johnnykaty

Ik doe dit al enkele dagen op deze manier en telkens krijg ik te zien wat er hieronder op de printscreen staat.

Link van Speccy. http://speccy.piriform.com/results/moIY86FUdliKrTCzhn1SG43

Logje zou in de bijlage moeten zitten. sfcdetails.txt

Jammer maar helaas, Ik heb beide uitgevoerd en dan terug proberen om de update uit te voeren maar het is niet gelukt. Ik krijg nog steeds, code 80073712 code 800B0100 als foutmelding. KB957310 heeft zelfs een logje geplaatst en zelfs dat kan ik niet openen.(ben niet gemachtigd om dit te openen)

Hallo, Graag zou ik ook van windows 7 naar windows 10 gaan, maar als ik de update wil uitvoeren krijg ik steeds 2 foutmeldingen. Code 80073712 Code 800B0100 Weten jullie hoe ik dit kan oplossen? Alvast dank op voorhand. Mvg. Johnny

log.txt

Hier is de bijlage die gevraagd is.

Beste, Graag zou ik nog eens gebruik willen maken van jullie deskundige hulp. Mijn laptop heeft ontzettend veel last van pop-ups, is precies veel trager geworden en sluit geregeld uit zich zelf webpaginas af. Graag had ik de laptop eens grondig willen opkuisen. Kunnen jullie mij hier aub mee helpen?

ok ik heb dit alles gedaan en kan je nu nog maar enkel bedanken voor de geboden hulp, thanks

ik heb mijn website gecontroleerd en het blijkt allemaal weg te zijn. thanks

hier volgt het logbestand van AdwCleaner. # AdwCleaner v3.007 - Report created 10/10/2013 at 16:29:32 # Updated 09/10/2013 by Xplode # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) # Username : johnny - THUIS-F8288AC5C # Running from : C:\Documents and Settings\johnny\Bureaublad\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files\Common Files\AVG Secure Search Folder Deleted : C:\Documents and Settings\johnny\Local Settings\Application Data\AVG Nation toolbar Folder Deleted : C:\Documents and Settings\johnny\Application Data\AVG Nation toolbar Folder Deleted : C:\Documents and Settings\johnny\Application Data\goforfiles Folder Deleted : C:\Documents and Settings\johnny\Application Data\Systweak [!] Folder Deleted : C:\Documents and Settings\johnny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hphibigbodkkohoglgfkddblldpfohjl File Deleted : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default\user.js File Deleted : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\user.js File Deleted : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\5dkd64lc.firefox\user.js File Deleted : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hphibigbodkkohoglgfkddblldpfohjl Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\driverscanner Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\Software\simplytech Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\DefaultTab Key Deleted : HKLM\Software\systweak Key Deleted : HKLM\Software\Uniblue\DriverScanner Key Deleted : HKLM\Software\Vittalia Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdater Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Mozilla Firefox v24.0 (nl) [ File : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default\prefs.js ] [ File : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\prefs.js ] [ File : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\5dkd64lc.firefox\prefs.js ] [ File : C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\prefs.js ] -\\ Google Chrome v30.0.1599.69 [ File : C:\Documents and Settings\johnny\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [6264 octets] - [10/10/2013 16:28:46] AdwCleaner[s0].txt - [6319 octets] - [10/10/2013 16:29:32] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6379 octets] ##########

Hier de gevraagde log. Zoek.exe Version 4.0.0.5 Updated 07-October-2013 Tool run by johnny on wo 09/10/2013 at 16:59:57,17. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\DOCUME~1\JOHNNY\MIJNDO~1\DOWNLO~1\ZOEK.COM [script inserted] [Checkboxes used] ==== System Restore Info ====================== 9/10/2013 17:01:44 Zoek.exe System Restore Point Created Succesfully. ==== Possible Rootkit Infection ====================== \system32\services.exe Possible Infected! ==== Empty Folders Check ====================== C:\PROGRA~1\dumps C:\PROGRA~1\MSXML 4.0 C:\PROGRA~1\MyFree Codec C:\PROGRA~1\Uninstall Information C:\PROGRA~1\WindowsUpdate C:\PROGRA~1\Xenocode C:\Documents and Settings\All Users\Application Data\AVAST Software C:\Documents and Settings\All Users\Application Data\Big Fish Games C:\Documents and Settings\All Users\Application Data\BigFishGamesCache ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{A0C6B9D3-BA62-4C33-8BC3-B4BB65505E59} deleted successfully HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default ---- Lines delta removed from prefs.js ---- user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "orgnl"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.id", "9cfb4fef000000000000001cc060ac6e"); user_pref("extensions.delta.instlDay", "15974"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.24.6"); user_pref("extensions.delta.vrsnTs", "1.8.24.60:44:30"); user_pref("extensions.delta.vrsni", "1.8.24.6"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=5006"); user_pref("extensions.delta_i.srcExt", "ss"); ---- Lines delta modified from prefs.js ---- ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "9cfb4fef000000000000001cc060ac6e"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15974"); user_pref("extensions.delta.vrsn", "1.8.24.6"); user_pref("extensions.delta.vrsni", "1.8.24.6"); user_pref("extensions.delta.vrsnTs", "1.8.24.60:44:30"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "orgnl"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta_i.babTrack", ""affID=66899&tsp=5017" srcExt=def"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.srcExt", ""); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines incredibar removed from prefs.js ---- ---- Lines incredibar modified from prefs.js ---- ---- Lines incredibar removed from user.js ---- ---- Lines babylon removed from prefs.js ---- ---- Lines babylon modified from prefs.js ---- ---- Lines babylon removed from user.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines Web Search removed from user.js ---- ---- Lines defaulttab removed from prefs.js ---- ---- Lines defaulttab modified from prefs.js ---- ---- Lines defaulttab removed from user.js ---- ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- Lines OneClickDownload removed from user.js ---- ---- Lines browser.startup.page removed from prefs.js ---- ---- Lines browser.startup.page modified from prefs.js ---- ---- Lines browser.startup.page removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20130910_1706_.backup prefs_20130910_1706_.backup ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines delta removed from user.js ---- ---- Lines incredibar removed from prefs.js ---- ---- Lines incredibar modified from prefs.js ---- ---- Lines incredibar removed from user.js ---- ---- Lines babylon removed from prefs.js ---- ---- Lines babylon modified from prefs.js ---- ---- Lines babylon removed from user.js ---- ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultengine", "Web Search"); user_pref("browser.search.defaultenginename", "Web Search"); user_pref("browser.search.order.1", "Web Search"); ---- Lines Web Search modified from prefs.js ---- ---- Lines Web Search removed from user.js ---- ---- Lines defaulttab removed from prefs.js ---- ---- Lines defaulttab modified from prefs.js ---- ---- Lines defaulttab removed from user.js ---- ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- Lines OneClickDownload removed from user.js ---- ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 1); ---- Lines browser.startup.page modified from prefs.js ---- ---- Lines browser.startup.page removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20130910_1706_.backup prefs_20130910_1706_.backup ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines delta removed from user.js ---- ---- Lines incredibar removed from prefs.js ---- ---- Lines incredibar modified from prefs.js ---- ---- Lines incredibar removed from user.js ---- ---- Lines babylon removed from prefs.js ---- ---- Lines babylon modified from prefs.js ---- ---- Lines babylon removed from user.js ---- ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultengine", "Web Search"); user_pref("browser.search.defaultenginename", "Web Search"); user_pref("browser.search.order.1", "Web Search"); ---- Lines Web Search modified from prefs.js ---- ---- Lines Web Search removed from user.js ---- ---- Lines defaulttab removed from prefs.js ---- ---- Lines defaulttab modified from prefs.js ---- ---- Lines defaulttab removed from user.js ---- ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- Lines OneClickDownload removed from user.js ---- ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 1); ---- Lines browser.startup.page modified from prefs.js ---- ---- Lines browser.startup.page removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20130910_1706_.backup prefs_20130910_1706_.backup ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines delta removed from user.js ---- ---- Lines incredibar removed from prefs.js ---- ---- Lines incredibar modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn2\",\"mtime\":1347752794625},\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1347892790718},\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\Program Files\\\\IB Updater\\\\Firefox\",\"mtime\":1348069001843}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1348399321375}}},{\"name\":\"winreg-app-user\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files\\\\HP\\\\Digital Imaging\\\\Smart Web Printing\\\\MozillaAddOn2\",\"mtime\":1347752794625},\"{b64982b1-d112-42b5-b1e4-d3867c4533f8}\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\All Users\\\\Application Data\\\\Browser Manager\\\\2.2.643.41\\\\{16cdff19-861d-48e3-a751-d99a27784753}\\\\FirefoxExtension\",\"mtime\":1348400266468}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\johnny\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\fsirrm82.default\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1348401924687},\"ffxtlbr@incredibar.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\johnny\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\fsirrm82.default\\\\extensions\\\\ffxtlbr@incredibar.com\",\"mtime\":1348069012562},\"OneClickDownload@OneClickDownload.com\":{\"descriptor\":\"C:\\\\Documents and Settings\\\\johnny\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\fsirrm82.default\\\\extensions\\\\OneClickDownload@OneClickDownload.com\",\"mtime\":1348072255343}}}]"); ---- Lines incredibar removed from user.js ---- ---- Lines babylon removed from prefs.js ---- ---- Lines babylon modified from prefs.js ---- ---- Lines babylon removed from user.js ---- ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultengine", "Web Search"); user_pref("browser.search.defaultenginename", "Web Search"); user_pref("browser.search.order.1", "Web Search"); ---- Lines Web Search modified from prefs.js ---- ---- Lines Web Search removed from user.js ---- ---- Lines defaulttab removed from prefs.js ---- ---- Lines defaulttab modified from prefs.js ---- ---- Lines defaulttab removed from user.js ---- ---- Lines OneClickDownload removed from prefs.js ---- user_pref("extensions.bootstrappedAddons", "{\"OneClickDownload@OneClickDownload.com\":{\"version\":\"1.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Documents and Settings\\\\johnny\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\fsirrm82.default\\\\extensions\\\\OneClickDownload@OneClickDownload.com\"}}"); user_pref("extensions.OneClickDownload.filter", "filter:1,3"); ---- Lines OneClickDownload modified from prefs.js ---- ---- Lines OneClickDownload removed from user.js ---- ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 1); ---- Lines browser.startup.page modified from prefs.js ---- ---- Lines browser.startup.page removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20130910_1706_.backup prefs_20130910_1706_.backup ==== Deleting Files \ Folders ====================== "C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\extensions\ffxtlbr@incredibar.com" not found "C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\extensions\ffxtlbr@babylon.com" not found "C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default\searchplugins\conduit-search.xml" deleted "C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default\searchplugins\nation-secure-search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\searchplugins\Web Search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox\searchplugins\Web Search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default\searchplugins\Web Search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default\searchplugins\conduit-search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default\searchplugins\nation-secure-search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default\Invalidprefs.js" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default\bProtector_extensions.rdf" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\searchplugins\nation-secure-search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\searchplugins\Web Search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox\searchplugins\nation-secure-search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox\searchplugins\Web Search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default\searchplugins\nation-secure-search.xml" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default\searchplugins\Web Search.xml" deleted "C:\Program Files\AVG Nation toolbar\vprot.exe" deleted "C:\PROGRA~1\AVG Nation toolbar\vprot.exe" deleted "C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted "C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults" deleted "C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com\defaults\preferences" deleted "C:\Documents and Settings\All Users\Application Data\AVG Nation toolbar" deleted "C:\Program Files\AVG Nation toolbar" not deleted "C:\Documents and Settings\johnny\Application Data\DefaultTab" deleted "C:\PROGRA~1\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted "C:\PROGRA~1\AVG Nation toolbar" not deleted "C:\PROGRA~1\TorrentHandler" deleted "C:\PROGRA~1\MyFree Codec" deleted "C:\DOCUME~1\johnny\Mijn documenten\Mijn muziek\Qtrax Media Library" deleted "C:\Documents and Settings\All Users\Application Data\APN" deleted "C:\Documents and Settings\All Users\Application Data\Registry Helper" deleted "C:\Documents and Settings\All Users\Application Data\AVG Nation toolbar" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\1woa8qus.Standaardgebruiker\extensions\addon@defaulttab.com" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox\extensions\addon@defaulttab.com" deleted "C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default\extensions\addon@defaulttab.com" deleted "C:\PROGRA~1\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted ==== Files Recently Created / Modified ====================== ====== ==== ====== C:\WINDOWS\TEMP ==== ====== \system32 ===== ====== \system32\drivers ===== ====== \Tasks ====== ====== \Temp ====== ======= C:\PROGRA~1 ===== 2013-10-06 18:17:09 -------- d-----w- C:\PROGRA~1\COMMON~1\AVG Secure Search 2013-10-06 18:17:08 -------- d-----w- C:\PROGRA~1\AVG Nation toolbar 2013-10-06 18:15:53 -------- d-----w- C:\PROGRA~1\AVG 2013-09-16 15:07:51 -------- d-----w- C:\PROGRA~1\Mozilla Maintenance Service ======= C: ===== ====== C:\DOCUME~1\johnny\APPLIC~1 ====== ====== C:\DOCUME~1\johnny ====== 2013-10-09 14:58:51 -------- d--h--w- C:\\WINDOWS\PIF 2013-10-08 20:37:12 6454C3ECA49FD90F5E2A6ED293E1FD34 35576 ----a-w- C:\\rsit\info.txt 2013-10-08 20:21:43 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\\Program Files\Trend Micro\johnny.exe 2013-10-08 19:31:34 -------- d-sh--w- C:\\RECYCLER\S-1-5-21-1214440339-162531612-839522115-1004 2013-10-08 19:28:52 A584128BC1AD6B532AEA47BD0448081B 13560 ----a-w- C:\\Qoobox\Add-Remove Programs.txt 2013-10-08 19:18:39 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\\WINDOWS\PEV.exe 2013-10-08 19:18:39 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\\WINDOWS\grep.exe 2013-10-08 19:18:39 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\\WINDOWS\zip.exe 2013-10-08 19:18:39 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\\WINDOWS\SWSC.exe 2013-10-08 19:18:39 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\\WINDOWS\MBR.exe 2013-10-08 19:18:34 -------- d-----w- C:\\Qoobox\BackEnv 2013-10-08 19:17:50 -------- d-----w- C:\\Qoobox\Quarantine 2013-10-08 17:43:12 1EF451DEA3ABB0D2B3AC408A9CA05B6A 17813896 ----a-w- C:\\WINDOWS\system32\FlashPlayerInstaller.exe 2013-10-06 18:17:08 -------- d-----w- C:\\Program Files\AVG Nation toolbar 2013-10-06 18:16:09 -------- d-----w- C:\\$AVG\$VAULT 2013-10-06 18:16:09 -------- d-----w- C:\\$AVG\$CHJW 2013-10-06 18:15:53 -------- d-----w- C:\\Program Files\AVG 2013-09-16 15:07:51 -------- d-----w- C:\\Program Files\Mozilla Maintenance Service 2013-09-16 15:03:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\\WINDOWS\nsreg.dat 2013-09-12 22:34:47 A7710B9272133082B6C0DF84D69B11B7 1374 ----a-w- C:\\WINDOWS\imsins.BAK ====== C: exe-files == 2013-10-08 20:29:38 8C7FB9078A63B7E5E899E7A2DBB0DB53 1114624 ----a-w- C:\Documents and Settings\johnny\Local Settings\temp\3263765.Uninstall\uninstaller.exe 2013-10-08 20:21:43 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\johnny.exe 2013-10-08 20:21:00 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\johnny\Mijn documenten\Downloads\RSIT.exe 2013-10-08 20:17:33 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-10-08 20:17:33 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-10-08 20:17:33 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-10-08 20:17:30 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-10-08 20:17:30 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-10-08 20:17:30 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler64.exe 2013-10-08 20:17:24 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe 2013-10-08 19:18:39 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe 2013-10-08 19:18:39 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe 2013-10-08 19:18:39 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe 2013-10-08 19:18:39 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe 2013-10-08 19:18:39 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe 2013-10-08 18:41:09 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Documents and Settings\johnny\Mijn documenten\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-10-08 17:43:12 1EF451DEA3ABB0D2B3AC408A9CA05B6A 17813896 ----a-w- C:\WINDOWS\system32\FlashPlayerInstaller.exe 2013-10-06 18:52:33 CFE80B8F9933444E1DA99708DCA23900 3756320 ----a-w- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\businesscards-mx-4-89-nederlands\BusinessCardsMX\BusinessCardsMX.exe 2013-10-06 18:52:20 85539F3EEC23B2B3B80E5221CF6EF927 570584 ----a-w- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\businesscards-mx-4-89-nederlands\BusinessCardsMX\tificc.exe 2013-10-06 18:52:19 DFB5F3307FC3FE0AC6C247A5EE0C3BC2 408792 ----a-w- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\businesscards-mx-4-89-nederlands\BusinessCardsMX\jpgicc.exe 2013-10-06 18:52:19 172631099341733634FC4CE4A2459F80 1176864 ----a-w- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\businesscards-mx-4-89-nederlands\BusinessCardsMX\unins000.exe 2013-10-06 18:17:13 834418EBF22E0EF249B98D9A4E865EC6 641352 ----a-w- C:\Program Files\Common Files\AVG Secure Search\DriverInstaller\17.0.12\DriverInstaller.exe 2013-10-06 18:17:11 6C7E1955C35950B7E9258B6AE2A65717 2372936 ----a-w- C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\17.0.12\ScriptHelper.exe 2013-10-06 18:17:09 D07FB49A3D7C51A782B659B716CDF661 1733448 ----a-w- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe 2013-10-06 18:16:01 4D7FB9493EBE8B9210DA9D9F3FD0B4E8 253488 ----a-w- C:\Program Files\AVG\AVG2014\avgndisx.exe 2013-10-06 18:10:33 3E3012073E57617ADD02EAE944C7F71C 2029734 ----a-w- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\License Keys For all Antivirus Latest.exe 2013-10-06 17:37:09 57D55FA00710E94798F14AEF3CCBBF8F 251904 ----a-r- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\AVG Anti-Virus 2014 Build 4116a6613 - x86 & x64 Incl Working Keygen\Keygen.exe 2013-10-06 17:26:04 9B97DA1AEBFA54315877BF8C9737104F 91235864 ----a-r- C:\Documents and Settings\johnny\Bureaublad\Nieuwe map\nieuwe downloads\businesscards-mx-4-89-nederlands\BusinessCardsMX-setup.exe 2013-10-04 20:17:30 ACBC9FB1394434F8F21E7DD0CA9A616B 8420704 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.69\30.0.1599.69_29.0.1547.76_chrome_updater.exe === C: other files == 2013-10-08 18:41:40 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys 2013-10-08 18:22:31 B749B05D5A7AD704E47D4565B4894D99 48728 ----a-w- C:\WINDOWS\system32\drivers\mbamchameleon.sys 2013-10-06 18:17:13 15ACA2AD17ACECA4814F249783E63AD3 37664 ----a-w- C:\WINDOWS\system32\drivers\avgtpx86.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run] "D98A654CBC3DD4B1587618D1760AD0F8DBCB39FC._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY" "vProt"="C:\Program Files\AVG Nation toolbar\vprot.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "D98A654CBC3DD4B1587618D1760AD0F8DBCB39FC._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service" "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beidsccertprop] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="beidsccertprop" "hkey"="HKLM" "command"="C:\\Program Files\\Belgium Identity Card\\BeID Certprop\\beidsccertprop.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Registry Repair Wizard Scheduler] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Registry Repair Wizard Scheduler" "hkey"="HKCU" "command"="\"K:\\downloads\\Registry Repair Wizard\\RCHelper.exe\" /startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] "item"="HP Digital Imaging Monitor" "path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\HP Digital Imaging Monitor.lnk" "backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe" ==== Firefox Extensions ====================== ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi ProfilePath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default - Undetermined - C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\extensions\ffxtlbr@incredibar.com - Undetermined - C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\fsirrm82.default\extensions\ffxtlbr@babylon.com - Undetermined - C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension ==== Firefox Plugins ====================== Profilepath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\0t1a57fy.default CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash 6B26A1F48CB569E5CAB324B68E44A469 - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\npsitesafety.dll - AVG SiteSafety plugin 148727EBD947CBC168C42A227D56DAB0 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 9B4D431459A9B935FB117F4EDDA236E8 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U25 D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 F045DF7AF127DC4BCC53421850114E15 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In 270EE43CC00609B9937AAF94E1E970D4 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 66640A55AEFF3819C94E0A8D40D7E0AD - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director 1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery 7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 7D28153B7D586330678AD522B71D89CB - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight 3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows® Profilepath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\5dkd64lc.firefox 3F9F8E0F93D6FA7B7552077A3DF171DE - K:\downloads\VideoLAN\VLC\npvlc.dll - VLC Web Plugin AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library Profilepath: C:\DOCUME~1\johnny\APPLIC~1\Mozilla\Firefox\Profiles\fsirrm82.default 3F9F8E0F93D6FA7B7552077A3DF171DE - K:\downloads\VideoLAN\VLC\npvlc.dll - VLC Web Plugin AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ggkfikfcbnpfoicfjammigpnakpogebh - \K:\downloads\FVD Suite\addons\chrome\fvdext.crx\[] hphibigbodkkohoglgfkddblldpfohjl - C:\Program Files\TorrentHandler\TorrentHandler.crx[] kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files\DefaultTab\DefaultTab.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1" "Default_Search_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1" "Search Bar"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.certified-toolbar.com?si=42348&st=bs&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1" "Default_Search_URL"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=" "Search Bar"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=" "Search Page"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1" "Default_Search_URL"="http://www.google.com/" "Search Bar"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=" "Search Page"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1" "Start Default_Page_URL"="http://search.certified-toolbar.com?si=42348&st=home&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1" "Default_Search_URL"="http://www.google.com/" "Search Bar"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=" "Search Page"="http://search.certified-toolbar.com?si=42348&st=chrome&tid=3662&ver=2.8&ts=1368048554578&tguid=42348-3662-1368048554578-C6213B5F65CDD0411B366D72924F57F1&q=" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1214440339-162531612-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\\Documents and Settings\johnny\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\johnny\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\\Documents and Settings\johnny\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Program Files\AVG Nation toolbar" not found "C:\PROGRA~1\AVG Nation toolbar" not found ==== EOF on wo 09/10/2013 at 17:13:35,96 ======================

ik heb een probleempje. als ik mijn website open heb ik op sommige pagina's last van reclame waar ik helemaal niet om gevraagd heb. kan er iemand van jullie mij daar afhelpen aub? hieronder het log bestand van RSIT. Logfile of random's system information tool 1.09 (written by random/random) Run by johnny at 2013-10-08 22:37:06 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 462 GB (97%) free of 477 GB Total RAM: 3053 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:37:11, on 8/10/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2014\avgrsx.exe C:\Program Files\AVG\AVG2014\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVG\AVG2014\avgui.exe C:\Program Files\AVG Nation toolbar\vprot.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\johnny\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2014\avgfws.exe C:\Program Files\AVG\AVG2014\avgidsagent.exe C:\Program Files\AVG\AVG2014\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG2014\avgnsx.exe C:\Program Files\AVG\AVG2014\avgemcx.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\AVG\AVG2014\avgcsrvx.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe K:\downloads\Registry Repair Wizard\RCHelper.exe C:\Documents and Settings\johnny\Mijn documenten\Downloads\RSIT.exe C:\Program Files\trend micro\johnny.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search-Gol R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Nation toolbar\vprot.exe" O4 - HKCU\..\Run: [D98A654CBC3DD4B1587618D1760AD0F8DBCB39FC._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\johnny\Application Data\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - K:\downloads\poker\PokerStarsUpdate.exe (HKCU) O15 - Trusted IP range: http://192.168.1.1 O15 - ESC Trusted IP range: http://192.168.1.1 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356552191484 O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: vToolbarUpdater17.0.12 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- End of file - 8867 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\User_Feed_Synchronization-{F9C4DAAE-187A-43C9-AC20-60F6213B6A8A}.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28" "smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 "{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be "avg@toolbar"=C:\Documents and Settings\All Users\Application Data\AVG Nation toolbar\FireFoxExt\17.0.1.12 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\WINDOWS\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3] "Description"=Office Live Update v1.3 "Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ ffxtlbr@babylon.com C:\Documents and Settings\johnny\Application Data\Mozilla\Firefox\Profiles\0t1a57fy.default\searchplugins\ conduit-search.xml nation-secure-search.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-10-16 322864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-22 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-22 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-10-16 505136] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-09-07 19573352] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-05-31 152392] "AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-09-15 4851760] "vProt"=C:\Program Files\AVG Nation toolbar\vprot.exe [2013-10-07 2403144] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "D98A654CBC3DD4B1587618D1760AD0F8DBCB39FC._service_run"=C:\Program Files\Google\Chrome\Application\chrome.exe [2013-10-03 844752] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe [2012-02-21 31768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Repair Wizard Scheduler] K:\downloads\Registry Repair Wizard\RCHelper.exe [2012-03-06 1540480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-10-16 214360] C:\Documents and Settings\johnny\Menu Start\Programma's\Opstarten Dropbox.lnk - C:\Documents and Settings\johnny\Application Data\Dropbox\bin\Dropbox.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\devolo\informer\devinf.exe"="C:\Program Files\devolo\informer\devinf.exe:*:Enabled:devolo Informer" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "K:\downloads\JDownloader\jre\bin\javaw.exe"="K:\downloads\JDownloader\jre\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java Platform SE binary" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Documents and Settings\johnny\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\johnny\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox" "C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player" "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Documents and Settings\johnny\Application Data\BitTorrent\BitTorrent.exe"="C:\Documents and Settings\johnny\Application Data\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield" "C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014" "C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Installer voor AVG" "C:\Program Files\AVG\AVG2014\avgemcx.exe"="C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Persoonlijke e-mailscanner" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\Simple Port Forwarding\spf.exe"="C:\Program Files\Simple Port Forwarding\spf.exe:*:Enabled:Simple Port Forwarding By PcWinTech.com" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "vidc.xvid"=xvidvfw.dll "vidc.lags"=lagarith.dll "msacm.ac3filter"=ac3filter.acm "msacm.siren"=sirenacm.dll "VIDC.FPS1"=frapsvid.dll ======List of files/folders created in the last 1 month====== 2013-10-08 22:32:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2013-10-08 22:21:41 ----D---- C:\rsit 2013-10-08 21:31:34 ----SHD---- C:\RECYCLER 2013-10-08 21:29:20 ----A---- C:\ComboFix.txt 2013-10-08 21:18:39 ----A---- C:\WINDOWS\zip.exe 2013-10-08 21:18:39 ----A---- C:\WINDOWS\SWXCACLS.exe 2013-10-08 21:18:39 ----A---- C:\WINDOWS\SWSC.exe 2013-10-08 21:18:39 ----A---- C:\WINDOWS\SWREG.exe 2013-10-08 21:18:39 ----A---- C:\WINDOWS\sed.exe 2013-10-08 21:18:39 ----A---- C:\WINDOWS\PEV.exe 2013-10-08 21:18:39 ----A---- C:\WINDOWS\MBR.exe 2013-10-08 21:18:39 ----A---- C:\WINDOWS\grep.exe 2013-10-08 21:17:50 ----D---- C:\Qoobox 2013-10-08 21:04:42 ----D---- C:\Documents and Settings\johnny\Application Data\Systweak 2013-10-08 20:41:46 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2013-10-08 20:41:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2013-10-08 20:41:40 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2013-10-08 20:22:31 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys 2013-10-08 19:43:12 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe 2013-10-06 20:52:19 ----D---- C:\Documents and Settings\johnny\Application Data\mojosoft 2013-10-06 20:18:09 ----D---- C:\Documents and Settings\johnny\Application Data\AVG2014 2013-10-06 20:17:25 ----D---- C:\Documents and Settings\johnny\Application Data\TuneUp Software 2013-10-06 20:17:17 ----D---- C:\Documents and Settings\johnny\Application Data\AVG Nation toolbar 2013-10-06 20:17:13 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys 2013-10-06 20:17:09 ----D---- C:\Program Files\Common Files\AVG Secure Search 2013-10-06 20:17:09 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Nation toolbar 2013-10-06 20:17:08 ----D---- C:\Program Files\AVG Nation toolbar 2013-10-06 20:16:09 ----D---- C:\Documents and Settings\All Users\Application Data\AVG2014 2013-10-06 20:16:09 ----D---- C:\$AVG 2013-10-06 20:15:53 ----D---- C:\Program Files\AVG 2013-10-06 20:12:00 ----D---- C:\Documents and Settings\All Users\Application Data\Registry Helper 2013-10-06 20:09:19 ----HD---- C:\Documents and Settings\All Users\Application Data\Common Files 2013-10-06 20:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\MFAData 2013-09-26 17:44:19 ----D---- C:\Documents and Settings\johnny\Application Data\OmegaT 2013-09-18 21:11:42 ----D---- C:\Program Files\Mozilla Firefox 2013-09-16 17:07:51 ----D---- C:\Program Files\Mozilla Maintenance Service 2013-09-16 17:03:24 ----A---- C:\WINDOWS\nsreg.dat 2013-09-16 17:03:23 ----D---- C:\Documents and Settings\johnny\Application Data\DefaultTab 2013-09-13 00:34:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$ 2013-09-13 00:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$ 2013-09-13 00:34:47 ----A---- C:\WINDOWS\imsins.BAK 2013-09-13 00:34:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$ 2013-09-10 22:11:44 ----A---- C:\WINDOWS\system32\drivers\avgidsshimx.sys ======List of files/folders modified in the last 1 month====== 2013-10-08 22:37:09 ----D---- C:\WINDOWS\Temp 2013-10-08 22:37:09 ----D---- C:\Program Files\Trend Micro 2013-10-08 22:30:41 ----RD---- C:\Program Files 2013-10-08 22:26:49 ----D---- C:\Documents and Settings\johnny\Application Data\HPAppData 2013-10-08 22:22:05 ----SHD---- C:\WINDOWS\Installer 2013-10-08 22:17:26 ----D---- C:\WINDOWS\system32\CatRoot2 2013-10-08 21:54:10 ----D---- C:\WINDOWS\system32 2013-10-08 21:37:02 ----D---- C:\Documents and Settings\johnny\Application Data\Dropbox 2013-10-08 21:31:51 ----A---- C:\WINDOWS\SchedLgU.Txt 2013-10-08 21:29:38 ----D---- C:\WINDOWS 2013-10-08 21:29:28 ----D---- C:\WINDOWS\system32\drivers 2013-10-08 21:28:46 ----SD---- C:\WINDOWS\Tasks 2013-10-08 21:26:03 ----A---- C:\WINDOWS\system.ini 2013-10-08 21:25:51 ----SHD---- C:\System Volume Information 2013-10-08 21:25:51 ----D---- C:\WINDOWS\system32\Restore 2013-10-08 21:25:39 ----D---- C:\WINDOWS\system32\drivers\etc 2013-10-08 21:23:45 ----D---- C:\WINDOWS\system32\config 2013-10-08 21:23:35 ----D---- C:\WINDOWS\erdnt 2013-10-08 21:21:18 ----D---- C:\WINDOWS\AppPatch 2013-10-08 21:21:17 ----D---- C:\Program Files\Common Files 2013-10-08 21:17:55 ----D---- C:\WINDOWS\Prefetch 2013-10-08 21:09:15 ----D---- C:\Documents and Settings\johnny\Application Data\BitTorrent 2013-10-08 19:43:14 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2013-10-06 20:49:26 ----D---- C:\Documents and Settings\johnny\Application Data\vlc 2013-10-06 20:18:01 ----D---- C:\Config.Msi 2013-10-06 20:16:40 ----HD---- C:\WINDOWS\inf 2013-10-06 20:11:57 ----RSHDC---- C:\WINDOWS\system32\dllcache 2013-10-06 20:01:44 ----D---- C:\Documents and Settings\All Users\Application Data\Norton 2013-09-26 17:59:11 ----D---- C:\Documents and Settings\johnny\Application Data\PhotoScape 2013-09-26 00:56:29 ----D---- C:\Documents and Settings\All Users\Application Data\BigFishGamesCache 2013-09-16 17:04:52 ----D---- C:\Documents and Settings\johnny\Application Data\Mozilla 2013-09-15 23:20:32 ----D---- C:\Program Files\Garmin 2013-09-15 23:20:15 ----DC---- C:\WINDOWS\system32\DRVSTORE 2013-09-15 22:30:01 ----D---- C:\Program Files\BitTorrent 2013-09-15 16:33:31 ----D---- C:\Documents and Settings\johnny\Application Data\Vso 2013-09-13 00:36:03 ----D---- C:\Program Files\Internet Explorer 2013-09-13 00:33:58 ----A---- C:\WINDOWS\win.ini 2013-09-13 00:33:06 ----D---- C:\WINDOWS\system32\MRT 2013-09-13 00:31:41 ----D---- C:\WINDOWS\Debug 2013-09-13 00:31:36 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2013-09-02 145720] R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2013-09-02 223032] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448] R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2013-08-01 120120] R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208] R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840] R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2013-09-02 176952] R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2013-08-01 193848] R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys [] R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2010-04-28 54760] R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2012-09-15 15781] R2 NPF_devolo;NetGroup Packet Filter Driver (devolo); C:\WINDOWS\system32\drivers\npf_devolo.sys [2009-07-13 35840] R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2010-03-26 243928] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-07-09 49920] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-07-09 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-07-09 21568] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-09-07 6141544] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [] R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288] R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032] R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] R3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104] R3 usbstor;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S3 ACSSCR;ACR38 Smart Card Reader; C:\WINDOWS\system32\DRIVERS\a38usb.sys [2012-09-20 33536] S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2013-04-03 32064] S3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS [] S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944] S3 BthEnum;Stuurprogramma voor Bluetooth-aanvraagblok; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024] S3 BthPan;Bluetooth-apparaat (PAN - Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120] S3 BTHPORT;Poortstuurprogramma voor Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272640] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio's; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [] S3 cpuz134;cpuz134; \??\C:\DOCUME~1\johnny\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [] S3 cpuz135;cpuz135; \??\K:\pc spellen\Nieuwe map\PC Wizard 2012\pcwiz_x32.sys [] S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [] S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [] S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [] S3 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys [] S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800] S3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2013-02-12 47360] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136] S3 RT2500USB;ASUS USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-08-13 140544] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2013-04-03 136904] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2013-04-03 17864] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2013-04-03 153672] S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2014\avgfws.exe [2013-09-22 1358944] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-09-03 3538480] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-22 301152] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-06-22 182184] R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [2013-10-06 1733448] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 553288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-04 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;De service Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-04 116648] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-18 118680] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-16 755880] S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- alvast dank johnny

Dat zal ik zeker doen

Ja ik ook wel, toch bedankt voor het meedenken

Dit heb ik net geprobeerd maar deze komt dan meteen zeggen dat ik een disk moet inbrengen. De disk zat er dus voor alle duidelijkheid wel in.

Het gaat om een desktop, en ik vrees dat het wegbrengen mijn enigste keuze zal zijn.

Deze cd wil hij ook niet starten, en werpt die er ook steeds uit.

Ik ga de lensreiniger eens proberen, als ik die hier nog ergens heb liggen.

Ik heb het eens geprobeerd in veilige modus en dan komt die zeggen: Plaats een schijf of een ander geschikt medium in CD station E. ik heb er al een paar verschillende cd's en dvd's ingestoken maar niets werkt!

Dat veranderd niets aan het probleem, hij blijft altijd maar hetzelfde doen.

De snelkoppeling die gebruikt wordt is om een spelletje (sims)op te starten, de dochters spelen dat graag. Maar hij doet het met alles wat we willen bekijken via DVD.

Ik heb gedaan wat je vroeg om te doen maar helaas dit heeft niet gewerkt. Hij is opnieuw geínstalleerd maar het probleem blijft hetzelfde. Schuifje blijft opengaan als ik de DVD wil opstarten via deze computer, en als ik het wil opstarten via de snelkoppeling op het bureaublad dan geeft die aan dat ik er een DVD (disk) moet insteken.

hallo, ik heb het volgende probleem. Als ik een DVD in mijn computer steek en die vervolgens wil opstarten, dan werpt die de DVD er altijd uit ( schuifje gaat dan altijd open ). Wat kan het probleem zijn, en wat kan ik hieraan doen om het op te lossen? Alvast dank johnny

helaas maar ik zie daar niets van conduit tussen staan - - - Updated - - - is firefox verwijderen en opnieuw installeren een optie?