Ga naar inhoud

IE 8, TOOLS, " INTERNET OPTIONS " verdwenen


pvn

Aanbevolen berichten

Dag allen,

Na het installeren van Avast free AV, begon het probleem:

bij het openen van mijn browser IE 8 krijg ik nu altijd de volgende voor mij vervelende pagina pagina te zien:

MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail

Het laden van die pagina duurt ook een eeuwigheid.

Bij het klikken op Tools, Internet Options, gebeurd er helemaal niets meer, ik kan dus geen nieuwe homepage bepalen.

In Control panel zie nik het icoon Internet Options nog maar ik kan het niet meer openen.

Besturingssysteem: xp pro op dell gx 620, comodo internet security premium, avast free

kan iemend helpen,

Met dank,

Peter

Link naar reactie
Delen op andere sites

Heb je Comodo internet security en avast samen op 1 pc geïnstalleerd?

Dat geeft al problemen, je zal er eentje moeten verwijderen.

Voer dan onderstaande uit:

- Open Internet explorer.

- Druk op de Alt toets op je toetsenbord. Er verschijnt een menu.

- Ga naar het menu Extra en kies Internetopties.

- Op de tab Geavanceerd klik je onderaan op de knop Opnieuw instellen...

- Klik nogmaals op Opnieuw instellen.

- Klik op Sluiten en herstart internet explorer.

Opmerking:

Bovenstaande procedure kan ook volautomatisch gebeuren, door dit programma te downloaden en uit te voeren: reset IE naar standaardinstellingen (klik erop).

Meer info over het opnieuw instellen van IE, vindt u hier.


Lost dat je probleem nog niet op, voer dan ook onderstaande uit:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites

Clarkie, bedankt voor de uitleg:

Comodo werd verwijderd, nu krijg ik wel melding ivm ontbrekende firewall.

Hierbij het log:

Logfile of random's system information tool 1.06 (written by random/random)

Run by JULIE at 2013-11-29 00:46:15

Microsoft Windows XP Professional Service Pack 3

System drive C: has 25 GB (33%) free of 76 GB

Total RAM: 2038 MB (59% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\avast! Emergency Update.job

C:\WINDOWS\tasks\AVG_REG_0913b.job

C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job

C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1580818891-1417001333-1005Core.job

C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job

C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job

C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job

C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job

C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job

C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job

C:\WINDOWS\tasks\ReclaimerResumeInstall_JULIE.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-11-11 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-25 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]

EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]

Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-25 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2012-11-11 296096]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-25 3568312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]

"Google Update"=C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-10-18 116648]

"Google Update"=C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2013-10-18 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bubble Dock]

C:\Documents and Settings\GX620\Application Data\Nosibay\Bubble Dock\LBubble Dock.exe /winstartup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON BX300F Series]

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE [2008-01-22 188928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]

C:\Program Files\CyberLink\PowerDVD\Language\Language.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPTENET_GUI]

C:\PROGRA~1\CONTRO~1\bin\optgui.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]

C:\WINDOWS\vsnp2std.exe [2006-01-06 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tisapeksyrte]

C:\Documents and Settings\JULIE\tisapeksyrte.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

C:\program files\real\realplayer\update\realsched.exe [2012-11-11 296096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

C:\PROGRA~1\MCAFEE~1\30982A~1.207\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"RichVideo"=2

"avast! Antivirus"=2

"WebOptimizer"=2

"Web Assistant Updater"=2

"MozillaMaintenance"=3

"McComponentHostService"=3

C:\Documents and Settings\JULIE\Start Menu\Programs\Startup

Dropbox.lnk - C:\Documents and Settings\JULIE\Application Data\Dropbox\bin\Dropbox.exe

OpenOffice.org 3.4.1.lnk - C:\Program Files\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\74271178.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\74271178.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=

"NoResolveSearch"=

"NoDriveTypeAutoRun"=

"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2013-11-29 00:45:49 ----D---- C:\rsit

2013-11-29 00:45:49 ----D---- C:\Program Files\trend micro

2013-11-29 00:21:20 ----SHD---- C:\Config.Msi

2013-11-28 12:25:13 ----D---- C:\Documents and Settings\JULIE\Application Data\Adblock Plus for IE

2013-11-28 12:25:11 ----D---- C:\Program Files\Adblock Plus for IE

2013-11-28 11:55:09 ----D---- C:\Program Files\Dropbox

2013-11-28 11:53:56 ----D---- C:\Documents and Settings\JULIE\Application Data\Dropbox

2013-11-28 11:52:40 ----A---- C:\Program Files\Dropbox 2.4.7.exe

2013-11-25 15:20:59 ----D---- C:\Documents and Settings\JULIE\Application Data\AVAST Software

2013-11-25 15:18:38 ----A---- C:\WINDOWS\system32\aswBoot.exe

2013-11-25 15:17:56 ----D---- C:\Program Files\AVAST Software

2013-11-25 15:17:17 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software

2013-11-24 12:17:54 ----A---- C:\WINDOWS\system32\javaws.exe

2013-11-24 12:17:39 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll

2013-11-24 12:17:39 ----A---- C:\WINDOWS\system32\javaw.exe

2013-11-24 12:17:39 ----A---- C:\WINDOWS\system32\java.exe

2013-10-28 13:30:20 ----D---- C:\Program Files\GeoGebra 4.2

2013-10-14 19:16:10 ----A---- C:\Program Files\adblockplusie-1.1.exe

2013-09-30 20:10:35 ----D---- C:\Documents and Settings\JULIE\Application Data\xm1

2013-09-30 20:01:56 ----D---- C:\Program Files\Algobox

2013-09-30 08:48:36 ----D---- C:\Documents and Settings\All Users\Application Data\AVG 0913b Campaign

2013-09-25 09:32:54 ----HD---- C:\VTRoot

2013-09-17 09:27:11 ----D---- C:\Program Files\Common Files\Java

2013-09-17 09:25:38 ----A---- C:\DelFix.txt

2013-09-16 22:24:51 ----D---- C:\AdwCleaner

2013-09-16 17:52:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2013-09-16 16:28:13 ----D---- C:\Documents and Settings\JULIE\Application Data\AVG

2013-09-16 16:25:11 ----D---- C:\Documents and Settings\All Users\Application Data\AVG

2013-09-16 16:24:46 ----SHD---- C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

2013-09-16 16:22:25 ----A---- C:\WINDOWS\system32\avg_tuh_stf_all_2014_146_24c28.exe

2013-09-16 16:06:45 ----D---- C:\Documents and Settings\JULIE\Application Data\TuneUp Software

2013-09-16 16:04:53 ----D---- C:\Program Files\AVG

2013-09-16 15:58:11 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files

2013-09-16 15:58:10 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData

2013-09-16 15:50:28 ----D---- C:\Program Files\Microsoft Windows OneCare Live

2013-09-16 15:41:29 ----A---- C:\WINDOWS\system32\WindowsXP-KB942288-v3-x86.exe

2013-09-16 15:30:17 ----A---- C:\WINDOWS\system32\mseinstall.exe

2013-09-16 13:54:55 ----SHD---- C:\RECYCLER

2013-09-16 10:21:29 ----D---- C:\WINDOWS\erdnt

2013-09-16 10:05:07 ----D---- C:\WINDOWS\CSC

2013-09-10 17:48:31 ----A---- C:\WINDOWS\system32\autorun_usb_32.exe

======List of files/folders modified in the last 3 months======

2013-11-29 00:45:49 ----RD---- C:\Program Files

2013-11-29 00:42:22 ----D---- C:\Documents and Settings\JULIE\Application Data\Skype

2013-11-29 00:33:01 ----D---- C:\WINDOWS\Temp

2013-11-29 00:26:17 ----D---- C:\WINDOWS\Prefetch

2013-11-29 00:26:09 ----D---- C:\WINDOWS\system32\drivers

2013-11-29 00:24:10 ----A---- C:\WINDOWS\SchedLgU.Txt

2013-11-29 00:23:55 ----SHD---- C:\WINDOWS\Installer

2013-11-29 00:21:51 ----D---- C:\WINDOWS\system32

2013-11-29 00:21:49 ----SD---- C:\WINDOWS\Tasks

2013-11-29 00:00:14 ----D---- C:\WINDOWS

2013-11-28 23:41:48 ----D---- C:\WINDOWS\system32\CatRoot2

2013-11-28 17:01:48 ----D---- C:\Documents and Settings\All Users\Application Data\Package Cache

2013-11-26 17:35:54 ----D---- C:\Documents and Settings\All Users\Application Data\Skype

2013-11-26 17:35:49 ----RD---- C:\Program Files\Skype

2013-11-25 15:18:38 ----D---- C:\WINDOWS\WinSxS

2013-11-25 15:10:48 ----HD---- C:\WINDOWS\inf

2013-11-24 12:17:39 ----D---- C:\Program Files\Java

2013-11-22 10:15:17 ----D---- C:\Documents and Settings\JULIE\Application Data\Mozilla

2013-11-09 12:57:35 ----D---- C:\Documents and Settings\JULIE\Application Data\Winamp

2013-10-27 16:03:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2013-10-23 23:52:00 ----D---- C:\WINDOWS\Network Diagnostic

2013-10-22 10:10:26 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2013-10-21 20:40:39 ----D---- C:\Documents and Settings\JULIE\Application Data\dvdcss

2013-09-29 14:57:01 ----D---- C:\Program Files\Mozilla Firefox

2013-09-17 09:27:11 ----D---- C:\Program Files\Common Files

2013-09-16 20:10:18 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$

2013-09-16 16:41:13 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

2013-09-16 16:41:13 ----D---- C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}

2013-09-16 15:36:12 ----D---- C:\WINDOWS\SoftwareDistribution

2013-09-16 15:23:24 ----D---- C:\WINDOWS\Debug

2013-09-16 13:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$

2013-09-16 10:05:17 ----D---- C:\Documents and Settings

2013-09-16 08:05:54 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []

R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []

R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []

R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []

R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2011-08-09 3840]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]

R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]

R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]

R2 aswFsBlk;aswFsBlk; \??\C:\WINDOWS\system32\drivers\aswFsBlk.sys []

R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []

R2 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-06-03 5504]

R3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-03-17 132608]

R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]

R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]

R3 rt2870;Conceptronic 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2009-06-30 722432]

R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]

R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352]

R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]

R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]

R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]

R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]

R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]

S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []

S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []

S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver; C:\WINDOWS\system32\DRIVERS\CnxEtP.sys []

S3 CnxEtU;ZTE ZXDSL852 Interface Device Driver; C:\WINDOWS\system32\DRIVERS\CnxEtU.sys []

S3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver; C:\WINDOWS\system32\DRIVERS\CnxTgNW.sys []

S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 pbfilter;pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys []

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 tccp;tccp; C:\WINDOWS\system32\DRIVERS\tccp.sys [2013-09-10 28824]

S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-25 50344]

R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2009-08-24 69632]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-08 182696]

R2 ReflectService.exe;Macrium Reflect Image Mounting Service; C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-08-21 224960]

R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-12 135664]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-02 250568]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-12 135664]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S4 ?etadpug;Google Update Service (gupdate); C:\Program Files\Google\Desktop\Install\{5e265d20-691f-8eec-2f44-4563ecb2feae}\ \ \???\{5e265d20-691f-8eec-2f44-4563ecb2feae}\GoogleUpdate.exe < []

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
startupall; 
 C:\Program Files\Enigma Software Group\SpyHunter;u
 ?etadpug;s
 C:\WINDOWS\tasks\AVG_REG_0913b.job;f
 C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job;f
 C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job;f
 C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job;f
 C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job;f
 C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job;f
 C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job;f
 C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job;f
 C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job;f
 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck];r
 filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Bedankt Kape,

Hierbij het log:

Zoek.exe Version 4.0.0.5 Updated 24-November-2013

Tool run by JULIE on 29/11/2013 at 9:34:46,62.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\JULIE\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

29/11/2013 09:51:25 Zoek.exe System Restore Point Created Succesfully.

==== Possible Rootkit Infection ======================

C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Desktop\Install

==== Empty Folders Check ======================

C:\Program Files\Acro Software deleted successfully

C:\Program Files\File Type Assistant deleted successfully

C:\Program Files\Free PDF to Word Doc Converter deleted successfully

C:\Program Files\MSXML 4.0 deleted successfully

C:\Program Files\NirSoft deleted successfully

C:\Program Files\Common Files\PDF Architect deleted successfully

C:\Documents and Settings\All Users\Start Menu\Programs\Free PDF to Word Doc Converter deleted successfully

C:\Documents and Settings\All Users\Application Data\Musicnotes deleted successfully

C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully

C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} deleted successfully

C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} deleted successfully

C:\Documents and Settings\GX620\Application Data\Media Player Classic deleted successfully

C:\Documents and Settings\JULIE\Application Data\Sweetpacks deleted successfully

C:\Documents and Settings\JULIE\Application Data\uTorrent deleted successfully

C:\Documents and Settings\JULIE\Local Settings\Application Data\Avg2013 deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default\prefs.js:

Added to C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\prefs.js:

user_pref("browser.startup.homepage", "Yahoo France");

user_pref("browser.search.defaultenginename", "Yahoo");

user_pref("browser.search.selectedEngine", "Yahoo");

user_pref("keyword.URL", "Yahoo Search - Recherche Web=");

Added to C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

==== Deleting Files \ Folders ======================

C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found

C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} not found

C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} not found

C:\Documents and Settings\JULIE\usrusmt2.tmp deleted

C:\Documents and Settings\All Users\Application Data\InstallMate deleted

C:\Documents and Settings\All Users\Application Data\Package Cache deleted

C:\Documents and Settings\GX620\Local Settings\Application Data\BearShare deleted

C:\Documents and Settings\JULIE\Local Settings\Application Data\Software deleted

C:\Documents and Settings\LocalService\Local Settings\Application Data\Software deleted

C:\user.js deleted

"C:\WINDOWS\tasks\AVG_REG_0913b.job" deleted

"C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job" deleted

"C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job" deleted

"C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job" deleted

"C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job" deleted

"C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job" deleted

"C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job" deleted

"C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job" deleted

"C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job" deleted

"C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55\F8BAA3F3C992E6890000F8B9AB3DEA55" deleted

"C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55\F8BAA3F3C992E6890000F8B9AB3DEA55.ico" deleted

"C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2013-11-25 14:18:33 D0FBC21805855396820D9C8A6A082A6A 43152 ----a-w- C:\WINDOWS\avastSS.scr

====== C:\DOCUME~1\JULIE\LOCALS~1\Temp ====

2013-11-24 11:15:22 244ED0E8BA77CFA7CA28BE69B8F14447 915368 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe

====== Java Cache =====

2013-11-27 19:33:17 76C8396B8DFA77938A919B13CA2BF6D9 10061 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\2\5b00f142-48058456

2013-11-27 19:33:16 3AA71F6D0F3B0DA12034611B9FCB104F 79 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\53\5b8942b5-6.0.lap

====== C:\WINDOWS\system32 =====

2013-11-25 14:18:38 F0B1660638A5324AFCE1C739D768B3D8 269216 ----a-w- C:\WINDOWS\System32\aswBoot.exe

2013-11-24 11:17:54 B01416804D89B5EC1D206E6DF542DFAB 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl

2013-11-24 11:17:54 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\WINDOWS\System32\javaws.exe

2013-11-24 11:17:39 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\WINDOWS\System32\javaw.exe

2013-11-24 11:17:39 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll

2013-11-24 11:17:39 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\WINDOWS\System32\java.exe

====== C:\WINDOWS\system32\drivers =====

2013-11-25 14:18:43 8BCD47E79EAA40C387D7B9DCEC41DE2D 57672 ----a-w- C:\WINDOWS\System32\drivers\aswTdi.sys

2013-11-25 14:18:42 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys

2013-11-25 14:18:42 BADA8FD627F1D0E22308211C33F0BDB5 178304 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys

2013-11-25 14:18:42 259E864BFB9268CD7CEFA5849A3B374B 403440 ----a-w- C:\WINDOWS\System32\drivers\aswsp.sys

2013-11-25 14:18:41 D5730129EA9ADF7AE710DA0B14F9DE19 35656 ----a-w- C:\WINDOWS\System32\drivers\aswFsBlk.sys

2013-11-25 14:18:41 6F23333C8358D267718F9ECB21CBB6F4 70384 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys

2013-11-25 14:18:41 50C85412AD31F5C0F687F00C2E34C673 774392 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys

2013-11-25 14:18:40 29CB7009F11470A24B1D49849A6118A5 54832 ----a-w- C:\WINDOWS\System32\drivers\aswRdr.sys

====== C:\WINDOWS\Tasks ======

2013-11-25 14:26:21 13CE73B8A40032AED2EAD066F5072FDD 364 ---ha-w- C:\WINDOWS\Tasks\avast! Emergency Update.job

2013-11-22 09:14:55 171E719A8FE7755ADD232C0C0A18AF87 1084 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1580818891-1417001333-1005Core.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-11-28 23:45:49 -------- d-----w- C:\Program Files\trend micro

2013-11-28 11:25:11 -------- d-----w- C:\Program Files\Adblock Plus for IE

2013-11-28 10:55:09 -------- d-----w- C:\Program Files\Dropbox

2013-11-28 10:52:40 35334016 ----a-w- C:\Program Files\Dropbox 2.4.7.exe

======= C: =====

2013-11-29 08:52:31 37D44C9BDE58E6C9BE5B1EE3AC4EC8F4 90 ----a-w- C:\folders.txt

====== C:\Documents and Settings\JULIE\Application Data ======

2013-11-28 11:26:57 -------- d-----w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Adblock Plus for IE

2013-11-28 11:25:13 -------- d-----w- C:\Documents and Settings\JULIE\Application Data\Adblock Plus for IE

2013-11-28 10:54:49 -------- d-----w- C:\Documents and Settings\JULIE\Start Menu\Programs\Dropbox

2013-11-28 10:53:56 -------- d-----w- C:\Documents and Settings\JULIE\Application Data\Dropbox

2013-11-25 14:11:26 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013

====== C:\Documents and Settings\JULIE ======

2013-11-28 23:45:24 B9B5E09AACBCCEC00D4C4452F7ABB8FB 781909 ----a-w- C:\Documents and Settings\JULIE\Desktop\RSIT.exe

2013-11-28 20:25:56 -------- d--h--r- C:\Documents and Settings\JULIE\Recent

====== C: exe-files ==

2013-11-29 08:25:23 18386D0E20887CE1868638511220014D 1272832 ----a-w- C:\RECYCLER\S-1-5-21-1343024091-1580818891-1417001333-1005\Dc1.exe

2013-11-28 23:45:51 FAAE6704627CE37C8E0FB59341604BC5 64467 ----a-w- C:\Program Files\trend micro\JULIE.exe

2013-11-28 23:45:24 B9B5E09AACBCCEC00D4C4452F7ABB8FB 781909 ----a-w- C:\Documents and Settings\JULIE\Desktop\RSIT.exe

2013-11-28 10:55:09 495402813BAC6E506F17306373878F5B 29770248 ----a-w- C:\Program Files\Dropbox\DropboxProxy.exe

2013-11-28 10:52:40 D59FF1C6B3E970350F5B29BF53E16AE5 35334016 ----a-w- C:\Program Files\Dropbox 2.4.7.exe

2013-11-25 14:18:38 F0B1660638A5324AFCE1C739D768B3D8 269216 ----a-w- C:\WINDOWS\system32\aswBoot.exe

2013-11-24 11:17:54 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\WINDOWS\system32\javaws.exe

2013-11-24 11:17:39 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\WINDOWS\system32\javaw.exe

2013-11-24 11:17:39 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\WINDOWS\system32\java.exe

2013-11-24 11:15:22 244ED0E8BA77CFA7CA28BE69B8F14447 915368 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe

2013-11-22 15:17:34 2A6BE138266B9C6A76BEAF931C725EB4 469072 ----a-w- C:\Documents and Settings\JULIE\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe

2013-11-22 09:14:55 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateBroker.exe

2013-11-22 09:14:55 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe

2013-11-22 09:14:54 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

2013-11-22 09:14:54 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateSetup.exe

2013-11-22 09:14:42 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler.exe

2013-11-22 09:14:42 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdate.exe

2013-11-22 09:14:42 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

=== C: other files ==

2013-11-29 08:25:22 BC7ACE2C646A01D194CBBD8B43CAD4DA 1398596 ----a-w- C:\RECYCLER\S-1-5-21-1343024091-1580818891-1417001333-1005\Dc2.com

2013-11-25 14:18:43 8BCD47E79EAA40C387D7B9DCEC41DE2D 57672 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys

2013-11-25 14:18:42 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\WINDOWS\system32\drivers\aswRvrt.sys

2013-11-25 14:18:42 BADA8FD627F1D0E22308211C33F0BDB5 178304 ----a-w- C:\WINDOWS\system32\drivers\aswVmm.sys

2013-11-25 14:18:42 259E864BFB9268CD7CEFA5849A3B374B 403440 ----a-w- C:\WINDOWS\system32\drivers\aswsp.sys

2013-11-25 14:18:41 D5730129EA9ADF7AE710DA0B14F9DE19 35656 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys

2013-11-25 14:18:41 6F23333C8358D267718F9ECB21CBB6F4 70384 ----a-w- C:\WINDOWS\system32\drivers\aswMonFlt.sys

2013-11-25 14:18:41 50C85412AD31F5C0F687F00C2E34C673 774392 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys

2013-11-25 14:18:40 29CB7009F11470A24B1D49849A6118A5 54832 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

"Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn /f"

"panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn /f"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn /f"

"panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn /f"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TkBellExe"="C:\program files\real\realplayer\update\realsched.exe -osboot"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

"Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Reader_sl"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bubble Dock]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LBubble Dock"

"hkey"="HKCU"

"command"="\"C:\\Documents and Settings\\GX620\\Application Data\\Nosibay\\Bubble Dock\\LBubble Dock.exe\" /winstartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON BX300F Series]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="E_SBA"

"hkey"="HKCU"

"command"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIEJE.EXE /FU \"C:\\WINDOWS\\TEMP\\E_SBA.tmp\" /EF \"HKCU\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanguageShortcut]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Language"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OPTENET_GUI]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="optgui"

"hkey"="HKLM"

"command"="C:\\PROGRA~1\\CONTRO~1\\bin\\optgui.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="qttask"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\snp2std]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="vsnp2std"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\vsnp2std.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMAXPnP]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="smax4pnp"

"hkey"="HKLM"

"command"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\tisapeksyrte]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="tisapeksyrte"

"hkey"="HKCU"

"command"="C:\\Documents and Settings\\JULIE\\tisapeksyrte.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="realsched"

"hkey"="HKLM"

"command"="\"C:\\program files\\real\\realplayer\\update\\realsched.exe\" -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"

"backup"="C:\\WINDOWS\\pss\\McAfee Security Scan Plus.lnkCommon Startup"

"command"="C:\\PROGRA~1\\MCAFEE~1\\30982A~1.207\\SSSCHE~1.EXE "

"item"="McAfee Security Scan Plus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

==== Startup Folders ======================

2013-11-28 13:49:53 1024 ----a-w- C:\Documents and Settings\JULIE\Start Menu\Programs\Startup\Dropbox.lnk

2013-06-29 14:33:27 695 ----a-w- C:\Documents and Settings\JULIE\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [02/09/2012 10:25]

C:\WINDOWS\tasks\avast\Undetermined Task.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12/03/2010 21:08]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12/03/2010 21:08]

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1580818891-1417001333-1005Core.job --a------ [undetermined Task]

C:\WINDOWS\tasks\ReclaimerResumeInstall_JULIE.job --a------ C:\Documents and Settings\JULIE\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe [22/11/2013 16:17]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [11/11/2012 14:11]

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{336D0C35-8A85-403a-B9D2-65C292C39087}"="C:\Program Files\Web Assistant\Firefox" []

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox

- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default

E5AF72B7353FF8D431A7C463A4229524 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash

6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U45

7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

4469481C70FB8FF1A85064DDCE03BF49 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.2

951D672F07618CB0783D57EBD65A6EEC - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.2

D53B3F53C1D01D340E9172CC6F2D6385 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.2

B96B53C659E607F7C1E0AD61D8BD57EB - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.2

B6EF669108C9904ACB9933D836733EBA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.2

3565E1D67807EC10A1E26ED42B42B8F2 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.2

652F8CCB343D0CC33D44146CB2948C0D - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.2

256C847CD03160C9088FB440DB929448 - c:\program files\real\realplayer\Netscape6\nprjplug.dll - RealJukebox NS Plugin

555E65306A5D3A5978BE74E1DD62CDD9 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks Chrome Background Extension Plug-In (32-bit)

E32771B0AE3F18CEFFC12D682025238A - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit)

2DC6257A367A6182E40F748D0396AAF9 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)

1E3AA02F2C91A2B25EFB4E355160CDCA - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin

9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In

1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat

1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

B0753E73FF63F485521A9DDEB7DE91EB - C:\Program Files\Musicnotes\npmusicn.dll - Musicnotes

0DD1E0A385B888107A1F9206189596CF - C:\Program Files\Musicnotes\NPSibelius.dll - ScorchPlugin

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight

68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

algijfiaiapkekcjonmjfiniajogplli - C:\Documents and Settings\All Users\Application Data\Bcool\algijfiaiapkekcjonmjfiniajogplli.crx[]

jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[11/11/2012 14:11]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/10/2013 09:59]

nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files\TornTV.com\torn2_10.crx[]

RealPlayer HTML5Video Downloader Extension - GX620 - Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk

==== Chrome Fix ======================

C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx deleted successfully

C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail"

"Default_page_url"="Google"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_page_url"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Start Page"="MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{71047469-F76E-4705-8116-96756417035D}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{21219173-FB2A-4E4B-81DF-CF52DE0AC492} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{71047469-F76E-4705-8116-96756417035D} Google Url="{searchTerms} - Google Search?}"

==== Reset Google Chrome ======================

C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Internet Explorer\SearchScopes\{21219173-FB2A-4E4B-81DF-CF52DE0AC492} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\algijfiaiapkekcjonmjfiniajogplli deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bubble Dock deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPTENET_GUI deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tisapeksyrte deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\GX620\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\GX620\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\JULIE\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\JULIE\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\JULIE\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\All Users\Start Menu\Programs\Fingers for Windows" not deleted

"C:\Documents and Settings\All Users\Start Menu\Programs\Recuva" not deleted

"C:\Documents and Settings\All Users\Start Menu\Programs\Reflex'English Cambridge" not deleted

==== EOF on 29/11/2013 at 10:11:53,17 ======================

Link naar reactie
Delen op andere sites

Bedankt Kape,

Hierbij het log:

Zoek.exe Version 4.0.0.5 Updated 24-November-2013

Tool run by JULIE on 29/11/2013 at 9:34:46,62.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\JULIE\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

29/11/2013 09:51:25 Zoek.exe System Restore Point Created Succesfully.

==== Possible Rootkit Infection ======================

C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Desktop\Install

==== Empty Folders Check ======================

C:\Program Files\Acro Software deleted successfully

C:\Program Files\File Type Assistant deleted successfully

C:\Program Files\Free PDF to Word Doc Converter deleted successfully

C:\Program Files\MSXML 4.0 deleted successfully

C:\Program Files\NirSoft deleted successfully

C:\Program Files\Common Files\PDF Architect deleted successfully

C:\Documents and Settings\All Users\Start Menu\Programs\Free PDF to Word Doc Converter deleted successfully

C:\Documents and Settings\All Users\Application Data\Musicnotes deleted successfully

C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully

C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} deleted successfully

C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} deleted successfully

C:\Documents and Settings\GX620\Application Data\Media Player Classic deleted successfully

C:\Documents and Settings\JULIE\Application Data\Sweetpacks deleted successfully

C:\Documents and Settings\JULIE\Application Data\uTorrent deleted successfully

C:\Documents and Settings\JULIE\Local Settings\Application Data\Avg2013 deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default\prefs.js:

Added to C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\prefs.js:

user_pref("browser.startup.homepage", "Yahoo France");

user_pref("browser.search.defaultenginename", "Yahoo");

user_pref("browser.search.selectedEngine", "Yahoo");

user_pref("keyword.URL", "Yahoo Search - Recherche Web=");

Added to C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

==== Deleting Files \ Folders ======================

C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found

C:\Documents and Settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} not found

C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} not found

C:\Documents and Settings\JULIE\usrusmt2.tmp deleted

C:\Documents and Settings\All Users\Application Data\InstallMate deleted

C:\Documents and Settings\All Users\Application Data\Package Cache deleted

C:\Documents and Settings\GX620\Local Settings\Application Data\BearShare deleted

C:\Documents and Settings\JULIE\Local Settings\Application Data\Software deleted

C:\Documents and Settings\LocalService\Local Settings\Application Data\Software deleted

C:\user.js deleted

"C:\WINDOWS\tasks\AVG_REG_0913b.job" deleted

"C:\WINDOWS\tasks\AVG_SYS_TASK_DELETE.job" deleted

"C:\WINDOWS\tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job" deleted

"C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job" deleted

"C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job" deleted

"C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job" deleted

"C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1003.job" deleted

"C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1004.job" deleted

"C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1580818891-1417001333-1005.job" deleted

"C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55\F8BAA3F3C992E6890000F8B9AB3DEA55" deleted

"C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55\F8BAA3F3C992E6890000F8B9AB3DEA55.ico" deleted

"C:\Documents and Settings\All Users\Application Data\F8BAA3F3C992E6890000F8B9AB3DEA55" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2013-11-25 14:18:33 D0FBC21805855396820D9C8A6A082A6A 43152 ----a-w- C:\WINDOWS\avastSS.scr

====== C:\DOCUME~1\JULIE\LOCALS~1\Temp ====

2013-11-24 11:15:22 244ED0E8BA77CFA7CA28BE69B8F14447 915368 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe

====== Java Cache =====

2013-11-27 19:33:17 76C8396B8DFA77938A919B13CA2BF6D9 10061 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\2\5b00f142-48058456

2013-11-27 19:33:16 3AA71F6D0F3B0DA12034611B9FCB104F 79 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\53\5b8942b5-6.0.lap

====== C:\WINDOWS\system32 =====

2013-11-25 14:18:38 F0B1660638A5324AFCE1C739D768B3D8 269216 ----a-w- C:\WINDOWS\System32\aswBoot.exe

2013-11-24 11:17:54 B01416804D89B5EC1D206E6DF542DFAB 145408 ----a-w- C:\WINDOWS\System32\javacpl.cpl

2013-11-24 11:17:54 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\WINDOWS\System32\javaws.exe

2013-11-24 11:17:39 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\WINDOWS\System32\javaw.exe

2013-11-24 11:17:39 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll

2013-11-24 11:17:39 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\WINDOWS\System32\java.exe

====== C:\WINDOWS\system32\drivers =====

2013-11-25 14:18:43 8BCD47E79EAA40C387D7B9DCEC41DE2D 57672 ----a-w- C:\WINDOWS\System32\drivers\aswTdi.sys

2013-11-25 14:18:42 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys

2013-11-25 14:18:42 BADA8FD627F1D0E22308211C33F0BDB5 178304 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys

2013-11-25 14:18:42 259E864BFB9268CD7CEFA5849A3B374B 403440 ----a-w- C:\WINDOWS\System32\drivers\aswsp.sys

2013-11-25 14:18:41 D5730129EA9ADF7AE710DA0B14F9DE19 35656 ----a-w- C:\WINDOWS\System32\drivers\aswFsBlk.sys

2013-11-25 14:18:41 6F23333C8358D267718F9ECB21CBB6F4 70384 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys

2013-11-25 14:18:41 50C85412AD31F5C0F687F00C2E34C673 774392 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys

2013-11-25 14:18:40 29CB7009F11470A24B1D49849A6118A5 54832 ----a-w- C:\WINDOWS\System32\drivers\aswRdr.sys

====== C:\WINDOWS\Tasks ======

2013-11-25 14:26:21 13CE73B8A40032AED2EAD066F5072FDD 364 ---ha-w- C:\WINDOWS\Tasks\avast! Emergency Update.job

2013-11-22 09:14:55 171E719A8FE7755ADD232C0C0A18AF87 1084 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1580818891-1417001333-1005Core.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-11-28 23:45:49 -------- d-----w- C:\Program Files\trend micro

2013-11-28 11:25:11 -------- d-----w- C:\Program Files\Adblock Plus for IE

2013-11-28 10:55:09 -------- d-----w- C:\Program Files\Dropbox

2013-11-28 10:52:40 35334016 ----a-w- C:\Program Files\Dropbox 2.4.7.exe

======= C: =====

2013-11-29 08:52:31 37D44C9BDE58E6C9BE5B1EE3AC4EC8F4 90 ----a-w- C:\folders.txt

====== C:\Documents and Settings\JULIE\Application Data ======

2013-11-28 11:26:57 -------- d-----w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Adblock Plus for IE

2013-11-28 11:25:13 -------- d-----w- C:\Documents and Settings\JULIE\Application Data\Adblock Plus for IE

2013-11-28 10:54:49 -------- d-----w- C:\Documents and Settings\JULIE\Start Menu\Programs\Dropbox

2013-11-28 10:53:56 -------- d-----w- C:\Documents and Settings\JULIE\Application Data\Dropbox

2013-11-25 14:11:26 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013

====== C:\Documents and Settings\JULIE ======

2013-11-28 23:45:24 B9B5E09AACBCCEC00D4C4452F7ABB8FB 781909 ----a-w- C:\Documents and Settings\JULIE\Desktop\RSIT.exe

2013-11-28 20:25:56 -------- d--h--r- C:\Documents and Settings\JULIE\Recent

====== C: exe-files ==

2013-11-29 08:25:23 18386D0E20887CE1868638511220014D 1272832 ----a-w- C:\RECYCLER\S-1-5-21-1343024091-1580818891-1417001333-1005\Dc1.exe

2013-11-28 23:45:51 FAAE6704627CE37C8E0FB59341604BC5 64467 ----a-w- C:\Program Files\trend micro\JULIE.exe

2013-11-28 23:45:24 B9B5E09AACBCCEC00D4C4452F7ABB8FB 781909 ----a-w- C:\Documents and Settings\JULIE\Desktop\RSIT.exe

2013-11-28 10:55:09 495402813BAC6E506F17306373878F5B 29770248 ----a-w- C:\Program Files\Dropbox\DropboxProxy.exe

2013-11-28 10:52:40 D59FF1C6B3E970350F5B29BF53E16AE5 35334016 ----a-w- C:\Program Files\Dropbox 2.4.7.exe

2013-11-25 14:18:38 F0B1660638A5324AFCE1C739D768B3D8 269216 ----a-w- C:\WINDOWS\system32\aswBoot.exe

2013-11-24 11:17:54 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\WINDOWS\system32\javaws.exe

2013-11-24 11:17:39 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\WINDOWS\system32\javaw.exe

2013-11-24 11:17:39 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\WINDOWS\system32\java.exe

2013-11-24 11:15:22 244ED0E8BA77CFA7CA28BE69B8F14447 915368 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe

2013-11-22 15:17:34 2A6BE138266B9C6A76BEAF931C725EB4 469072 ----a-w- C:\Documents and Settings\JULIE\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe

2013-11-22 09:14:55 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateBroker.exe

2013-11-22 09:14:55 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe

2013-11-22 09:14:54 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

2013-11-22 09:14:54 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateSetup.exe

2013-11-22 09:14:42 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler.exe

2013-11-22 09:14:42 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdate.exe

2013-11-22 09:14:42 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

=== C: other files ==

2013-11-29 08:25:22 BC7ACE2C646A01D194CBBD8B43CAD4DA 1398596 ----a-w- C:\RECYCLER\S-1-5-21-1343024091-1580818891-1417001333-1005\Dc2.com

2013-11-25 14:18:43 8BCD47E79EAA40C387D7B9DCEC41DE2D 57672 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys

2013-11-25 14:18:42 F385467DF95D0A73775CB3B076B8B969 49944 ----a-w- C:\WINDOWS\system32\drivers\aswRvrt.sys

2013-11-25 14:18:42 BADA8FD627F1D0E22308211C33F0BDB5 178304 ----a-w- C:\WINDOWS\system32\drivers\aswVmm.sys

2013-11-25 14:18:42 259E864BFB9268CD7CEFA5849A3B374B 403440 ----a-w- C:\WINDOWS\system32\drivers\aswsp.sys

2013-11-25 14:18:41 D5730129EA9ADF7AE710DA0B14F9DE19 35656 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys

2013-11-25 14:18:41 6F23333C8358D267718F9ECB21CBB6F4 70384 ----a-w- C:\WINDOWS\system32\drivers\aswMonFlt.sys

2013-11-25 14:18:41 50C85412AD31F5C0F687F00C2E34C673 774392 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys

2013-11-25 14:18:40 29CB7009F11470A24B1D49849A6118A5 54832 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

"Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn /f"

"panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn /f"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn /f"

"panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn /f"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TkBellExe"="C:\program files\real\realplayer\update\realsched.exe -osboot"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

"Google Update"="C:\Documents and Settings\JULIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AdobeARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Reader_sl"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bubble Dock]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LBubble Dock"

"hkey"="HKCU"

"command"="\"C:\\Documents and Settings\\GX620\\Application Data\\Nosibay\\Bubble Dock\\LBubble Dock.exe\" /winstartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EPSON BX300F Series]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="E_SBA"

"hkey"="HKCU"

"command"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIEJE.EXE /FU \"C:\\WINDOWS\\TEMP\\E_SBA.tmp\" /EF \"HKCU\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanguageShortcut]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Language"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OPTENET_GUI]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="optgui"

"hkey"="HKLM"

"command"="C:\\PROGRA~1\\CONTRO~1\\bin\\optgui.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="qttask"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\snp2std]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="vsnp2std"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\vsnp2std.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMAXPnP]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="smax4pnp"

"hkey"="HKLM"

"command"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\tisapeksyrte]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="tisapeksyrte"

"hkey"="HKCU"

"command"="C:\\Documents and Settings\\JULIE\\tisapeksyrte.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="realsched"

"hkey"="HKLM"

"command"="\"C:\\program files\\real\\realplayer\\update\\realsched.exe\" -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"

"backup"="C:\\WINDOWS\\pss\\McAfee Security Scan Plus.lnkCommon Startup"

"command"="C:\\PROGRA~1\\MCAFEE~1\\30982A~1.207\\SSSCHE~1.EXE "

"item"="McAfee Security Scan Plus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

==== Startup Folders ======================

2013-11-28 13:49:53 1024 ----a-w- C:\Documents and Settings\JULIE\Start Menu\Programs\Startup\Dropbox.lnk

2013-06-29 14:33:27 695 ----a-w- C:\Documents and Settings\JULIE\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [02/09/2012 10:25]

C:\WINDOWS\tasks\avast\Undetermined Task.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12/03/2010 21:08]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12/03/2010 21:08]

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1580818891-1417001333-1005Core.job --a------ [undetermined Task]

C:\WINDOWS\tasks\ReclaimerResumeInstall_JULIE.job --a------ C:\Documents and Settings\JULIE\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe [22/11/2013 16:17]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [11/11/2012 14:11]

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{336D0C35-8A85-403a-B9D2-65C292C39087}"="C:\Program Files\Web Assistant\Firefox" []

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox

- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\JULIE\Application Data\Mozilla\Firefox\Profiles\qud148ew.default

E5AF72B7353FF8D431A7C463A4229524 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash

6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U45

7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

4469481C70FB8FF1A85064DDCE03BF49 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.2

951D672F07618CB0783D57EBD65A6EEC - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.2

D53B3F53C1D01D340E9172CC6F2D6385 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.2

B96B53C659E607F7C1E0AD61D8BD57EB - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.2

B6EF669108C9904ACB9933D836733EBA - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.2

3565E1D67807EC10A1E26ED42B42B8F2 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.2

652F8CCB343D0CC33D44146CB2948C0D - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.2

256C847CD03160C9088FB440DB929448 - c:\program files\real\realplayer\Netscape6\nprjplug.dll - RealJukebox NS Plugin

555E65306A5D3A5978BE74E1DD62CDD9 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks Chrome Background Extension Plug-In (32-bit)

E32771B0AE3F18CEFFC12D682025238A - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit)

2DC6257A367A6182E40F748D0396AAF9 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)

1E3AA02F2C91A2B25EFB4E355160CDCA - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin

9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0 begin_of_the_skype_highlighting numbers_button_skype_logo.png5.1.10411.0 FREE end_of_the_skype_highlighting\npctrl.dll - Silverlight Plug-In

1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat

1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

B0753E73FF63F485521A9DDEB7DE91EB - C:\Program Files\Musicnotes\npmusicn.dll - Musicnotes

0DD1E0A385B888107A1F9206189596CF - C:\Program Files\Musicnotes\NPSibelius.dll - ScorchPlugin

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0 begin_of_the_skype_highlighting numbers_button_skype_logo.png5.1.10411.0 FREE end_of_the_skype_highlighting\npctrlui.dll - Microsoft® Silverlight

68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

algijfiaiapkekcjonmjfiniajogplli - C:\Documents and Settings\All Users\Application Data\Bcool\algijfiaiapkekcjonmjfiniajogplli.crx[]

jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[11/11/2012 14:11]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/10/2013 09:59]

nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files\TornTV.com\torn2_10.crx[]

RealPlayer HTML5Video Downloader Extension - GX620 - Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk

==== Chrome Fix ======================

C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx deleted successfully

C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail"

"Default_page_url"="Google"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_page_url"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Start Page"="MSN.fr - Actualités, magazines people & féminin, Outlook et Hotmail"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{71047469-F76E-4705-8116-96756417035D}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found"

{21219173-FB2A-4E4B-81DF-CF52DE0AC492} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{71047469-F76E-4705-8116-96756417035D} Google Url="{searchTerms} - Google Search?}"

==== Reset Google Chrome ======================

C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-1343024091-1580818891-1417001333-1005\Software\Microsoft\Internet Explorer\SearchScopes\{21219173-FB2A-4E4B-81DF-CF52DE0AC492} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\algijfiaiapkekcjonmjfiniajogplli deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bubble Dock deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPTENET_GUI deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tisapeksyrte deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\GX620\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\GX620\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\JULIE\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Documents and Settings\GX620\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\JULIE\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\JULIE\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\All Users\Start Menu\Programs\Fingers for Windows" not deleted

"C:\Documents and Settings\All Users\Start Menu\Programs\Recuva" not deleted

"C:\Documents and Settings\All Users\Start Menu\Programs\Reflex'English Cambridge" not deleted

==== EOF on 29/11/2013 at 10:11:53,17 ======================

Link naar reactie
Delen op andere sites

Kape,

Werkt al een stuk beter. Pagina MSN.fr kon ik via SOLUDO veranderen. Wat nog altijd niet werkt is INTERNET OPTIONS (ook niet via controle panel)

Als ik erop klik flits het menu even op en verdwijnt dan weer.

Kan dit verholpen worden?

Avast weer gewisseld voor Comodo.

Mvg,

Peter

Link naar reactie
Delen op andere sites

Kape,

Werkt al een stuk beter. Pagina MSN.fr kon ik via SOLUDO veranderen. Wat nog altijd niet werkt is INTERNET OPTIONS (ook niet via controle panel)

Als ik erop klik flits het menu even op en verdwijnt dan weer.

Kan dit verholpen worden?

Avast weer gewisseld voor Comodo.

Mvg,

Peter

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.