Ga naar inhoud

trage pc


tricke

Aanbevolen berichten

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Patricia at 2013-11-03 12:02:07

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 559 MB (1%) free of 78 GB

Total RAM: 1535 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:02:39, on 3/11/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\PROGRA~1\AVG\AVG2014\avgrsx.exe

C:\Program Files\AVG\AVG2014\avgcsrvx.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2014\avgidsagent.exe

C:\Program Files\AVG\AVG2014\avgwdsvc.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\AVG\AVG2014\avgnsx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\AVG\AVG2014\avgemcx.exe

C:\Program Files\Browny02\Brother\BrStMonW.exe

C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

C:\Program Files\AVG\AVG2014\avgui.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe

C:\Program Files\IncrediMail\bin\IncMail.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MyTomTom 3\MyTomTomSA.exe

C:\Brother\BPRSP\resources\BrSupSsp.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\Browny02\BrYNSvc.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\IncrediMail\Bin\ImApp.exe

C:\Program Files\AVG\AVG2014\avgcsrvx.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\IncrediMail\Bin\ImNotfy.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\Patricia\Local Settings\Temporary Internet Files\Content.IE5\VJV0SJHP\RSIT[1].exe

C:\Program Files\trend micro\Patricia.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll (file missing)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll (file missing)

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun

O4 - HKLM\..\Run: [brStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN

O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files\AVG Secure Search\HF_G_Jul.exe" /DoAction

O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [isaKbcCertUpdate] C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe

O4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files\MyTomTom 3\MyTomTomSA.exe"

O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Patricia\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Brother BPPO.lnk = ?

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - Trusted Zone: http://cbc-pdf.cbc.be

O15 - Trusted Zone: CBC

O15 - Trusted Zone: http://www.cbccorporate.be

O15 - Trusted Zone: ?SOB - Úvodní stránka

O15 - Trusted Zone: http://www.csob.sk

O15 - Trusted Zone: http://col.isabel.be

O15 - Trusted Zone: http://www.isabel.be

O15 - Trusted Zone: http://www.beta.isabel.be

O15 - Trusted Zone: http://col.isabel.eu

O15 - Trusted Zone: http://www.isabel.eu

O15 - Trusted Zone: http://www.beta.isabel.eu

O15 - Trusted Zone: http://kbc-pdf.kbc.be

O15 - Trusted Zone: KBC

O15 - Trusted Zone: KBC Asset Management

O15 - Trusted Zone: http://www.kbcam.com

O15 - Trusted Zone: http://www.kbcbankingforbusiness.com

O15 - Trusted Zone: http://www.kbccorporates.com

O15 - Trusted Zone: http://www.kbcfi.com

O15 - Trusted Zone: http://www.kbcmerchantbanking.com

O15 - Trusted Zone: http://www.kh.hu

O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM)

O15 - Trusted Zone: CBC (HKLM)

O15 - Trusted Zone: http://www.cbccorporate.be (HKLM)

O15 - Trusted Zone: ?SOB - Úvodní stránka (HKLM)

O15 - Trusted Zone: http://www.csob.sk (HKLM)

O15 - Trusted Zone: http://col.isabel.be (HKLM)

O15 - Trusted Zone: http://www.isabel.be (HKLM)

O15 - Trusted Zone: http://www.beta.isabel.be (HKLM)

O15 - Trusted Zone: http://col.isabel.eu (HKLM)

O15 - Trusted Zone: http://www.isabel.eu (HKLM)

O15 - Trusted Zone: http://www.beta.isabel.eu (HKLM)

O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM)

O15 - Trusted Zone: KBC (HKLM)

O15 - Trusted Zone: KBC Asset Management (HKLM)

O15 - Trusted Zone: http://www.kbcam.com (HKLM)

O15 - Trusted Zone: http://www.kbcbankingforbusiness.com (HKLM)

O15 - Trusted Zone: http://www.kbccorporates.com (HKLM)

O15 - Trusted Zone: http://www.kbcfi.com (HKLM)

O15 - Trusted Zone: http://www.kbcmerchantbanking.com (HKLM)

O15 - Trusted Zone: http://www.kh.hu (HKLM)

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe

O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe (file missing)

O23 - Service: vToolbarUpdater17.0.1 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe (file missing)

--

End of file - 11817 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2052111302-1979792683-1177238915-1004Core.job

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2052111302-1979792683-1177238915-1004UA.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

belgiumeid@eid.belgium.be

C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default\extensions\

{9C6485BA-439E-8BFA-64D6-EC3C205F70FB}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}]

Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{3d86a75b-cb6b-4764-885d-ca6336f04ba2} - Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [2007-03-22 63712]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"ControlCenter4"=C:\Program Files\ControlCenter4\BrCcBoot.exe [2011-04-20 139264]

"BrStsMon00"=C:\Program Files\Browny02\Brother\BrStMonW.exe [2010-12-23 2629632]

"HF_G_Jul"=C:\Program Files\AVG Secure Search\HF_G_Jul.exe /DoAction []

"beidsccertprop"=C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe [2012-02-21 31768]

"ROC_ROC_JULY_P1"=C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1 []

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2012-04-18 421888]

"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-09-09 421776]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"IsaKbcCertUpdate"=C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe [2012-10-15 1085528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2012-04-07 366024]

"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"MyTomTomSA.exe"=C:\Program Files\MyTomTom 3\MyTomTomSA.exe [2013-05-23 455608]

"Facebook Update"=C:\Documents and Settings\Patricia\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten

Brother BPPO.lnk - C:\WINDOWS\Installer\{8040527F-DD74-4B45-8A06-C4BF145B6C76}\BrSupSsp.exe_44686FC076524EF5975EF92EE48E2958.exe

C:\Documents and Settings\Patricia\Menu Start\Programma's\Opstarten

OpenOffice.org 3.3 .lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Installer voor AVG"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\IncrediMail\Bin\IncMail.exe"="C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail"

"C:\Program Files\IncrediMail\Bin\ImApp.exe"="C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail"

"C:\Program Files\IncrediMail\Bin\ImpCnt.exe"="C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail"

"C:\Program Files\FrostWire 5\FrostWire.exe"="C:\Program Files\FrostWire 5\FrostWire.exe:*:Enabled:FrostWire"

"C:\Documents and Settings\Patricia\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Patricia\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Installer voor AVG"

"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Installer voor AVG"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield"

"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014"

"C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Persoonlijke e-mailscanner"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"VIDC.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"VIDC.YVYU"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"MSVideo8"=VfWWDM32.dll

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-11-03 11:58:24 ----D---- C:\rsit

2013-10-27 12:58:56 ----D---- C:\AdwCleaner

2013-10-26 22:25:41 ----D---- C:\Program Files\Best Removal Tool

2013-10-26 12:16:35 ----D---- C:\Documents and Settings\All Users\Application Data\Wincert

2013-10-26 12:16:17 ----D---- C:\Documents and Settings\Patricia\Application Data\ilividmoviestoolbarha

2013-10-26 12:15:27 ----D---- C:\Documents and Settings\All Users\Application Data\Datamngr

2013-10-22 20:18:14 ----D---- C:\Program Files\Trusteer

2013-10-22 20:17:00 ----D---- C:\Documents and Settings\All Users\Application Data\Trusteer

2013-10-22 20:13:52 ----D---- C:\Program Files\Common Files\Isabel CSP

2013-10-22 20:13:52 ----D---- C:\Program Files\Common Files\Isabel

2013-10-17 15:04:56 ----A---- C:\WINDOWS\system32\drivers\RapportKELL.sys

2013-10-17 05:48:34 ----D---- C:\Program Files\Common Files\Java

2013-10-17 05:48:23 ----A---- C:\WINDOWS\system32\javaws.exe

2013-10-17 05:47:58 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll

2013-10-17 05:47:57 ----A---- C:\WINDOWS\system32\javaw.exe

2013-10-17 05:47:57 ----A---- C:\WINDOWS\system32\java.exe

2013-10-11 07:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$

2013-10-11 07:32:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$

2013-10-11 07:07:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2868038$

2013-10-11 07:05:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2883150$

2013-10-11 07:05:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$

2013-10-09 19:00:13 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2013-11-03 12:02:18 ----D---- C:\Program Files\Trend Micro

2013-11-03 12:01:01 ----D---- C:\WINDOWS\Temp

2013-11-03 11:59:39 ----D---- C:\WINDOWS\Prefetch

2013-11-03 09:12:29 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData

2013-11-03 09:05:27 ----D---- C:\WINDOWS\system32\CatRoot2

2013-11-02 23:17:57 ----A---- C:\WINDOWS\SchedLgU.Txt

2013-10-29 21:33:52 ----D---- C:\Documents and Settings\Patricia\Application Data\Skype

2013-10-29 14:32:43 ----D---- C:\WINDOWS\system32

2013-10-28 07:46:08 ----SHD---- C:\WINDOWS\Installer

2013-10-28 07:41:06 ----D---- C:\WINDOWS\system32\drivers

2013-10-27 13:26:36 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2014

2013-10-27 13:12:05 ----D---- C:\Program Files\Common Files

2013-10-27 13:11:52 ----D---- C:\Program Files

2013-10-27 09:14:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2013-10-22 20:13:52 ----D---- C:\Documents and Settings\All Users\Application Data\Isabel Services

2013-10-20 11:02:10 ----A---- C:\WINDOWS\NeroDigital.ini

2013-10-17 05:47:57 ----D---- C:\Program Files\Java

2013-10-15 06:33:34 ----D---- C:\WINDOWS\Microsoft.NET

2013-10-12 06:09:46 ----RSD---- C:\WINDOWS\assembly

2013-10-11 19:40:16 ----D---- C:\WINDOWS\WinSxS

2013-10-11 16:47:32 ----D---- C:\WINDOWS

2013-10-11 16:26:09 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-11 07:33:43 ----HD---- C:\WINDOWS\inf

2013-10-11 07:33:28 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-10-11 07:32:55 ----A---- C:\WINDOWS\imsins.BAK

2013-10-11 07:32:01 ----D---- C:\WINDOWS\system32\MRT

2013-10-11 07:26:14 ----A---- C:\WINDOWS\system32\MRT.exe

2013-10-11 07:06:14 ----D---- C:\Program Files\Internet Explorer

2013-10-11 07:05:47 ----D---- C:\WINDOWS\ie8updates

2013-10-09 19:00:22 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2013-10-08 07:00:52 ----D---- C:\Documents and Settings\All Users\Application Data\Skype

2013-10-08 07:00:40 ----RD---- C:\Program Files\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2013-09-02 145720]

R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2013-09-02 223032]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448]

R0 RapportKELL;RapportKELL; C:\WINDOWS\System32\Drivers\RapportKELL.sys [2013-10-17 108816]

R0 uagp35;Microsoft AGPv3.5 Filter; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]

R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632]

R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208]

R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840]

R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2013-09-02 176952]

R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]

R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 RapportCerberus_59849;RapportCerberus_59849; \??\C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys []

R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys []

R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys []

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]

R3 rtl8139;NT-stuurprogramma voor Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]

R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]

R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]

R3 USBCCID;USB Smart Card reader; C:\WINDOWS\system32\DRIVERS\usbccid.sys [2012-08-21 29184]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 usbvideo;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]

S3 ACSSCR;ACR38 Smart Card Reader; C:\WINDOWS\system32\DRIVERS\a38usb.sys [2012-08-21 33536]

S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]

S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 RT2500USB;ASUS RT2500 USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2005-10-17 245376]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usb_rndisx;USB RNDIS-adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-07-09 44032]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]

S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480]

R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-08 182696]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-06-20 53248]

R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-10-17 1444120]

R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]

R3 BrYNSvc;BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [2010-01-25 245760]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 821648]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-08 136176]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]

S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe []

S2 vToolbarUpdater17.0.1;vToolbarUpdater17.0.1; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe []

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-08 136176]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-02 118680]

S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-------

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
 {3d86a75b-cb6b-4764-885d-ca6336f04ba2};c
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe];r
 C:\Documents and Settings\All Users\Application Data\Wincert;fs
 C:\Documents and Settings\Patricia\Application Data\ilividmoviestoolbarha;fs
 C:\Documents and Settings\All Users\Application Data\Datamngr;fs
  startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 26-October-2013

Tool run by Patricia on zo 03/11/2013 at 15:57:51,34.

Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Patricia\Bureaublad\zoek\zoek.exe [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-07-30-055859.log 4699 bytes

==== Empty Folders Check ======================

C:\Program Files\Realtek Sound Manager deleted successfully

C:\Documents and Settings\All Users\Application Data\Datamngr deleted successfully

C:\Documents and Settings\LocalService\Application Data\Apple Computer deleted successfully

C:\Documents and Settings\Patricia\Application Data\U3 deleted successfully

C:\Documents and Settings\Patricia\Application Data\WinRAR deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2052111302-1979792683-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

HKEY_USERS\S-1-5-21-2052111302-1979792683-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater13.2.0 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\vToolbarUpdater13.2.0 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.0.1 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\vToolbarUpdater17.0.1 deleted successfully

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default\prefs.js:

Added to C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_20130311_1636_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

==== Deleting Files \ Folders ======================

C:\Documents and Settings\All Users\Application Data\Datamngr not found

C:\Documents and Settings\All Users\Application Data\Wincert deleted

C:\Documents and Settings\Patricia\Application Data\ilividmoviestoolbarha deleted

C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default\ilividmoviestoolbarha deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\Patricia\LOCALS~1\Temp ====

2013-10-23 10:55:38 80630500A3DA6E2CF460FE3F7587E119 1804288 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Temp\nsr217\Helper.dll

2013-10-23 10:55:22 98D38A4B8721D358297C63B37CB43338 61960 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Temp\nsr217\Starter.exe

2013-10-22 19:16:58 724C928C25E88DD22FDA242C40EE0FBD 272664 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Temp\Step2.exe

2013-10-22 19:09:29 CF804561E870AA23D6A088C9F73BD460 12106752 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Temp\Step1.msi

====== Java Cache =====

2013-10-17 04:53:33 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\12\eef218c-5de15a84

2013-10-17 04:53:27 4330522825E6D0140C3ACC1F6EA7F5E9 100 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\17\49a00451-6.0.lap

2013-10-17 04:53:27 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\17\49a00451-762ae4f5

2013-10-17 04:53:24 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\18\3cb32f52-48e17a04

2013-10-17 04:53:27 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\43\1ca2666b-50ca6834

====== C:\WINDOWS\system32 =====

2013-10-26 21:25:51 E3DCA8E9F188CD50A84BDF5DECBD6DFA 42 ----a-w- C:\WINDOWS\System32\AK083E209605E394C.lie

====== C:\WINDOWS\system32\drivers =====

2013-10-17 14:04:56 4136175FABB89CB493DF1D237DB50CF4 108816 ----a-w- C:\WINDOWS\System32\drivers\RapportKELL.sys

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-10-26 21:25:41 -------- d-----w- C:\Program Files\Best Removal Tool

2013-10-22 19:18:14 -------- d-----w- C:\Program Files\Trusteer

2013-10-22 19:13:52 -------- d-----w- C:\Program Files\Common Files\Isabel CSP

2013-10-22 19:13:52 -------- d-----w- C:\Program Files\Common Files\Isabel

2013-10-17 04:48:34 -------- d-----w- C:\Program Files\Common Files\Java

======= C: =====

====== C:\Documents and Settings\Patricia\Application Data ======

2013-10-28 06:41:20 -------- d-----w- C:\Documents and Settings\Default User\Local Settings\Application Data\Trusteer

2013-10-22 19:18:35 -------- d-----w- C:\Documents and Settings\Patricia\Local Settings\Application Data\Trusteer

====== C:\Documents and Settings\Patricia ======

====== C: exe-files ==

2013-11-03 10:58:25 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Patricia.exe

2013-11-03 10:49:56 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Temporary Internet Files\Content.IE5\VJV0SJHP\RSIT[1].exe

=== C: other files ==

2013-11-03 14:55:14 E3D0D31E46F9D4BCD75BF64D8C66A3E0 320 ----a-w- C:\Documents and Settings\All Users\Application Data\AVG2014\IDS\outbox\persist.zip

2013-11-03 14:19:40 A299BC2E273DEAF8D7741FE0D3BC38EF 4035542 ----a-w- C:\RECYCLER\S-1-5-21-2052111302-1979792683-1177238915-1004\Dc7.zip

2013-11-03 13:40:58 A299BC2E273DEAF8D7741FE0D3BC38EF 4035542 ----a-w- C:\RECYCLER\S-1-5-21-2052111302-1979792683-1177238915-1004\Dc4.zip

2013-11-02 16:35:10 8CC1249D034370D9AA0FBD34EE6170F3 193 ----a-w- C:\Documents and Settings\Patricia\Local Settings\Temporary Internet Files\Content.IE5\G8XPX0FQ\gawker[1].com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2052111302-1979792683-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Run]

"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe /c"

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"MyTomTomSA.exe"="C:\Program Files\MyTomTom 3\MyTomTomSA.exe"

"Facebook Update"="C:\Documents and Settings\Patricia\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMan"="SOUNDMAN.EXE"

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe"

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"ControlCenter4"="C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun"

"BrStsMon00"="C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN"

"HF_G_Jul"="C:\Program Files\AVG Secure Search\HF_G_Jul.exe /DoAction"

"beidsccertprop"="C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe"

"ROC_ROC_JULY_P1"="C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"IsaKbcCertUpdate"="C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe /c"

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"MyTomTomSA.exe"="C:\Program Files\MyTomTom 3\MyTomTomSA.exe"

"Facebook Update"="C:\Documents and Settings\Patricia\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

==== Startup Folders ======================

2012-04-05 10:42:14 864 ----a-w- C:\Documents and Settings\Patricia\Menu Start\Programma's\Opstarten\OpenOffice.org 3.3 .lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 19:00]

C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\Apple Software Update\SoftwareUpdate.exe [01/06/2011 16:57]

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2052111302-1979792683-1177238915-1004Core.job --a------ C:\Documents and Settings\Patricia\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [12/07/2012 19:48]

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2052111302-1979792683-1177238915-1004UA.job --a------ C:\Documents and Settings\Patricia\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [12/07/2012 19:48]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/06/2012 18:56]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/06/2012 18:56]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [02/10/2013 15:14]

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{336D0C35-8A85-403a-B9D2-65C292C39087}"="C:\Program Files\Web Assistant\Firefox" []

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default

- New tab - %ProfilePath%\extensions\{9C6485BA-439E-8BFA-64D6-EC3C205F70FB}

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U45

F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18

BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In

04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Documents and Settings\Patricia\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

C1680C34DE8A405C8829AB93236576FD - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

0132218093298D7F72A40222F4FBF04F - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.2

A7DA4A3F6E86E55E25F60D2BA46B24D0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.2

CE1411064661AFB6DC4E18BACB50BF61 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.2

052575195474BA9646272680BF993D64 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.2

A8CD2D78D83C1466BB81BBC94A6C96A3 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.2

136ECFCBEA4FBFF8918D3B4AE2729C7F - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.2

1E17EB861D4EAD9CAC51C246B5E3426A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.2

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight

==== Deleted Firefox Extensions ======================

C:\Documents and Settings\Patricia\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default\extensions\{9C6485BA-439E-8BFA-64D6-EC3C205F70FB} deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[02/10/2012 12:14]

Skype Click to Call - Patricia - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{CE744ACD-4685-4D62-B15A-FB976936141D} Google Url="{searchTerms} - Google Search"

==== Reset Google Chrome ======================

C:\Documents and Settings\Patricia\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences was reset successfully

C:\Documents and Settings\Patricia\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2052111302-1979792683-1177238915-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2052111302-1979792683-1177238915-1004\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Patricia\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\Patricia\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Patricia\Local Settings\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Patricia\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Patricia\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\Patricia\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on zo 03/11/2013 at 17:05:17,21 ======================

Link naar reactie
Delen op andere sites

Download 51a5bf3d99e8a-ComboFixlogo16.pngComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

  • Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  • Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  • Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  • Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  • Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  • Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  • Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  • Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  • Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Illegal operation attempted on a registry key that has been marked for deletion.

Link naar reactie
Delen op andere sites

ComboFix 13-11-03.02 - Patricia 03/11/2013 20:21:35.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1535.946 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Patricia\Bureaublad\ComboFix.exe

AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\Installer\{8040527F-DD74-4B45-8A06-C4BF145B6C76}\BrSupSsp.exe_44686FC076524EF5975EF92EE48E2958.exe

c:\windows\system32\Cache

c:\windows\system32\Cache\05ea4a3041dfaa28.fb

c:\windows\system32\Cache\26c630d098e22dd5.fb

c:\windows\system32\Cache\272512937d9e61a4.fb

c:\windows\system32\Cache\287204568329e189.fb

c:\windows\system32\Cache\28bc8f716fd76a47.fb

c:\windows\system32\Cache\2c53092c95605355.fb

c:\windows\system32\Cache\31a0997e9a5b5eb3.fb

c:\windows\system32\Cache\32c84fe32bb74d60.fb

c:\windows\system32\Cache\3917078cb68ec657.fb

c:\windows\system32\Cache\4c05f4faf6e807cc.fb

c:\windows\system32\Cache\590ba23ce359fd0c.fb

c:\windows\system32\Cache\610289e025a3ee9a.fb

c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb

c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb

c:\windows\system32\Cache\6d03dad1035885d3.fb

c:\windows\system32\Cache\95f567698be8a182.fb

c:\windows\system32\Cache\99872a6035b00190.fb

c:\windows\system32\Cache\a8556537add6dfc5.fb

c:\windows\system32\Cache\ad10a52aff5e038d.fb

c:\windows\system32\Cache\bb57a6251538f623.fb

c:\windows\system32\Cache\c1fa887b03019701.fb

c:\windows\system32\Cache\c3edc4ea0adf90b2.fb

c:\windows\system32\Cache\c4d28dca2e7648be.fb

c:\windows\system32\Cache\d201ef9910cd39de.fb

c:\windows\system32\Cache\d2e94710a5708128.fb

c:\windows\system32\Cache\d79b9dfe81484ec4.fb

c:\windows\system32\Cache\f998975c9cc711ee.fb

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-10-03 to 2013-11-03 ))))))))))))))))))))))))))))))

.

.

2013-11-03 16:04 . 2013-11-03 16:04 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer

2013-11-03 16:01 . 2013-11-03 14:56 24064 ----a-w- c:\windows\zoek-delete.exe

2013-11-03 15:28 . 2013-11-03 16:05 -------- d-----w- C:\zoek

2013-11-03 10:58 . 2013-11-03 10:59 -------- d-----w- C:\rsit

2013-10-27 11:58 . 2013-10-27 12:12 -------- d-----w- C:\AdwCleaner

2013-10-26 21:25 . 2013-10-26 21:25 -------- d-----w- c:\program files\Best Removal Tool

2013-10-22 19:18 . 2013-10-22 19:18 -------- d-----w- c:\documents and settings\Patricia\Local Settings\Application Data\Trusteer

2013-10-22 19:18 . 2013-10-22 19:18 -------- d-----w- c:\program files\Trusteer

2013-10-22 19:17 . 2013-10-22 19:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Trusteer

2013-10-22 19:13 . 2013-10-22 19:14 -------- d-----w- c:\program files\Common Files\Isabel CSP

2013-10-22 19:13 . 2013-10-22 19:13 -------- d-----w- c:\program files\Common Files\Isabel

2013-10-17 14:04 . 2013-10-17 14:04 108816 ----a-w- c:\windows\system32\drivers\RapportKELL.sys

2013-10-17 04:48 . 2013-10-17 04:48 -------- d-----w- c:\program files\Common Files\Java

2013-10-17 04:48 . 2013-10-08 05:29 145408 ----a-w- c:\windows\system32\javacpl.cpl

2013-10-17 04:47 . 2013-10-08 05:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-10-11 05:03 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys

2013-10-11 05:03 . 2009-03-18 11:02 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys

2013-10-11 05:03 . 2013-08-09 00:55 144128 -c----w- c:\windows\system32\dllcache\usbport.sys

2013-10-11 04:56 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys

2013-10-09 18:00 . 2013-10-09 18:00 17226632 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-10-09 18:00 . 2012-04-05 13:37 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-10-09 18:00 . 2012-04-05 13:37 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-09-25 18:57 . 2013-08-01 14:06 120632 ----a-w- c:\windows\system32\drivers\avgdiskx.sys

2013-09-25 15:43 . 2012-09-04 14:10 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2013-09-23 18:25 . 2008-04-14 20:32 920064 ----a-w- c:\windows\system32\wininet.dll

2013-09-23 18:25 . 2008-04-14 20:33 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-09-23 18:25 . 2008-04-14 20:32 43520 ------w- c:\windows\system32\licmgr10.dll

2013-09-23 18:25 . 2008-04-14 20:32 18944 ----a-w- c:\windows\system32\corpol.dll

2013-09-23 18:07 . 2008-04-14 20:05 385024 ------w- c:\windows\system32\html.iec

2013-09-10 20:11 . 2011-12-23 11:32 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

2013-09-08 20:12 . 2012-01-31 02:46 27448 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2013-09-02 08:39 . 2012-02-22 03:25 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2013-09-02 08:28 . 2012-04-19 02:50 145720 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2013-09-02 08:28 . 2011-12-23 11:32 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2013-09-02 08:28 . 2012-09-21 02:46 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys

2013-08-29 07:01 . 2008-04-14 20:05 1878784 ----a-w- c:\windows\system32\win32k.sys

2013-08-20 20:54 . 2011-12-23 11:32 102200 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2013-08-09 01:56 . 2008-04-14 20:32 391168 ----a-w- c:\windows\system32\themeui.dll

2013-08-09 00:55 . 2008-04-13 22:15 144128 ----a-w- c:\windows\system32\drivers\usbport.sys

2013-08-09 00:55 . 2012-04-12 17:12 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2013-08-09 00:55 . 2006-03-02 11:00 5376 ----a-w- c:\windows\system32\drivers\usbd.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2012-04-07 366024]

"MyTomTomSA.exe"="c:\program files\MyTomTom 3\MyTomTomSA.exe" [2013-05-23 455608]

"Facebook Update"="c:\documents and settings\Patricia\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-22 63712]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]

"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-12-23 2629632]

"beidsccertprop"="c:\program files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe" [2012-02-21 31768]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]

"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-10-07 4908592]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"IsaKbcCertUpdate"="c:\program files\Common Files\Isabel\isa_kbc_certupdate.exe" [2012-10-15 1085528]

.

c:\documents and settings\Patricia\Menu Start\Programma's\Opstarten\

OpenOffice.org 3.3 .lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\IncrediMail\\Bin\\IncMail.exe"=

"c:\\Program Files\\IncrediMail\\Bin\\ImApp.exe"=

"c:\\Program Files\\IncrediMail\\Bin\\ImpCnt.exe"=

"c:\\Program Files\\FrostWire 5\\FrostWire.exe"=

"c:\\Documents and Settings\\Patricia\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG2014\\avgemcx.exe"=

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 3:50 145720]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21/09/2012 3:46 223032]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [31/01/2012 3:46 27448]

R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [17/10/2013 15:04 108816]

R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [1/08/2013 15:06 120632]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 12:32 209208]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 12:32 22840]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [22/02/2012 4:25 176952]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [22/02/2012 4:25 193848]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [4/09/2012 15:10 37664]

R1 RapportCerberus_59849;RapportCerberus_59849;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [22/10/2013 20:20 340432]

R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [17/10/2013 15:04 157264]

R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [17/10/2013 15:04 230448]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [25/09/2013 20:47 301152]

R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [17/10/2013 15:04 1444120]

R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [12/04/2012 18:10 245760]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [3/10/2013 21:00 3538480]

S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2/10/2012 12:13 3064000]

S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [25/07/2013 7:52 162672]

S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [21/08/2012 8:43 33536]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [6/10/2012 12:03 40776]

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-10-17 15:45 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-11-03 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 18:00]

.

2013-10-24 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

2013-11-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2052111302-1979792683-1177238915-1004Core.job

- c:\documents and settings\Patricia\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-06-30 18:48]

.

2013-11-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2052111302-1979792683-1177238915-1004UA.job

- c:\documents and settings\Patricia\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-06-30 18:48]

.

2013-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-08 17:56]

.

2013-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-08 17:56]

.

.

------- Bijkomende Scan -------

.

uStart Page = https://www.google.be/

Trusted Zone: cbc.be\cbc-pdf

Trusted Zone: cbc.be\cbconline

Trusted Zone: cbc.be\static

Trusted Zone: cbc.be\www

Trusted Zone: cbc.eu\ipa-a

Trusted Zone: cbc.eu\ipa-f

Trusted Zone: cbc.eu\www

Trusted Zone: cbccorporate.be\secure

Trusted Zone: cbccorporate.be\www

Trusted Zone: csob.cz\www

Trusted Zone: csob.sk\www

Trusted Zone: fgov.be\*.minfin

Trusted Zone: isabel.be\*.IBS6

Trusted Zone: isabel.be\col

Trusted Zone: isabel.be\gotoIBS6

Trusted Zone: isabel.be\my

Trusted Zone: isabel.be\my.beta

Trusted Zone: isabel.be\pki

Trusted Zone: isabel.be\www

Trusted Zone: isabel.be\PC Helpforum - Gratis hulp bij computer problemen

Trusted Zone: isabel.eu\col

Trusted Zone: isabel.eu\www

Trusted Zone: isabel.eu\PC Helpforum - Gratis hulp bij computer problemen

Trusted Zone: kbc.be\kbc-pdf

Trusted Zone: kbc.be\kbconline

Trusted Zone: kbc.be\static

Trusted Zone: kbc.be\www

Trusted Zone: kbc.com\www

Trusted Zone: kbc.eu\www

Trusted Zone: kbcam.be\www

Trusted Zone: kbcam.com\www

Trusted Zone: kbcbankingforbusiness.com\www

Trusted Zone: kbccorporates.com\secure

Trusted Zone: kbccorporates.com\www

Trusted Zone: kbcfi.com\secure

Trusted Zone: kbcfi.com\www

Trusted Zone: kbcgroup.eu\multimediafiles

Trusted Zone: kbcgroup.eu\www

Trusted Zone: kbcmerchantbanking.com\secure

Trusted Zone: kbcmerchantbanking.com\www

Trusted Zone: kh.hu\www

Trusted Zone: nbb.be\*

Trusted Zone: socialsecurity.be\*

Trusted Zone: wise-corporate-ebanking.com\www

Trusted Zone: zoomit.be\*

Trusted Zone: cbc.be\cbc-pdf

Trusted Zone: cbc.be\cbconline

Trusted Zone: cbc.be\static

Trusted Zone: cbc.be\www

Trusted Zone: cbc.eu\ipa-a

Trusted Zone: cbc.eu\ipa-f

Trusted Zone: cbc.eu\www

Trusted Zone: cbccorporate.be\secure

Trusted Zone: cbccorporate.be\www

Trusted Zone: csob.cz\www

Trusted Zone: csob.sk\www

Trusted Zone: fgov.be\*.minfin

Trusted Zone: isabel.be\*.IBS6

Trusted Zone: isabel.be\col

Trusted Zone: isabel.be\gotoIBS6

Trusted Zone: isabel.be\my

Trusted Zone: isabel.be\my.beta

Trusted Zone: isabel.be\pki

Trusted Zone: isabel.be\www

Trusted Zone: isabel.be\PC Helpforum - Gratis hulp bij computer problemen

Trusted Zone: isabel.eu\col

Trusted Zone: isabel.eu\www

Trusted Zone: isabel.eu\PC Helpforum - Gratis hulp bij computer problemen

Trusted Zone: kbc.be\kbc-pdf

Trusted Zone: kbc.be\kbconline

Trusted Zone: kbc.be\static

Trusted Zone: kbc.be\www

Trusted Zone: kbc.com\www

Trusted Zone: kbc.eu\www

Trusted Zone: kbcam.be\www

Trusted Zone: kbcam.com\www

Trusted Zone: kbcbankingforbusiness.com\www

Trusted Zone: kbccorporates.com\secure

Trusted Zone: kbccorporates.com\www

Trusted Zone: kbcfi.com\secure

Trusted Zone: kbcfi.com\www

Trusted Zone: kbcgroup.eu\multimediafiles

Trusted Zone: kbcgroup.eu\www

Trusted Zone: kbcmerchantbanking.com\secure

Trusted Zone: kbcmerchantbanking.com\www

Trusted Zone: kh.hu\www

Trusted Zone: nbb.be\*

Trusted Zone: socialsecurity.be\*

Trusted Zone: wise-corporate-ebanking.com\www

Trusted Zone: zoomit.be\*

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\documents and settings\Patricia\Application Data\Mozilla\Firefox\Profiles\jvtmzr1l.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=

.

- - - - ORPHANS VERWIJDERD - - - -

.

HKLM-Run-HF_G_Jul - c:\program files\AVG Secure Search\HF_G_Jul.exe

HKLM-Run-ROC_ROC_JULY_P1 - c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Brother BPPO.lnk - c:\windows\Installer\{8040527F-DD74-4B45-8A06-C4BF145B6C76}\BrSupSsp.exe_44686FC076524EF5975EF92EE48E2958.exe

AddRemove-ilividmoviestoolbarhaIE - c:\progra~1\MOVIES~1\Datamngr\SRTOOL~1\IE\uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-11-03 20:38

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

Voltooingstijd: 2013-11-03 20:42:23

ComboFix-quarantined-files.txt 2013-11-03 19:42

.

Pre-Run: 2.187.661.312 bytes beschikbaar

Post-Run: 2.606.997.504 bytes beschikbaar

.

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

.

- - End Of File - - 843B4A246680A057013A3A20D545BA94

3051207086651214E435112E51817DC5

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.