waarschijnlijk malware en virus probleem

Goedeavond,

IK heb al een tijdje last van het volgende:

1 - Mijn programma Malware bytes anti malware versie 1.75.0.1300 kan niet geopend worden. De volgende boodschap verschijnt:

"Run-time error '339':

Component 'ieframe.dll' or one of it's dependencies not correctly registered: a fil is missing or invalid.

2 - Mijn programma Reimage repair wordt niet geopend. De volgende melding krijg ik.

"Reimage - windows problem relief.

Failed to create empty document.

3 - Het programma Aro 2013 wordt helemaal niet geopend

4 - Als ik films download via de pirate bay worden er opeens andere advertentie sites opgestart.

Ik heb malware bytes, aro 2013 en reimage repair eraf gegooid en opnieuw gedownload, maar de problemen blijven hetzelfde.

Ook heb ik een scan gedaan met spy hunter die heeft wel wat gevonden, maar de problemen blijven. Ik heb mijn c schijf gecontroleerd die was bijna vol nogmaar 2 gigabite geheugen, veel verwijderd nu ongeveer 17 gigabite over. Kunt u mij alstublieft helpen, ik ben hier al dagen mee bezig maar ik kom er niet uit.

Met vriendelijke groet,

D. Bank

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

Hier is mijn logje zoals je gevraagd had

Logfile of random's system information tool 1.09 (written by random/random)

Run by Barbie at 2013-12-19 18:09:33

Microsoft Windows XP Professional Service Pack 3

System drive C: has 19 GB (50%) free of 38 GB

Total RAM: 1015 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:10:30, on 19-12-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe

C:\Program Files\Thomson\TG122n\WlanCU.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Barbie\Bureaublad\RSIT.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\trend micro\Barbie.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = PC Helpforum - Gratis hulp bij computer problemen firefox/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O1 - Hosts: 127\Device\HarddiskVolume1\Program Files\Java\jre7\bin\javaw.exe127.0.0.1 ferreari.it

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)

O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\4389e9f1-ae57-4fc7-8ff0-52821b0e76a2.exe /check

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe

O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe

O24 - Desktop Component AutorunsDisabled: (no name) - (no file)

--

End of file - 6006 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\At1.job

C:\WINDOWS\tasks\At2.job

C:\WINDOWS\tasks\avast! Emergency Update.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\OGALogon.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\9i26fnay.default-1387215526984

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "https://www.google.nl/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.170 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]

"Description"=DivX VOD Helper Plug-in

"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]

"Description"=DivX Web Player

"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]

"Description"=VLC Multimedia Plugin

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]

"Description"=VLC Multimedia Plugin

"Path"=F:\Muziek en programma's\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]

"Description"=VLC Multimedia Plugin

"Path"=F:\Muziek en programma's\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]

"Description"=VLC Multimedia Plugin

"Path"=F:\Muziek en programma's\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]

"Description"=VLC Multimedia Plugin

"Path"=F:\Muziek en programma's\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

staged

C:\Program Files\Mozilla Firefox\components\

nsIBitCometAgent.xpt

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\9i26fnay.default-1387215526984\searchplugins\

Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ContentTransferWMDetector.exe"=C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [2009-11-19 583016]

"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [2003-03-09 188416]

"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-08-29 1861968]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-17 3764024]

"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\4389e9f1-ae57-4fc7-8ff0-52821b0e76a2.exe [2013-11-23 180184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Barbie^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk]

F:\programma mappen\Program Files\LimeWire\LimeWire.exe -startup []

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten

ICIDU 11n USB Wireless LAN Utility.lnk - C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe

Wireless Configuration Utility.lnk - C:\Program Files\Thomson\TG122n\WlanCU.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2007-08-24 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=221

"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

"NoDriveAutoRun"=67108863

"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"

"C:\Program Files\DownloadManager\jre\bin\javaw.exe"="C:\Program Files\DownloadManager\jre\bin\javaw.exe:*:Enabled:Java Platform SE binary"

"C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe"="C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe:*:Enabled:RtWlan"

"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"

"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"

"F:\Muziek en programma's\VLC\vlc.exe"="F:\Muziek en programma's\VLC\vlc.exe:*:Enabled:VLC media player"

"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"F:\Muziek en programma's\BTSync.exe"="F:\Muziek en programma's\BTSync.exe:*:Enabled:BitTorrent Sync"

"C:\Documents and Settings\Barbie\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Barbie\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Installer voor AVG"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=l3codecp.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"VIDC.WMV3"=wmv9vcm.dll

"VIDC.FFDS"=ff_vfw.dll

"msacm.avis"=ff_acm.acm

"vidc.DIVX"=DivX.dll

"vidc.yv12"=DivX.dll

"VIDC.LAGS"=lagarith.dll

"vidc.XVID"=xvidvfw.dll

======List of files/folders created in the last 1 month======

2013-12-19 18:09:33 ----D---- C:\rsit

2013-12-19 18:09:33 ----D---- C:\Program Files\trend micro

2013-12-18 19:19:03 ----D---- C:\Program Files\Reimage

2013-12-18 19:18:58 ----D---- C:\rei

2013-12-18 17:11:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2013-12-18 17:11:07 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2013-12-18 17:02:03 ----D---- C:\AdwCleaner

2013-12-18 17:00:45 ----D---- C:\Documents and Settings\Barbie\Application Data\Sammsoft

2013-12-18 14:54:19 ----D---- C:\Documents and Settings\Barbie\Application Data\JAM Software

2013-12-18 14:54:06 ----D---- C:\Program Files\JAM Software

2013-12-18 00:27:47 ----D---- C:\Program Files\Defraggler

2013-12-17 22:47:17 ----D---- C:\Documents and Settings\Barbie\Application Data\Malwarebytes

2013-12-17 19:50:48 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2013-12-17 19:50:32 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2013-12-17 18:14:35 ----D---- C:\Documents and Settings\Barbie\Application Data\eCyber

2013-12-12 19:41:54 ----D---- C:\Program Files\Mozilla Firefox

2013-12-12 03:20:27 ----D---- C:\Program Files\Common Files\ODBC

2013-12-11 19:24:22 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

2013-11-28 18:20:53 ----D---- C:\Documents and Settings\Barbie\Application Data\AVG2013

2013-11-28 18:16:43 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2013

2013-11-28 18:14:14 ----D---- C:\Program Files\AVG

2013-11-28 18:11:16 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData

2013-11-26 17:56:27 ----D---- C:\Avenger

2013-11-25 21:03:32 ----D---- C:\Documents and Settings\Barbie\Application Data\licenses

2013-11-25 21:03:29 ----D---- C:\Documents and Settings\Barbie\Application Data\PCMM2009

2013-11-25 21:03:18 ----D---- C:\Documents and Settings\Barbie\Application Data\PCMM2013

2013-11-25 20:40:45 ----D---- C:\Program Files\Notificatoin

2013-11-25 20:40:41 ----D---- C:\ProgramData

2013-11-21 19:26:54 ----D---- C:\Documents and Settings\Barbie\Application Data\Opera Software

2013-11-20 03:19:04 ----A---- C:\WINDOWS\system32\drivers\aswndis2.sys

======List of files/folders modified in the last 1 month======

2013-12-19 18:10:13 ----D---- C:\WINDOWS\system32\drivers\etc

2013-12-19 18:09:33 ----RD---- C:\Program Files

2013-12-19 18:09:15 ----D---- C:\WINDOWS\Prefetch

2013-12-19 18:07:07 ----D---- C:\WINDOWS\Temp

2013-12-19 18:00:41 ----D---- C:\Documents and Settings\Barbie\Application Data\uTorrent

2013-12-19 18:00:05 ----D---- C:\WINDOWS

2013-12-18 22:34:19 ----N---- C:\WINDOWS\SchedLgU.Txt

2013-12-18 22:34:15 ----D---- C:\WINDOWS\system32\CatRoot2

2013-12-18 20:32:52 ----D---- C:\WINDOWS\Debug

2013-12-18 20:00:04 ----A---- C:\WINDOWS\reimage.ini

2013-12-18 19:17:28 ----D---- C:\WINDOWS\system32

2013-12-18 17:30:18 ----D---- C:\WINDOWS\system32\drivers

2013-12-18 17:00:29 ----D---- C:\Program Files\ARO 2013

2013-12-18 16:48:40 ----D---- C:\Documents and Settings\Barbie\Application Data\DriverTurbo

2013-12-18 16:42:39 ----SHD---- C:\WINDOWS\Installer

2013-12-18 16:42:36 ----D---- C:\WINDOWS\WinSxS

2013-12-18 16:30:02 ----D---- C:\Documents and Settings\All Users\Application Data\Common Toolkit Suite

2013-12-18 16:28:02 ----D---- C:\Program Files\Common Files

2013-12-18 16:23:50 ----RD---- C:\WINDOWS\Offline Web Pages

2013-12-18 13:15:16 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-12-17 23:00:18 ----D---- C:\Documents and Settings\Barbie\Application Data\Opera

2013-12-17 20:06:50 ----SD---- C:\WINDOWS\Tasks

2013-12-17 20:06:34 ----A---- C:\WINDOWS\system32\aswBoot.exe

2013-12-17 19:27:35 ----D---- C:\WINDOWS\SoftwareDistribution

2013-12-17 18:24:15 ----D---- C:\WINDOWS\system32\wbem

2013-12-17 18:19:27 ----D---- C:\WINDOWS\system32\LogFiles

2013-12-17 18:19:26 ----SD---- C:\WINDOWS\Downloaded Program Files

2013-12-17 18:13:56 ----RSD---- C:\WINDOWS\Fonts

2013-12-15 20:30:47 ----D---- C:\Documents and Settings\Barbie\Application Data\vlc

2013-12-15 14:05:07 ----D---- C:\WINDOWS\system32\config

2013-12-12 20:57:25 ----D---- C:\Program Files\Mozilla Maintenance Service

2013-12-12 07:01:25 ----HD---- C:\WINDOWS\inf

2013-12-12 07:01:14 ----D---- C:\Program Files\Internet Explorer

2013-12-12 07:01:01 ----D---- C:\WINDOWS\ie8updates

2013-12-11 20:25:00 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2013-12-11 13:24:42 ----D---- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader

2013-12-07 19:47:47 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip

2013-12-06 21:43:44 ----D---- C:\Program Files\Common Files\DVDVideoSoft

2013-12-06 21:43:08 ----RSD---- C:\WINDOWS\assembly

2013-12-06 21:43:05 ----D---- C:\Documents and Settings\Barbie\Application Data\DVDVideoSoft

2013-12-01 14:42:48 ----A---- C:\WINDOWS\system32\MRT.exe

2013-11-27 18:04:18 ----D---- C:\Downloads

2013-11-21 22:31:09 ----D---- C:\WINDOWS\searchplugins

2013-11-20 14:27:13 ----D---- C:\Documents and Settings\All Users\Application Data\Norton

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-10-30 49944]

R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-12-17 180248]

R0 gfibto;gfibto; C:\WINDOWS\system32\drivers\gfibto.sys [2013-06-20 13560]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2013-09-10 466008]

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2010-10-18 82380]

R1 AswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []

R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []

R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []

R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-10-14 56080]

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]

R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-07 12032]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-12-07 21361]

R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []

R2 WLNdis50;Wireless Lan NDIS Protocol I/O Control; C:\WINDOWS\system32\DRIVERS\wlndis50.sys [2008-02-27 20480]

R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-07-25 176640]

R3 HdAudAddService;Microsoft UAA-functiestuurprogramma voor High Definition Audio-service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]

R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-24 5776928]

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-07 12288]

R3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S0 lyxooctl;lyxooctl; C:\WINDOWS\System32\drivers\onaoq.sys []

S1 iSafeNetFilter;iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys []

S1 jdbkjbbn;jdbkjbbn; \??\C:\WINDOWS\system32\drivers\jdbkjbbn.sys []

S1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

S2 aswFsBlk;aswFsBlk; \??\C:\WINDOWS\system32\drivers\aswFsBlk.sys []

S3 catchme;catchme; \??\C:\DOCUME~1\Barbie\LOCALS~1\Temp\catchme.sys []

S3 cnnctfy2MP;cnnctfy2MP; C:\WINDOWS\system32\DRIVERS\cnnctfy2.sys []

S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]

S3 iSafeKrnl;iSafeKrnl; \??\C:\Program Files\iSafe\iSafeKrnl.sys []

S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []

S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]

S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]

S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192su.sys [2009-08-05 588032]

S3 SONYPVU1;Sony USB-filterstuurrapparaat (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]

S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]

S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-17 50344]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-17 182696]

R2 ReimageRealTimeProtection;Reimage Real Time Protection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [2013-11-07 4019560]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 WLSVC;WLSVC; C:\Program Files\Thomson\TG122n\WLSVC.exe [2009-02-11 167936]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-13 116648]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-13 116648]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-12 119408]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]

S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 917504]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

19 december 2013 aangepast door kape
quote verwijderd

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
 {761497BB-D6F0-462C-B6EB-D4DAF1D92D43};c
 {DBC80044-A445-435b-BC74-9C25C1C588A9};c
 C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm;f
 C:\WINDOWS\tasks\At1.job;f
 C:\WINDOWS\tasks\At2.job;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}];r
 C:\Documents and Settings\All Users\Application Data\YTD Video Downloader;fs
 C:\WINDOWS\searchplugins;fs
 startupall; 
filesrcm;
resethosts;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Deep Scan
  
  
• IE Defaults
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

Hier is het 2e logje:

Zoek.exe v5.0.0.0 Updated 18-December-2013

Tool run by Barbie on do 19-12-2013 at 20:23:57,98.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Barbie\Bureaublad\zoek\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

19-12-2013 20:27:19 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\7-Zip deleted successfully

C:\Program Files\Notificatoin deleted successfully

C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite deleted successfully

C:\Documents and Settings\All Users\Application Data\TuneUp360 deleted successfully

C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully

C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted successfully

C:\Documents and Settings\All Users\Application Data\{BECCA440-C137-43CD-BA7B-AE580F9F6D17} deleted successfully

C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully

C:\Documents and Settings\Barbie\Application Data\CheckPoint deleted successfully

C:\Documents and Settings\Barbie\Application Data\Media Player Classic deleted successfully

C:\Documents and Settings\Barbie\Application Data\MyHeritage deleted successfully

C:\Documents and Settings\Barbie\Application Data\Nico Mak Computing deleted successfully

C:\Documents and Settings\Barbie\Application Data\Opera deleted successfully

C:\Documents and Settings\Barbie\Application Data\Opera Software deleted successfully

C:\Documents and Settings\Barbie\Application Data\ProjectWhois deleted successfully

C:\Documents and Settings\Barbie\Application Data\Solvusoft deleted successfully

C:\Documents and Settings\Barbie\Application Data\WinRAR deleted successfully

C:\Documents and Settings\LocalService\Application Data\Apple Computer deleted successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\7-Zip Uninstaller deleted successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Downloaded Installations deleted successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Opera deleted successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Opera Software deleted successfully

C:\Documents and Settings\LocalService\Local Settings\Application Data\Google deleted successfully

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe

C:\Program Files\Thomson\TG122n\WlanCU.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\Barbie\Bureaublad\zoek\zoek.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k imgsvc

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeKrnl deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\iSafeKrnl deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeNetFilter deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\iSafeNetFilter deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_19-12-2013_2042_.backup

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\9i26fnay.default-1387215526984

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_19-12-2013_2042_.backup

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046

user.js not found

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- FireFox user.js and prefs.js backups ----

prefs_19-12-2013_2042_.backup

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_19-12-2013_2042_.backup

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_06-06-2013_1911_.backup

prefs_19-12-2013_2042_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

==== Deleting Files \ Folders ======================

C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found

C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936} not found

C:\Documents and Settings\All Users\Application Data\{BECCA440-C137-43CD-BA7B-AE580F9F6D17} not found

C:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found

C:\Documents and Settings\All Users\Application Data\YTD Video Downloader deleted

C:\WINDOWS\searchplugins deleted

C:\Documents and Settings\Barbie\AppData\LocalLow\{90BA7902-D332-33D8-38F8-A1F5CEDF96CF} deleted

C:\Program Files\ARO 2013 deleted

C:\Program Files\Common Files\DVDVideoSoft\bin deleted

C:\Program Files\Chrome deleted

C:\extensions deleted

C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\YAC.lnk deleted

C:\Documents and Settings\Barbie\Application Data\SecureSearch deleted

C:\Documents and Settings\Barbie\Application Data\eCyber deleted

C:\Documents and Settings\Barbie\Application Data\Sammsoft deleted

C:\Documents and Settings\Barbie\Mijn documenten\Mijn muziek\Qtrax Media Library deleted

C:\Documents and Settings\All Users\Application Data\lpm.dat deleted

C:\Documents and Settings\All Users\Application Data\InstallMate deleted

C:\Documents and Settings\All Users\Menu Start\Programma's\ARO 2013 deleted

C:\Documents and Settings\All Users\Menu Start\Programma's\YTD Video Downloader deleted

C:\Documents and Settings\All Users\Menu Start\Programma's\YAC deleted

C:\WINDOWS\tasks\At1.job deleted

C:\WINDOWS\tasks\At2.job deleted

C:\WINDOWS\system32\sasnative32.exe deleted

C:\WINDOWS\System32\InstallUtil.InstallLog deleted

C:\WINDOWS\system32\RegistryHelperLM.ocx deleted

C:\WINDOWS\system32\SafeAppRichList.ocx deleted

C:\WINDOWS\system32\CUUpdateComponent.ocx deleted

C:\WINDOWS\system32\ComputerUpdaterLM.ocx deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\firefox@secretsauce.biz.xpi deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\firefox@springsmart.net.xpi deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\0\extensions\staged deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046\extensions\firefox@secretsauce.biz.xpi deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046\extensions\firefox@springsmart.net.xpi deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046\extensions\staged deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions\extensions\firefox@secretsauce.biz.xpi deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions\extensions\firefox@springsmart.net.xpi deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\extensions\extensions\staged deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968\extensions\firefox@secretsauce.biz.xpi deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968\extensions\firefox@springsmart.net.xpi deleted

C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968\extensions\staged deleted

"C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm" deleted

"C:\Documents and Settings\All Users\Application Data\88a231b3c222c722\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted

"C:\Documents and Settings\All Users\Application Data\88a231b3c222c722\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted

"C:\Documents and Settings\All Users\Application Data\88a231b3c222c722\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}.old" deleted

"C:\Documents and Settings\All Users\Application Data\88a231b3c222c722" deleted

==== System Specs ======================

Windows: Windows XP Professional Service Pack 3 (Build 2600)

Memory (RAM): 1016 MB

CPU Info: Intel® Pentium® 4 CPU 2.80GHz

CPU Speed: 2749,6 MHz

Sound Card: HD Audio-opbouw |

Display Adapters: Intel® 82945G Express Chipset Family | NetMeeting driver | RDPDD Chained DD

Monitors: 1x; Plug en Play-monitor |

Screen Resolution: 1280 X 1024 - 32 bit

Network: Network Present

Network Adapters: Broadcom NetXtreme Gigabit Ethernet - Pakketplanner-minipoort

CD / DVD Drives: 1x (D: | ) D: ASUS DRW-2014S1

Ports: COM1 LPT1

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 37,3GB | F: 1863,0GB

Hard Disks - Free: C: 18,5GB | F: 51,6GB

Manufacturer *: Hewlett-Packard

BIOS Info: AT/AT COMPATIBLE | 05/18/05 | COMPAQ - 20050518

Time Zone: West-Europa (standaardtijd)

Motherboard *: Hewlett-Packard 09F8h

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Updated)

Default Browser: Firefox 26.0

Internet Explorer version: 8.0.6001.18702

Mozilla Firefox version: 26.0 (x86 en-US)

Google Chrome version: 31.0.1650.63

Adobe Reader version: 11.0.04.63

Sun Java version: 1.7.0_45 (32-bit)

Shockwave Player version: 12.0.5r146

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\WINDOWS\TEMP ====

2013-12-19 17:03:50 EEC6C1C92BF3E8B3127108A039E70B82 204800 ----atw- C:\Documents and Settings\Barbie\Local Settings\Temp\n4936\ins4936.exe

2013-12-18 19:21:56 91ADC0E26FAEA06BB588AC7C215452CA 17838984 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\fp_pl_pfs_installer.exe

2013-12-17 21:00:28 EF57B3A411E343488B3349106FA22C9B 8988208 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\ReimagePackage.exe

====== Java Cache =====

====== C:\WINDOWS\system32 =====

2013-12-11 18:24:22 FBF7382E267457A20BFE784DA2F2BF2F 9272200 ----a-w- C:\WINDOWS\System32\FlashPlayerInstaller.exe

====== C:\WINDOWS\system32\drivers =====

2013-12-18 16:11:07 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2013-12-17 18:50:48 0DB7527DB188C7D967A37BB51BBF3963 40776 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

2013-11-20 02:19:04 C7D4AC5D4A6A42A2D1476AD3D508FC2B 247192 ----a-w- C:\WINDOWS\System32\drivers\aswndis2.sys

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-12-19 17:09:33 -------- d-----w- C:\Program Files\trend micro

2013-12-18 18:19:03 -------- d-----w- C:\Program Files\Reimage

2013-12-18 13:54:06 -------- d-----w- C:\Program Files\JAM Software

2013-12-17 23:27:47 -------- d-----w- C:\Program Files\Defraggler

2013-12-12 02:20:27 -------- d-----w- C:\Program Files\Common Files\ODBC

2013-11-28 17:14:14 -------- d-----w- C:\Program Files\AVG

======= C: =====

====== C:\Documents and Settings\Barbie\Application Data ======

2013-12-18 14:14:16 A0FE65B74D13A870E3006977C04D81AB 119 ----a-w- C:\Documents and Settings\Barbie\Application Data\mbam.context.scan

2013-12-18 13:54:19 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\JAM Software

2013-11-28 17:20:53 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\AVG2013

2013-11-28 17:20:06 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Application Data\AVG2013

2013-11-28 17:14:17 -------- d-----w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013

2013-11-28 17:11:16 -------- d-----w- C:\Documents and Settings\Barbie\Local Settings\Application Data\Avg2013

2013-11-25 20:03:32 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\licenses

2013-11-25 20:03:29 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\PCMM2009

2013-11-25 20:03:18 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\PCMM2013

====== C:\Documents and Settings\Barbie ======

2013-12-19 17:08:35 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\RSIT.exe

2013-12-19 17:03:43 D7FE5BEA19602156BD9688A259BC5304 194920 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\Norman%20Malware%20Cleaner.exe

2013-12-19 17:00:53 -------- d--h--r- C:\Documents and Settings\Barbie\Onlangs geopend

2013-12-15 12:47:25 FFA683DC592D4E91F76714D9BA2272D1 1226750 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\adwcleaner.exe

2013-11-25 19:40:41 -------- d-----w- C:\ProgramData\Microsoft

====== C: exe-files ==

2013-12-19 18:20:23 27A9730A7AE1E6283CCFCE09E6F34F09 68384 ----a-w- C:\WINDOWS\Temp\1c90a8ba-5c03-467d-bea0-2ae10fd9b621\ProtectorUpdater.exe

2013-12-19 18:20:02 6088CAD441E67E41A0B651B22872E927 7333392 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\UJNBAZB9\ProtectorPackage1013[1].exe

2013-12-19 17:09:36 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Barbie.exe

2013-12-19 17:08:35 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\RSIT.exe

2013-12-19 17:07:56 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\RSIT.exe

2013-12-19 17:03:50 EEC6C1C92BF3E8B3127108A039E70B82 204800 ----atw- C:\Documents and Settings\Barbie\Local Settings\Temp\n4936\ins4936.exe

2013-12-19 17:03:43 D7FE5BEA19602156BD9688A259BC5304 194920 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\Norman%20Malware%20Cleaner.exe

2013-12-19 17:03:18 D7FE5BEA19602156BD9688A259BC5304 194920 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Norman%20Malware%20Cleaner.exe

2013-12-19 08:05:08 474B0BA3E5FB3A5A9D85C82C45DB420B 317496 ----a-w- C:\Program Files\Reimage\Reimage Repair\ProtectorUpdater.exe

2013-12-19 08:05:06 CFA3018F22821237B714A5BAF18D6C56 5759832 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReiScanner.exe

2013-12-19 08:04:36 7AEDF316DAC452EF8F76FDE897BDCA4B 4023656 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe

2013-12-19 08:02:48 98A021A4C022978F90FFB6DBBB3A6C59 3466592 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe

2013-12-19 08:02:34 DCC5AEC4BBFF6C4B9231CA8572FB1DA3 483072 ----a-w- C:\Program Files\Reimage\Reimage Repair\CDB.exe

2013-12-18 19:21:56 91ADC0E26FAEA06BB588AC7C215452CA 17838984 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\fp_pl_pfs_installer.exe

2013-12-18 18:41:29 E5530C24F95262CD148A06A047B82802 24805592 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Windows-KB890830-V5.7.exe

2013-12-18 18:25:59 93674CF1054782C57042E30A9621218B 714960 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\ReimageRepair(1).exe

2013-12-18 18:19:05 93674CF1054782C57042E30A9621218B 714960 ----a-w- C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe

2013-12-18 18:18:06 93674CF1054782C57042E30A9621218B 714960 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\ReimageRepair.exe

2013-12-18 16:25:45 3B008CBE517B1C53C3F632E5047D4663 1734736 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\PCMightyMax2013_704_18746543.exe

2013-12-18 16:12:34 826737D84E84E4AA6423DBE46801D3C8 1937144 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\rkill.exe

2013-12-18 16:09:34 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\RECYCLER\S-1-5-21-1060284298-1677128483-725345543-1003\Dc1.exe

2013-12-18 16:08:42 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\svhost.exe

2013-12-18 15:58:37 326BD5EE356ED04A7326E52EAC637DE5 4554384 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\ARO2013.exe

2013-12-18 15:39:42 3C2A9F3195CDDD8943971DC8A677EF25 294912 ----a-w- C:\WINDOWS\Temp\bcdedit.exe

2013-12-18 14:14:36 F8924781B47BC29FD9D84E051A284DB1 79190 ----a-w- C:\WINDOWS\Prefetch\svchost.exe

2013-12-18 13:54:07 767A479307768F593716123982007D01 2519432 ----a-w- C:\Program Files\JAM Software\TreeSize Free\TreeSizeFree.exe

2013-12-18 13:54:06 A2F23A968A536C320EC28D16EBDEFB4E 1235336 ----a-w- C:\Program Files\JAM Software\TreeSize Free\unins000.exe

2013-12-18 13:53:17 7668B845A29E5529D50F27DA78F3C288 3350608 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\TreeSizeFreeSetup.exe

2013-12-18 13:49:52 74FEDDA2161CE57AA7CC65A184B6110A 6202120 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\WindowsMedia-KB891122-x86-ENU.exe

2013-12-18 12:52:18 0DD3C1181CA04EA6714A421C273A3A0E 1141328 ----a-w- C:\Documents and Settings\Barbie\Application Data\uTorrent\updates\3.3.2_30171.exe

2013-12-18 12:29:44 B91FE1536AB4D680DDD77469EA3FD4BF 24097311 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\vlc-2.1.2-win32.exe

2013-12-17 23:26:52 D98979ABFF32EB76C5AB7527F714FFF8 4208656 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\dfsetup216.exe

2013-12-17 21:00:28 EF57B3A411E343488B3349106FA22C9B 8988208 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\ReimagePackage.exe

2013-12-17 18:35:08 DEDB5F9E28EE2C9363E83A2A94BA83B9 139264 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\SystemLook.exe

2013-12-16 22:22:55 3B16B1BBFA9411532C73F62FC219EBC3 916928 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\Downloads\RegHunter_Web_Setup.exe.exe

2013-12-15 12:47:25 FFA683DC592D4E91F76714D9BA2272D1 1226750 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\adwcleaner.exe

=== C: other files ==

2013-12-18 16:11:07 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys

2013-12-17 18:50:48 0DB7527DB188C7D967A37BB51BBF3963 40776 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ContentTransferWMDetector.exe"="C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe"

"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe"

"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

"20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\4389e9f1-ae57-4fc7-8ff0-52821b0e76a2.exe /check"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Barbie^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk]

"path"="C:\\Documents and Settings\\Barbie\\Menu Start\\Programma's\\Opstarten\\LimeWire On Startup.lnk"

"backup"="C:\\WINDOWS\\pss\\LimeWire On Startup.lnkStartup"

"command"="F:\\programma mappen\\Program Files\\LimeWire\\LimeWire.exe -startup"

"item"="LimeWire On Startup"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]

"TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\" -s"

"uTorrent"="\"E:\\Muziek en programma's\\uTorrent\\uTorrent.exe\" /MINIMIZED"

"AROReminder"="C:\\Program Files\\ARO 2013\\ARO.exe -rem"

"ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"DivXUpdate"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2013 20:25]

C:\WINDOWS\tasks\avast\Undetermined Task.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-02-2013 21:59]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-02-2013 21:59]

C:\WINDOWS\tasks\OGALogon.job --a------ C:\WINDOWS\system32\OGAEXEC.exe [03-08-2009 14:07]

C:\WINDOWS\tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 03:31]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [15-06-2011 14:04]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046

- Undetermined - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack

AppDir: C:\Program Files\Mozilla Firefox

- Undetermined - %AppDir%\extensions\staged

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\9i26fnay.default-1387215526984

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dbpebffoameokfhnaaedmefjncfboino - C:\Program Files\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx[]

fgeapihpgbepllencafcpkfbjlkogfan - C:\Program Files\Spring Smart\fgeapihpgbepllencafcpkfbjlkogfan.crx[]

fplhdcjmbpfkejbhngmlngaecbjmoimd - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx[25-02-2013 10:09]

pkmpcdbgnfjfeelcpebpkflcmbkclfho - C:\Documents and Settings\Barbie\Local Settings\Application Data\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[25-11-2013 17:38]

pkmpcdbgnfjfeelcpebpkflcmbkclfho - C:\Documents and Settings\Barbie\Local Settings\Application Data\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx[]

Instant Savings App - Barbie - Default\Extensions\achhmapmjlcjlomcbmbicbgkihghgnie

Google Docs - Barbie - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Barbie - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Barbie - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Barbie - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

SecretSauce - Barbie - Default\Extensions\dbpebffoameokfhnaaedmefjncfboino

Google Wallet - Barbie - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Barbie - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dbpebffoameokfhnaaedmefjncfboino deleted successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dbpebffoameokfhnaaedmefjncfboino_0.localstorage deleted successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\dbpebffoameokfhnaaedmefjncfboino deleted successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fgeapihpgbepllencafcpkfbjlkogfan_0.localstorage deleted successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\fgeapihpgbepllencafcpkfbjlkogfan deleted successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\achhmapmjlcjlomcbmbicbgkihghgnie deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://mozilla firefox/"

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

"Default"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://www.google.com"

"SearchAssistant"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://mozilla"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}"

{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dbpebffoameokfhnaaedmefjncfboino deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fgeapihpgbepllencafcpkfbjlkogfan deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho deleted successfully

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite deleted successfully

==== HijackThis Entries ======================

O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\4389e9f1-ae57-4fc7-8ff0-52821b0e76a2.exe /check

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe

O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe

O24 - Desktop Component AutorunsDisabled: (no name) - (no file)

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\8gjesupv.default-1362239606375\Cache emptied successfully

C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\9i26fnay.default-1387215526984\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully

C:\Documents and Settings\Barbie\Local Settings\Temp will be emptied at reboot

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\WINDOWS\TEMP successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on do 19-12-2013 at 20:53:31,29 ======================

20 december 2013 aangepast door kape
quote verwijderd

Hiermee is behoorlijk wat rotzooi verwijderd. Hoe staat het nu met al de gemelde problemen uit je eerste bericht ?

Hiermee is behoorlijk wat rotzooi verwijderd. Hoe staat het nu met al de gemelde problemen uit je eerste bericht ?

goede avond,

Ik heb nog steeds exact dezelfde problemen

Een ander programma die ik gebruik is norman malware cleaner. die heb ik eraf gegooid en opnieuw gedownload, maar kan niet geopend worden. Krijg volgende melding :

Norman malware cleaner.exe toepassingsfout de instructie op 0x0044f31b verwijst naar geheugen op 0x00000000. De lees - of schijfbewerking ("Read") op het geheugen is mislukt. Dus er is nog niets opgelost. Je zij dat er veel rotzooi verwijderd is wat voor rotzooi is dat eigenlijk.

Ik hoor graag verder van je hoe we dit nu verder moeten oplossen. Ik hoop dat het niets ernstigs is. Ook heb ik het idee dat ik een aantal essentiele plugins of ad ons mis die belangrijk zijn voor de werking van een aantal programma's

Mvg,

D. Bank

20 december 2013 aangepast door kape

Die Pirate Bay - waar je naar verwijst - doet altijd belletjes rinkelen ... en meestal is dat geen goed nieuws voor de PC-gebruikers. Via dat soort kanalen wordt zoveel troep verspreid, dat je bij gebruik ervan vaak malware-bij-bosjes binnenhaalt op de PC. Besmette bestanden in allerlei vormen zijn nu eenmaal schering en inslag op dat soort websites.

Misschien nog eerst eens een on-line scanner op de PC loslaten:

Ga naar de site van ESET Online Scanner.

Klik op de knop “Run ESET Online Scanner”

In een apart scherm krijg je de vraag om EsetSmartInstaller te downloaden

Klik op de link van esetsmartinstaller_enu.exe en dan start de download automatisch op.

Kies voor “Download” van dit bestand.

Klik op “uitvoeren” van dit bestand esetsmartinstaller_enu.exe

Zet een vinkje bij “YES, I accept the Terms of Use”

Klik op “Start”

Klik op "Advanced settings"

Zet een vinkje bij de volgende opties:

• Remove found threats
  
• Scan archives
  
• Scan for potentially unwanted applications
  
• Scan for potentially unsafe applications
  
• Enable Anti-Stealth technology
  

Klik op “Start”

De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.

Je mag het venster sluiten wanneer de scan klaar is.

Gebruik Kladblok om het logje te openen. Dit logje vind je op de locatie C:\\Program Files\\Eset\\EsetOnlineScanner\\log.txt

Kopieer en plak de inhoud van dit logje in je volgende bericht.

Die Pirate Bay - waar je naar verwijst - doet altijd belletjes rinkelen ... en meestal is dat geen goed nieuws voor de PC-gebruikers. Via dat soort kanalen wordt zoveel troep verspreid, dat je bij gebruik ervan vaak malware-bij-bosjes binnenhaalt op de PC. Besmette bestanden in allerlei vormen zijn nu eenmaal schering en inslag op dat soort websites.

Misschien nog eerst eens een on-line scanner op de PC loslaten:

Ga naar de site van ESET Online Scanner.

Klik op de knop “Run ESET Online Scanner”

In een apart scherm krijg je de vraag om EsetSmartInstaller te downloaden

Klik op de link van esetsmartinstaller_enu.exe en dan start de download automatisch op.

Kies voor “Download” van dit bestand.

Klik op “uitvoeren” van dit bestand esetsmartinstaller_enu.exe

Zet een vinkje bij “YES, I accept the Terms of Use”

Klik op “Start”

Klik op "Advanced settings"

Zet een vinkje bij de volgende opties:

• Remove found threats
  
• Scan archives
  
• Scan for potentially unwanted applications
  
• Scan for potentially unsafe applications
  
• Enable Anti-Stealth technology
  

Klik op “Start”

De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.

Je mag het venster sluiten wanneer de scan klaar is.

Gebruik Kladblok om het logje te openen. Dit logje vind je op de locatie C:\\Program Files\\Eset\\EsetOnlineScanner\\log.txt

Kopieer en plak de inhoud van dit logje in je volgende bericht.

Hier komt het 3e logje zoals gevraagd:

ESETSmartInstaller@High as downloader log:

Can not read file from internet.ESETSmartInstaller@High as downloader log:

Can not read file from internet.Can not open internetESETSmartInstaller@High as downloader log:

Can not open internetCan not open internetESETSmartInstaller@High as downloader log:

Can not read file from internet.ESETSmartInstaller@High as downloader log:

Can not read file from internet.Can not open internetESETSmartInstaller@High as downloader log:

Can not open internetCan not read file from internet.ESETSmartInstaller@High as downloader log:

Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:

Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:

Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:

Can not read file from internet.Can not read file from internet.ESETSmartInstaller@High as downloader log:

Can not read file from internet.# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=e5e8db09532b8748a386751b7de50227

# engine=16376

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2013-12-23 11:29:18

# local_time=2013-12-24 12:29:18 (+0100, West-Europa (standaardtijd))

# country="Netherlands"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=774 16777213 85 71 528102 6065297 0 0

# scanned=316510

# found=40

# cleaned=40

# scan_time=17610

sh=426D858B6F2720746B1F8642956D9FCB39518ECD ft=1 fh=ce4ca38e6f58ee13 vn="a variant of Win32/InstallCore.CH application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Alcohol120_trial_2.0.2.4713.exe"

sh=01E0B8C801CAE264F38EAAB97E68BF9963BDF895 ft=1 fh=c674dd3f2298afdb vn="a variant of Win32/ToolkitOffers.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\AresCatcher_ST.exe"

sh=51D8F3AEE11DBDF06F47E970A1971E087EE7D631 ft=1 fh=7781c2a6b2ae6b57 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\avc-free.exe"

sh=8FED8B0A2D646AECA2C5EF60FD7A98901AA9CAC3 ft=1 fh=531c0e216047db7b vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\dfsetup216.exe"

sh=EE9D265E3F740D10795D374CFAAF8DDCD7F2D4E1 ft=1 fh=55b5500b9f3dce66 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\FreeStudio(1).exe"

sh=F6A973A570422C0C1C79DC5AD9DC11B78EA3A1EE ft=1 fh=bb2dba8137f42e39 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\FreeYouTubeDownload(2).exe"

sh=52A0B3BE7359CBF91825C42998F7D010EAED3273 ft=1 fh=4acb1de59817921c vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\FreeYouTubeToMP3Converter.exe"

sh=7328A3573257E4C5F921920A8FC4DD552232BDCC ft=1 fh=ec23792525d0a121 vn="Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\jZipSetup.exe"

sh=929A68B6AA0BAF093E38105D6F36538AEE660D63 ft=1 fh=637873bc96a6ce35 vn="Win32/Toolbar.Babylon.T application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\ReimageRepair(2).exe"

sh=A981E3D6F03D3BD57D1472F33A4093A01533F8A8 ft=1 fh=7aaf7b3d0491af48 vn="a variant of MSIL/AdvancedSystemProtector.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\Barbie\Mijn documenten\Downloads\wzmp_8.exe"

sh=929A68B6AA0BAF093E38105D6F36538AEE660D63 ft=1 fh=637873bc96a6ce35 vn="Win32/Toolbar.Babylon.T application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe"

sh=6F3A3B433459E6773C9FBE8CFB154DB6534EFA86 ft=1 fh=60bff0ff01dbe663 vn="a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\VideoConverter\VideoConverter.exe"

sh=929A68B6AA0BAF093E38105D6F36538AEE660D63 ft=1 fh=637873bc96a6ce35 vn="Win32/Toolbar.Babylon.T application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{527BF03A-D801-49A5-BE59-B026ACE9447A}\RP1210\A0363801.exe"

sh=45BB20CBB2D8A3A5768CB0E26C2649D6EADD5B24 ft=1 fh=de380bf3bdc3ccf2 vn="a variant of Win32/FirseriaInstaller.A application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{527BF03A-D801-49A5-BE59-B026ACE9447A}\RP1212\A0364160.exe"

sh=929A68B6AA0BAF093E38105D6F36538AEE660D63 ft=1 fh=637873bc96a6ce35 vn="Win32/Toolbar.Babylon.T application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{527BF03A-D801-49A5-BE59-B026ACE9447A}\RP1212\A0364199.exe"

sh=245EE219F65DAEA82C4F24EF5B24592085F185CA ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_0_extensions_firefox@secretsauce.biz.xpi.vir"

sh=1EC16107D1491E1B0614ADCA6CEECDC54114DBA3 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_0_extensions_firefox@springsmart.net.xpi.vir"

sh=245EE219F65DAEA82C4F24EF5B24592085F185CA ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_cyn6v1jy.default-1361706640046_extensions_firefox@secretsauce.biz.xpi.vir"

sh=1EC16107D1491E1B0614ADCA6CEECDC54114DBA3 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_cyn6v1jy.default-1361706640046_extensions_firefox@springsmart.net.xpi.vir"

sh=245EE219F65DAEA82C4F24EF5B24592085F185CA ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_extensions_extensions_firefox@secretsauce.biz.xpi.vir"

sh=1EC16107D1491E1B0614ADCA6CEECDC54114DBA3 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_extensions_extensions_firefox@springsmart.net.xpi.vir"

sh=245EE219F65DAEA82C4F24EF5B24592085F185CA ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_wapo6j95.default-1369758160968_extensions_firefox@secretsauce.biz.xpi.vir"

sh=1EC16107D1491E1B0614ADCA6CEECDC54114DBA3 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Application Data_Mozilla_Firefox_Profiles_wapo6j95.default-1369758160968_extensions_firefox@springsmart.net.xpi.vir"

sh=4DE674DF0EB65EDD389ACE226BECC1AB929A22BE ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Local Settings_Application Data_Google_Chrome_User Data_Default_Extensions_dbpebffoameokfhnaaedmefjncfboino\1.0.0_0\background.js"

sh=9DE91EC13C9A68B60F5E28A50D15C77D2613F21A ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Documents and Settings_Barbie_Local Settings_Application Data_Google_Chrome_User Data_Default_Extensions_dbpebffoameokfhnaaedmefjncfboino\1.0.0_0\content.js"

sh=31E02459E4D3C8F6C9C7CBD9FEF432F6A6AAAA66 ft=1 fh=837711c08946fd34 vn="a variant of Win32/Bundled.Toolbar.Ask.A application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\Downloads\software\dfx9Setup-RealPlayer.exe"

sh=40162FBAAF914B42C31B0BC79BC28E06E47F684D ft=1 fh=e487529da8e046a1 vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\Downloads\software\isoHunt.exe"

sh=B667276229356713C982E464C737C26BD62B328A ft=1 fh=0f9044be930a20ab vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\Kopie van programma's en mappen van laptop\isoHunt\tbiso0.dll"

sh=DB1C8E852F46071B2163E77F88966B7951A2CE59 ft=1 fh=fcd24e9a58665dd2 vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\Kopie van programma's en mappen van laptop\isoHunt\tbiso1.dll"

sh=297834C3BA7DDC4ED4662C56468655B25C7B0D62 ft=1 fh=c7091104e653332e vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\Kopie van programma's en mappen van laptop\isoHunt\tbisoH.dll"

sh=B667276229356713C982E464C737C26BD62B328A ft=1 fh=0f9044be930a20ab vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\programma's en mappen van laptop\isoHunt\tbiso0.dll"

sh=DB1C8E852F46071B2163E77F88966B7951A2CE59 ft=1 fh=fcd24e9a58665dd2 vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\programma's en mappen van laptop\isoHunt\tbiso1.dll"

sh=297834C3BA7DDC4ED4662C56468655B25C7B0D62 ft=1 fh=c7091104e653332e vn="a variant of Win32/Toolbar.Conduit.B application (cleaned by deleting - quarantined)" ac=C fn="F:\Andere mappen\programma mappen\programma's en mappen van laptop\isoHunt\tbisoH.dll"

sh=259145F5DA9C404C5CC16214CD008A4E772C7F7C ft=1 fh=4356b2e9e386f2d4 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\avc5-beta.exe"

sh=EE9D265E3F740D10795D374CFAAF8DDCD7F2D4E1 ft=1 fh=55b5500b9f3dce66 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\FreeStudio(1).exe"

sh=F09BFAAA7F1EAF092781DD61A62476BECA51AABA ft=1 fh=0a689d192f2cbfb3 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\FreeYouTubeConverter.exe"

sh=33F37B9CE815EE2CB4EEA7D5C6188C714646523F ft=1 fh=d6b29b6b8776dad0 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\FreeYouTubeToDVDConverter (1).exe"

sh=33F37B9CE815EE2CB4EEA7D5C6188C714646523F ft=1 fh=d6b29b6b8776dad0 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\FreeYouTubeToDVDConverter.exe"

sh=52A0B3BE7359CBF91825C42998F7D010EAED3273 ft=1 fh=4acb1de59817921c vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\FreeYouTubeToMP3Converter.exe"

sh=3B9D8B381EA4546E8E117387D0925F96328F0F47 ft=1 fh=bf9133a686d8a750 vn="a variant of Win32/Bundled.Toolbar.Ask application (cleaned by deleting - quarantined)" ac=C fn="F:\Muziek en programma's\Quick media converter\QuickMediaConverter\AskInstallChecker.exe"

Mvg,

D. Bank

Die heeft nog behoorlijk wat ongewenst spul van de PC verwijderd. Hoe draait die nu ?