fix ====================== C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bodddioamolcibagionmmobehnbhiakf_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://mozilla firefox/" "Search Bar"="http://www.bing.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://mozilla" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\phegaokedjdajgnfphbnpkcfdgjbidko deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\8gjesupv.default-1362239606375\Cache emptied successfully C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\ru3h2hxa.default-1371671370500\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Barbie\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on wo 21-08-2013 at 14:19:33,73 ====================== Mvg, D. Bank
  22. didierbank1
    Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 19:37:48, on 20-8-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) FIREFOX: 23.0.1 (nl) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe C:\Program Files\Thomson\TG122n\WlanCU.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Barbie\Mijn documenten\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = PC Helpforum - Gratis hulp bij computer problemen firefox/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\RunOnce: [symInstallStub] C:\WINDOWS\system32\Adobe\Shockwave 12\SymInstallStub.exe /partnerid=adobe /productlist=nss /staging=false /delay=5 /desktopshortcut=1 /startmenushortcut=1 /launchedby=3 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Device Doctor] C:\Program Files\Device Doctor\DDLauncher.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281 O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe O24 - Desktop Component AutorunsDisabled: (no name) - (no file) -- End of file - 7587 bytes
  23. didierbank1
    Goedeavond, Ik heb sinds enige tijd last van advertentie vensters die om de haverklap in mijn scherm verschijnen. Ook als ik een betaling doe via internet met mijn bank (rabobank) dan is het adres aan de onderkant een ander adres bijv. i.myshpjs.info of img1.superfish.com. Ik vertrouw dit niet helemaal, kunnen ze nu gewoon prive gegevens van mij achterhalen of mijn bankrek. nummer ? Kunnen jullie mij aub helpen met dit probleem. Ik gebruik iedere dag ccleaner en ongeveer 2x per week doe ik een scan met spyhunter en mailwarebites. Mvg, D. Bank
  24. didierbank1
    Goedeavond, Het probleem is eindelijk opgelost. Ik heb avast gebeld, medewerker heeft meegekeken in systeem en gezien dat sommige programm's avast blokkeerd. Deze heeft hij verwijderd en avast opnieuw ingesteld. Alleen het laden van pagina's duurt nog wel lang, volgens medewerker avast ligt dit aan de internet snelheid. Met vriendelijke groet, D. Bank
  25. didierbank1
    Goedeavond, Ik heb avast 8 gedownload, scan gedraaid geen virussen gevonden. Ik kan nog steeds niet op internet. Zie het verhaal hierboven, ik kan alleen websides openen die beveiligd zijn dus met https ervoor, als ik bijv. voetbal.nl intik lukt het niet. dus alle sites met www ervoor pakt de computer niet. Weten jullie misschien waardoor dit probleem optreed. heeft het misschien met verkeerde instellingen te maken ? laat het mij alsjeblieft weten. Gr, Didier
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.